From 7421852f0eec3cc4c78d9624a243d98ba0e14ee4 Mon Sep 17 00:00:00 2001 From: Christoph Date: Mon, 14 Jun 2021 11:13:38 +0200 Subject: [PATCH] Add script 'create-postfix-pcre-chek-files.sh'. --- create-postfix-pcre-chek-files.sh | 188 ++++++++++++++++++++++++++++++ 1 file changed, 188 insertions(+) create mode 100755 create-postfix-pcre-chek-files.sh diff --git a/create-postfix-pcre-chek-files.sh b/create-postfix-pcre-chek-files.sh new file mode 100755 index 0000000..0969c72 --- /dev/null +++ b/create-postfix-pcre-chek-files.sh @@ -0,0 +1,188 @@ +#!/usr/bin/env bash + +# ------------- +# --- Some functions +# ------------- +clean_up() { + + # Perform program exit housekeeping + rm -f $tmp_err_msg + exit $1 +} + +echononl(){ + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n "$*\\c" 1>&2 + else + echo -e -n "$*" 1>&2 + fi + rm /tmp/shprompt$$ +} + +fatal(){ + echo "" + echo -e "fatal error: $*" + echo "" + echo -e "\t\033[31m\033[1mInstalllation will be interrupted\033[m\033[m" + echo "" + clean_up 1 +} + +error(){ + echo "" + echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*" + echo "" +} + +warn (){ + echo "" + echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*" + echo "" +} + +info (){ + echo "" + echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*" + echo "" +} + +echo_done() { + echo -e "\033[80G[ \033[32mdone\033[m ]" +} +echo_ok() { + echo -e "\033[80G[ \033[32mok\033[m ]" +} +echo_warning() { + echo -e "\033[80G[ \033[33m\033[1mwarn\033[m ]" +} +echo_failed(){ + echo -e "\033[80G[ \033[1;31mfailed\033[m ]" +} +echo_skipped() { + echo -e "\033[80G[ \033[33m\033[1mskipped\033[m ]" +} +detect_os_1 () { + + if $(which lsb_release > /dev/null 2>&1) ; then + + os_dist="$(lsb_release -i | awk '{print tolower($3)}')" + os_version="$(lsb_release -r | awk '{print tolower($2)}')" + os_codename="$(lsb_release -c | awk '{print tolower($2)}')" + + if [[ "$os_dist" = "debian" ]]; then + if $(echo "$os_version" | grep -q '\.') ; then + os_version=$(echo "$os_version" | cut --delimiter='.' -f1) + fi + fi + + elif [[ -e "/etc/os-release" ]]; then + + . /etc/os-release + + os_dist=$ID + os_version=${VERSION_ID} + + fi + + # remove whitespace from os_dist and os_version + os_dist="${os_dist// /}" + os_version="${os_version// /}" + +} + + + +_file="/etc/postfix/header_checks.pcre" +echononl " Create file '$_file' used for header replacing" +if [[ ! -f "$_file" ]]; then + cat << EOF > "$_file" +# --- +# - Replace headers +# --- + +# - Replace recieved from +#/^Received: from (.* \\([-._[:alnum:]]+ \\[[.[:digit:]]{7,15}\\]\\)).*?([[:space:]]+).*\\(Authenticated sender: ([^)]+)\\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])\$2(Authenticated sender: \$3)\$4 + +# --- +# - Ignore Headers +# --- + +#/^\s*User-Agent/ IGNORE +#/^\s*X-Enigmail/ IGNORE +#/^\s*X-Mailer/ IGNORE +#/^\s*X-Originating-IP/ IGNORE + +/^To:.*<>/ DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel T0-1001 +/^From:.*<>/ DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel FROM-1002 +/\(envelope-from <>\)/ REJECT Possible SPAM - Header-Spamschutzregel RECIEV-1003 + +/^Reply-To: .+\@inx1and1\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1004 +/^Reply-To: .+\@ppe-healthcare-europe\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1005 +/^Reply-To: .+\@testbedarf.shop/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1006 +/^Reply-To: .+\@acieu\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1007 +/^Reply-To: .+\@acievents\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1008 +/^Reply-To: .+\@dokpotenz\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1009 +/^Reply-To: .+\@sendelope.eu/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1010 +/^Reply-To: .+\@team-de-luxe\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1011 +/^Reply-To: .+\@doktorapo\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1012 + +/^Date: .* 19[0-9][0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1005 +/^Date: .* 200[0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1006 +/^Date: .* 201[0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1007 +/^Date: .* 2020/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1008 +EOF + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + fi +else + echo_skipped +fi + + +_file="/etc/postfix/mime_header_check.pcre" +echononl " Create file '$_file' used for header replacing" +if [[ ! -f "$_file" ]]; then + cat << EOF > "$_file" +# --- +# - Check MIME-Headers +# --- + +/name=[^>]*\.exe/ REJECT No .exe files allowed - Mime--Spamschutzregel EXE-1001 +/name=[^>]*\.bat/ REJECT No .bat files allowed - Mime--Spamschutzregel BAT-1002 +/name=[^>](screensaver|movie)\.zip/ REJECT Sobig Virus found - Mime-Spamschutzregel VIR-1003 +EOF + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + fi +else + echo_skipped +fi + + +_file="/etc/postfix/body_check.pcre" +echononl " Create file '$_file' used for header replacing" +if [[ ! -f "$_file" ]]; then + cat << EOF > "$_file" +# --- +# - Body Checks +# --- + +/See the attached file for details/ REJECT Sobig Virus found. - Body-Spamschutzregel TEXT-1001 + +/.*https?:\/\/click2eat.shop\/Installer\/updatedwebmails/ REJECT Maype fishing E-Mail credentials - Body-Spamschutzregel TEXT-1002 +EOF + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + fi +else + echo_skipped +fi + +clean_up 0