Change some settings, if Server is a listserver.
This commit is contained in:
@@ -726,8 +726,11 @@ fi
|
||||
|
||||
if grep -q -E "^\s*#?\s*non_smtpd_milters\s*=" ${main_cf_file} ; then
|
||||
|
||||
# In case of sympa, DKIM signatures will be added by sympa list manager
|
||||
if ! which sympa ; then
|
||||
ensure_dkim_var "non_smtpd_milters" > "${tmp_main_cf_file}"
|
||||
cp "${tmp_main_cf_file}" "${main_cf_file}"
|
||||
fi
|
||||
|
||||
else
|
||||
|
||||
|
||||
@@ -26,8 +26,15 @@ opendmarc_socket_file="${opendmarc_socket_dir}/opendmarc.sock"
|
||||
config_file_name_value_parameters="
|
||||
AuthservID|HOSTNAME
|
||||
TrustedAuthservIDs|HOSTNAME
|
||||
PidFile|/run/opendmarc/opendmarc.pid
|
||||
RejectFailures|true
|
||||
PidFile|/run/opendmarc/opendmarc.pid"
|
||||
if which sympa ; then
|
||||
config_file_name_value_parameters="$config_file_name_value_parameters
|
||||
RejectFailures|false"
|
||||
else
|
||||
config_file_name_value_parameters="$config_file_name_value_parameters
|
||||
RejectFailures|true"
|
||||
fi
|
||||
config_file_name_value_parameters="$config_file_name_value_parameters
|
||||
Syslog|true
|
||||
SyslogFacility|mail
|
||||
IgnoreHosts|${opendmarc_base_dir}/ignore.hosts
|
||||
|
||||
@@ -1071,7 +1071,17 @@ debugLevel = 1
|
||||
# HELO_reject = Null - Only reject HELO Fail for Null sender (SPF Classic)
|
||||
# HELO_reject = False - Never reject/defer on HELO, append header only.
|
||||
# HELO_reject = No_Check - Never check HELO.
|
||||
EOF
|
||||
if ${IS_SYMPA_LIST_SERVER} ; then
|
||||
cat <<EOF >> "${_file}"
|
||||
HELO_reject = False
|
||||
EOF
|
||||
else
|
||||
cat <<EOF >> "${_file}"
|
||||
HELO_reject = SPF_Not_Pass
|
||||
EOF
|
||||
|
||||
cat <<EOF >> "${_file}"
|
||||
|
||||
# Mail From rejection policy. Options are:
|
||||
# Mail_From_reject = SPF_Not_Pass - Reject if result not Pass/None/Tempfail.
|
||||
@@ -1084,7 +1094,18 @@ HELO_reject = SPF_Not_Pass
|
||||
# MAIL FROM-Adresse reagiert. Ein Fehler tritt auf, wenn die IP-Adresse des sendenden
|
||||
# Servers nicht den SPF-Einträgen der Domain in der MAIL FROM-Adresse entspricht.
|
||||
#
|
||||
EOF
|
||||
if ${IS_SYMPA_LIST_SERVER} ; then
|
||||
cat <<EOF >> "${_file}"
|
||||
Mail_From_reject = False
|
||||
EOF
|
||||
else
|
||||
cat <<EOF >> "${_file}"
|
||||
Mail_From_reject = Fail
|
||||
EOF
|
||||
fi
|
||||
|
||||
cat <<EOF >> "${_file}"
|
||||
|
||||
# Policy for rejecting due to SPF PermError. Options are:
|
||||
# PermError_reject = True
|
||||
@@ -1096,7 +1117,18 @@ Mail_From_reject = Fail
|
||||
#
|
||||
# Wenn PermError_reject auf True gesetzt ist, wird die E-Mail abgewiesen (rejected),
|
||||
#
|
||||
EOF
|
||||
if ${IS_SYMPA_LIST_SERVER} ; then
|
||||
cat <<EOF >> "${_file}"
|
||||
PermError_reject = False
|
||||
EOF
|
||||
else
|
||||
cat <<EOF >> "${_file}"
|
||||
PermError_reject = True
|
||||
EOF
|
||||
fi
|
||||
|
||||
cat <<EOF >> "${_file}"
|
||||
|
||||
# Policy for deferring messages due to SPF TempError. Options are:
|
||||
# TempError_Defer = True
|
||||
@@ -1109,7 +1141,7 @@ PermError_reject = True
|
||||
# Wenn TempError_Defer auf True gesetzt ist, wird die E-Mail vorübergehend zurückgewiesen
|
||||
# (deferred), und der empfangende Server versucht später erneut, die E-Mail zuzustelle
|
||||
#
|
||||
TempError_Defer = Defer
|
||||
TempError_Defer = True
|
||||
|
||||
# Type of header to insert to document SPF result. Can be Received-SPF (SPF)
|
||||
# or Authentication Results (AR). It cannot be both.
|
||||
@@ -2876,6 +2908,16 @@ smtpd_recipient_restrictions =
|
||||
# \$relay_recipient_maps, and \$relay_recipient_maps is not null.
|
||||
#
|
||||
reject_unlisted_recipient,
|
||||
EOF
|
||||
|
||||
if [[ -n "$(which policyd-spf)" ]] ; then
|
||||
cat <<EOF >> /etc/postfix/main.cf
|
||||
# Check Postfix policy service ..
|
||||
#
|
||||
check_policy_service unix:private/policy-spf
|
||||
EOF
|
||||
fi
|
||||
cat <<EOF >> /etc/postfix/main.cf
|
||||
# reject_unauth_destination
|
||||
#
|
||||
# Reject the request unless one of the following is true:
|
||||
@@ -2898,17 +2940,7 @@ smtpd_recipient_restrictions =
|
||||
# managed by the verify(8) server; see http://www.postfix.org/ADDRESS_VERIFICATION_README.html
|
||||
# for more details
|
||||
reject_unverified_recipient,
|
||||
EOF
|
||||
|
||||
if [[ -n "$(which policyd-spf)" ]] ; then
|
||||
cat <<EOF >> /etc/postfix/main.cf
|
||||
# Check Postfix policy service ..
|
||||
#
|
||||
check_policy_service unix:private/policy-spf
|
||||
EOF
|
||||
fi
|
||||
|
||||
cat <<EOF >> /etc/postfix/main.cf
|
||||
# Policyd-Weight
|
||||
#check_policy_service inet:127.0.0.1:12525,
|
||||
# ---------------------------------------------------------------------------------
|
||||
@@ -2999,6 +3031,16 @@ else
|
||||
EOF
|
||||
fi
|
||||
|
||||
if ${IS_SYMPA_LIST_SERVER} ; then
|
||||
|
||||
cat <<EOF >> /etc/postfix/main.cf
|
||||
|
||||
# Default: alles was nicht explizit überschrieben wird (pickup/local/sympa/cron/...)
|
||||
content_filter = amavisfeed:[127.0.0.1]:10029
|
||||
|
||||
EOF
|
||||
fi
|
||||
|
||||
if [[ -n "$(which opendkim)" ]] || [[ -n "$(which opendmarc)" ]] ; then
|
||||
cat <<EOF >> /etc/postfix/main.cf
|
||||
|
||||
@@ -3068,7 +3110,13 @@ EOF
|
||||
#
|
||||
EOF
|
||||
|
||||
if [[ -n "$(which opendkim)" ]] ; then
|
||||
if ${IS_SYMPA_LIST_SERVER} ; then
|
||||
|
||||
cat <<EOF >> /etc/postfix/main.cf
|
||||
# DKIM signing takes place in the Sympa list manager.
|
||||
non_smtpd_milters =
|
||||
EOF
|
||||
elif [[ -n "$(which opendkim)" ]] ; then
|
||||
cat <<EOF >> /etc/postfix/main.cf
|
||||
non_smtpd_milters = local:/opendkim/opendkim.sock
|
||||
EOF
|
||||
|
||||
Reference in New Issue
Block a user