From 7b9a6f52ca9e47854faa4ff313ee7a0571659e9c Mon Sep 17 00:00:00 2001 From: Christoph Date: Mon, 16 Feb 2026 14:38:21 +0100 Subject: [PATCH 1/5] install_postfix_advanced.sh: add support for parameter 'smtpd_tls_eccert_file'. --- install_postfix_advanced.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/install_postfix_advanced.sh b/install_postfix_advanced.sh index 832970c..37d1cd0 100755 --- a/install_postfix_advanced.sh +++ b/install_postfix_advanced.sh @@ -2146,9 +2146,24 @@ smtp_tls_security_level=dane smtpd_tls_loglevel = 1 smtp_tls_loglevel = 1 + +# TLS RSA keys path smtpd_tls_cert_file = $_TLS_CERT_FILE smtpd_tls_key_file = $_TLS_KEY_FILE +EOF + +if [[ -f "/etc/postfix/ssl/mailserver-ecdsa.crt" && + -f "/etc/postfix/ssl/mailserver-ecdsa.key" ]] ; then + cat <> /etc/postfix/main.cf +# TLS ECDSA keys path +smtpd_tls_eccert_file = /etc/postfix/ssl/mailserver-ecdsa.crt +smtpd_tls_eckey_file = /etc/postfix/ssl/mailserver-ecdsa.key + +EOF +fi + +cat <> /etc/postfix/main.cf ## - File with DH parameters that the Postfix SMTP server should use with EDH ciphers. ## - From 32980f67dea8c8cf12dfdb81d7a5b875bddfa3a0 Mon Sep 17 00:00:00 2001 From: Christoph Date: Wed, 18 Feb 2026 01:32:08 +0100 Subject: [PATCH 2/5] install_postfix_advanced.sh: fix handling of additional smtp port. --- install_postfix_advanced.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/install_postfix_advanced.sh b/install_postfix_advanced.sh index 37d1cd0..71316d2 100755 --- a/install_postfix_advanced.sh +++ b/install_postfix_advanced.sh @@ -4147,6 +4147,14 @@ else dmarc_pipe_present=false fi +if ${LISTEN_ON_ADDITIONAL_RELAY_PORT} ; then + if grep -iq -E "^${ADDITIONAL_RELAY_LISTEN_PORT}\s+" $postfix_master_cf > /dev/null 2>&1 ; then + additional_relay_port_present=true + else + additional_relay_port_present=false + fi +fi + _found=false echononl " Create new file \"${postfix_master_cf}\"" if [[ -f "${postfix_master_cf}.$backup_date" ]]; then @@ -4176,9 +4184,11 @@ smtps inet n - y - - smtpd EOF fi elif $LISTEN_ON_ADDITIONAL_RELAY_PORT ; then - cat >> $postfix_master_cf << EOF + if ! ${additional_relay_port_present} ; then + cat >> $postfix_master_cf << EOF ${ADDITIONAL_RELAY_LISTEN_PORT} inet n - y - - smtpd EOF + fi fi continue fi From 0674fb1231f588400ade24dae4b578578e68d2e1 Mon Sep 17 00:00:00 2001 From: Christoph Date: Wed, 18 Feb 2026 01:33:55 +0100 Subject: [PATCH 3/5] install_amavis.sh: fix entering procedure of variable 'SASL_AUTH_ENABLED'. --- install_amavis.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/install_amavis.sh b/install_amavis.sh index 1424fcd..691ddca 100755 --- a/install_amavis.sh +++ b/install_amavis.sh @@ -396,8 +396,13 @@ while [[ "$SASL_AUTH_ENABLED" != "yes" && SASL_AUTH_ENABLED=${SASL_AUTH_ENABLED,,} fi - if [[ "$SASL_AUTH_ENABLED" != "yes" && "$SASL_AUTH_ENABLED" != "no" ]] ; then - _SASL_AUTH_ENABLED="" + [[ -z "${SASL_AUTH_ENABLED}" ]] && SASL_AUTH_ENABLED=${_SASL_AUTH_ENABLED} + + if [[ "$SASL_AUTH_ENABLED" != "yes" && + "$SASL_AUTH_ENABLED" != "true" && + "$SASL_AUTH_ENABLED" != "false" && + "$SASL_AUTH_ENABLED" != "no" ]] ; then + SASL_AUTH_ENABLED="" echo -e "\n\t\033[33m\033[1mWrong entry!\033[m\n Type 'yes' or 'no'" fi From 7c052015203a0ec8ea0373e1b22807c1c33a13af Mon Sep 17 00:00:00 2001 From: Christoph Date: Wed, 18 Feb 2026 01:48:45 +0100 Subject: [PATCH 4/5] install_postfix_advanced.sh: some changes of 'main.cf' in case of relay host only. --- install_postfix_advanced.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install_postfix_advanced.sh b/install_postfix_advanced.sh index 71316d2..0e270b1 100755 --- a/install_postfix_advanced.sh +++ b/install_postfix_advanced.sh @@ -3049,7 +3049,7 @@ else EOF fi -if ${IS_SYMPA_LIST_SERVER} ; then +if ${IS_SYMPA_LIST_SERVER} || ${IS_RELAY_HOST}; then cat <> /etc/postfix/main.cf From afff836253fd21cd28704c3606761ef297773ce6 Mon Sep 17 00:00:00 2001 From: Christoph Date: Wed, 18 Feb 2026 12:38:33 +0100 Subject: [PATCH 5/5] install_postfix_advanced.sh: comment entries '127.0.0.1:10040_time_limit=3600' and 'policyd-spf_time_limit=3600'. --- install_postfix_advanced.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install_postfix_advanced.sh b/install_postfix_advanced.sh index 37d1cd0..dfdc77d 100755 --- a/install_postfix_advanced.sh +++ b/install_postfix_advanced.sh @@ -2731,7 +2731,7 @@ EOF if [[ -n "$(which postfwd)" ]] ; then cat <> /etc/postfix/main.cf -127.0.0.1:10040_time_limit = 3600 +#127.0.0.1:10040_time_limit = 3600 EOF else cat <> /etc/postfix/main.cf @@ -2749,7 +2749,7 @@ if [[ -n "$(which policyd-spf)" ]] ; then # policyd-spf unix - n n - 0 spawn # user=policyd-spf argv=/usr/bin/policyd-spf # -policyd-spf_time_limit = 3600 +#policyd-spf_time_limit = 3600 EOF fi