install_opendmarc.sh: fix errors in adjustin main.cf file.
This commit is contained in:
@@ -52,8 +52,15 @@ done
|
||||
postfix_needs_restart=false
|
||||
opendmarc_needs_restart=false
|
||||
|
||||
backup_date="$(date +%Y-%m-%d-%H%M)"
|
||||
log_file="$(mktemp)"
|
||||
tmp_main_cf_file="$(mktemp)"
|
||||
|
||||
main_cf_file="/etc/postfix/main.cf"
|
||||
|
||||
backup_date="$(date +%Y-%m-%d-%H%M)"
|
||||
|
||||
opendkim_socket_string="local:/opendkim/opendkim.sock"
|
||||
opendmarc_socket_string="local:/opendmarc/opendmarc.sock"
|
||||
|
||||
# -------------
|
||||
# --- Some functions
|
||||
@@ -111,6 +118,116 @@ echo_skipped() {
|
||||
echo -e "\033[80G[ \033[37mskipped\033[m ]"
|
||||
}
|
||||
|
||||
# iFubction stellt sicher, dass OpenDMARC milter in main.cf gesetzt ist
|
||||
# und (falls OpenDKIM vorhanden ist) OpenDMARC direkt nach OpenDKIM folgt.
|
||||
#
|
||||
# Ziel:
|
||||
# - smtpd_milters und non_smtpd_milters enthalten: local:/opendmarc/opendmarc.sock
|
||||
# - Falls local:/opendkim/opendkim.sock vorhanden ist:
|
||||
# ...opendkim...,local:/opendmarc/opendmarc.sock,...
|
||||
#
|
||||
# Logik:
|
||||
# 1) Aktive Zeile existiert? → anpassen
|
||||
# 2) Sonst kommentierte Zeile existiert? → ersetzen (entkommentieren) an derselben Stelle
|
||||
# 3) Sonst am Ende hinzufügen
|
||||
ensure_dmarc_var() {
|
||||
local var="$1"
|
||||
|
||||
awk -v var="$var" -v dmarc="$opendmarc_socket_string" -v dkim="$opendkim_socket_string" '
|
||||
function trim(s) {
|
||||
sub("^[[:space:]]+", "", s)
|
||||
sub("[[:space:]]+$", "", s)
|
||||
return s
|
||||
}
|
||||
|
||||
# Normalisiert aktive Werte:
|
||||
# - Entfernt vorhandenes dmarc (um Duplikate zu verhindern)
|
||||
# - Fügt dmarc wieder ein:
|
||||
# - direkt nach dkim, falls dkim vorhanden
|
||||
# - sonst ans Ende (oder allein, wenn leer)
|
||||
function normalize_active_value(v, n,i,t,has_dkim,out,newn) {
|
||||
v = trim(v)
|
||||
if (v == "") return dmarc
|
||||
|
||||
# split an Komma, trimmen, DMARC entfernen
|
||||
n = split(v, a, ",")
|
||||
has_dkim = 0
|
||||
newn = 0
|
||||
|
||||
for (i=1; i<=n; i++) {
|
||||
t = trim(a[i])
|
||||
if (t == "") continue
|
||||
if (t == dmarc) continue # Duplikate vermeiden
|
||||
a[++newn] = t
|
||||
if (t == dkim) has_dkim = 1
|
||||
}
|
||||
n = newn
|
||||
|
||||
out = ""
|
||||
|
||||
if (has_dkim) {
|
||||
# Ausgabe bauen und DMARC direkt nach DKIM einfügen
|
||||
for (i=1; i<=n; i++) {
|
||||
if (out != "") out = out ","
|
||||
out = out a[i]
|
||||
if (a[i] == dkim) {
|
||||
out = out "," dmarc
|
||||
}
|
||||
}
|
||||
return out
|
||||
}
|
||||
|
||||
# kein DKIM: DMARC ans Ende anhängen
|
||||
for (i=1; i<=n; i++) {
|
||||
if (out != "") out = out ","
|
||||
out = out a[i]
|
||||
}
|
||||
if (out == "") return dmarc
|
||||
return out "," dmarc
|
||||
}
|
||||
|
||||
BEGIN { found_active=0; replaced_commented=0 }
|
||||
|
||||
#################################################################
|
||||
# FALL 1: Aktive Zeile (nicht auskommentiert): var =
|
||||
#################################################################
|
||||
$0 ~ "^[[:space:]]*"var"[[:space:]]*=" && $0 !~ "^[[:space:]]*#" {
|
||||
found_active=1
|
||||
|
||||
v=$0
|
||||
sub("^[[:space:]]*"var"[[:space:]]*=[[:space:]]*", "", v)
|
||||
|
||||
print var" = " normalize_active_value(v)
|
||||
next
|
||||
}
|
||||
|
||||
#################################################################
|
||||
# FALL 2: Auskommentierte Zeile: # var =
|
||||
# Sonderregel: ersetzen mit NUR DMARC, unabhängig vom Kommentarinhalt
|
||||
#################################################################
|
||||
$0 ~ "^[[:space:]]*#[[:space:]]*"var"[[:space:]]*=" \
|
||||
&& found_active==0 && replaced_commented==0 {
|
||||
replaced_commented=1
|
||||
print var" = " dmarc
|
||||
next
|
||||
}
|
||||
|
||||
#################################################################
|
||||
# Sonst: Zeile unverändert ausgeben
|
||||
#################################################################
|
||||
{ print }
|
||||
|
||||
#################################################################
|
||||
# FALL 3: Variable nicht vorhanden → am Ende hinzufügen
|
||||
#################################################################
|
||||
END {
|
||||
if (found_active==0 && replaced_commented==0) {
|
||||
print var" = " dmarc
|
||||
}
|
||||
}
|
||||
' "$main_cf_file"
|
||||
}
|
||||
|
||||
|
||||
# -------------
|
||||
# - Some pre-installation tasks
|
||||
@@ -823,24 +940,20 @@ else
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
|
||||
echononl " Activate processing of e-mail through the OpenDKIM daemon.."
|
||||
if grep -q -E "milter_default_action\s*=\s*accept" /etc/postfix/main.cf ; then
|
||||
echo_skipped
|
||||
info "Postfix (main.cf) was not changed - seems already be configured right."
|
||||
echononl " Delete previosly saved Postfix configuration.."
|
||||
rm /etc/postfix/main.cf.$backup_date 2> $log_file
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
echononl " Activate processing of e-mail through the OpenDMARC daemon.."
|
||||
if grep -q -E "^\s*#?\s*smtpd_milters\s*=" ${main_cf_file} ; then
|
||||
|
||||
ensure_dmarc_var "smtpd_milters" > "${tmp_main_cf_file}"
|
||||
cp "${tmp_main_cf_file}" "${main_cf_file}"
|
||||
|
||||
else
|
||||
|
||||
cat <<EOF >> /etc/postfix/main.cf 2> $log_file
|
||||
|
||||
|
||||
# ======= Milter configuration =======
|
||||
|
||||
# OpenDKIM, OpenDMARC
|
||||
# OpenDKIM
|
||||
|
||||
milter_default_action = accept
|
||||
|
||||
@@ -856,7 +969,20 @@ milter_protocol = 6
|
||||
# 'smtpd_milters = local:/opendkim/opendkim.sock' here and add to
|
||||
# localhost:10025 section in master.cf: 'smtpd_milters='
|
||||
#
|
||||
smtpd_milters = local:/opendkim/opendkim.sock, local:/opendmarc/opendmarc.sock
|
||||
smtpd_milters = $opendmarc_socket_string
|
||||
EOF
|
||||
|
||||
fi
|
||||
|
||||
|
||||
if grep -q -E "^\s*#?\s*non_smtpd_milters\s*=" ${main_cf_file} ; then
|
||||
|
||||
ensure_dmarc_var "non_smtpd_milters" > "${tmp_main_cf_file}"
|
||||
cp "${tmp_main_cf_file}" "${main_cf_file}"
|
||||
|
||||
else
|
||||
|
||||
cat <<EOF >> /etc/postfix/main.cf 2> $log_file
|
||||
|
||||
# Was sind non_smtpd_milters?
|
||||
#
|
||||
@@ -886,8 +1012,9 @@ smtpd_milters = local:/opendkim/opendkim.sock, local:/opendmarc/opendmarc.sock
|
||||
#
|
||||
#
|
||||
# DKIM soll auch die ausgehenden Mails signieren, die nicht über smtpd daemon versendet werden.
|
||||
non_smtpd_milters = local:/opendkim/opendkim.sock, local:/opendmarc/opendmarc.sock
|
||||
non_smtpd_milters = $opendmarc_socket_string
|
||||
EOF
|
||||
fi
|
||||
postfix_needs_restart=true
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
@@ -895,7 +1022,6 @@ EOF
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
echo ""
|
||||
|
||||
Reference in New Issue
Block a user