Add script 'create-postfix-pcre-chek-files.sh'.

2021-06-14 11:13:38 +02:00 · 2021-06-14 11:13:38 +02:00 · 7421852f0e
commit 7421852f0e
parent 4e17844d9c
1 changed files with 188 additions and 0 deletions
--- a/create-postfix-pcre-chek-files.sh
+++ b/create-postfix-pcre-chek-files.sh
@ -0,0 +1,188 @@
+#!/usr/bin/env bash
+
+# -------------
+# --- Some functions
+# -------------
+clean_up() {
+
+   # Perform program exit housekeeping
+   rm -f $tmp_err_msg
+   exit $1
+}
+
+echononl(){
+   echo X\\c > /tmp/shprompt$$
+   if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
+      echo -e -n "$*\\c" 1>&2
+   else
+       echo -e -n "$*" 1>&2
+   fi
+   rm /tmp/shprompt$$
+}
+
+fatal(){
+   echo ""
+   echo -e "fatal error: $*"
+   echo ""
+   echo -e "\t\033[31m\033[1mInstalllation will be interrupted\033[m\033[m"
+   echo ""
+   clean_up 1
+}
+
+error(){
+   echo ""
+   echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*"
+   echo ""
+}
+
+warn (){
+   echo ""
+   echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*"
+   echo ""
+}
+
+info (){
+   echo ""
+   echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*"
+   echo ""
+}
+
+echo_done() {
+   echo -e "\033[80G[ \033[32mdone\033[m ]"
+}
+echo_ok() {
+   echo -e "\033[80G[ \033[32mok\033[m ]"
+}
+echo_warning() {
+   echo -e "\033[80G[ \033[33m\033[1mwarn\033[m ]"
+}
+echo_failed(){
+   echo -e "\033[80G[ \033[1;31mfailed\033[m ]"
+}
+echo_skipped() {
+   echo -e "\033[80G[ \033[33m\033[1mskipped\033[m ]"
+}
+detect_os_1 () {
+
+   if $(which lsb_release > /dev/null 2>&1) ; then
+
+      os_dist="$(lsb_release -i | awk '{print tolower($3)}')"
+      os_version="$(lsb_release -r | awk '{print tolower($2)}')"
+      os_codename="$(lsb_release -c | awk '{print tolower($2)}')"
+
+      if [[ "$os_dist" = "debian" ]]; then
+         if $(echo "$os_version" | grep -q '\.') ; then
+            os_version=$(echo "$os_version" | cut --delimiter='.' -f1)
+         fi
+      fi
+
+   elif [[ -e "/etc/os-release" ]]; then
+
+      . /etc/os-release
+
+      os_dist=$ID
+      os_version=${VERSION_ID}
+
+   fi
+
+   # remove whitespace from os_dist and os_version
+   os_dist="${os_dist// /}"
+   os_version="${os_version// /}"
+
+}
+
+
+
+_file="/etc/postfix/header_checks.pcre"
+echononl "   Create file '$_file' used for header replacing"
+if [[ ! -f "$_file" ]]; then
+   cat << EOF > "$_file"
+# ---
+# - Replace headers
+# ---
+
+# - Replace recieved from
+#/^Received: from (.* \\([-._[:alnum:]]+ \\[[.[:digit:]]{7,15}\\]\\)).*?([[:space:]]+).*\\(Authenticated sender: ([^)]+)\\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])\$2(Authenticated sender: \$3)\$4
+
+# ---
+# - Ignore Headers
+# ---
+
+#/^\s*User-Agent/        IGNORE
+#/^\s*X-Enigmail/        IGNORE
+#/^\s*X-Mailer/          IGNORE
+#/^\s*X-Originating-IP/  IGNORE
+
+/^To:.*<>/                    DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel T0-1001
+/^From:.*<>/                  DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel FROM-1002
+/\(envelope-from <>\)/        REJECT Possible SPAM - Header-Spamschutzregel RECIEV-1003
+
+/^Reply-To: .+\@inx1and1\..+/                REJECT Possible SPAM - Header-Spamschutzregel REPLY-1004
+/^Reply-To: .+\@ppe-healthcare-europe\..+/   REJECT Possible SPAM - Header-Spamschutzregel REPLY-1005
+/^Reply-To: .+\@testbedarf.shop/             REJECT Possible SPAM - Header-Spamschutzregel REPLY-1006
+/^Reply-To: .+\@acieu\..+/                   REJECT Possible SPAM - Header-Spamschutzregel REPLY-1007
+/^Reply-To: .+\@acievents\..+/               REJECT Possible SPAM - Header-Spamschutzregel REPLY-1008
+/^Reply-To: .+\@dokpotenz\..+/               REJECT Possible SPAM - Header-Spamschutzregel REPLY-1009
+/^Reply-To: .+\@sendelope.eu/                REJECT Possible SPAM - Header-Spamschutzregel REPLY-1010
+/^Reply-To: .+\@team-de-luxe\..+/            REJECT Possible SPAM - Header-Spamschutzregel REPLY-1011
+/^Reply-To: .+\@doktorapo\..+/               REJECT Possible SPAM - Header-Spamschutzregel REPLY-1012
+
+/^Date: .* 19[0-9][0-9]/      REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1005
+/^Date: .* 200[0-9]/          REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1006
+/^Date: .* 201[0-9]/          REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1007
+/^Date: .* 2020/              REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1008
+EOF
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+   fi
+else
+   echo_skipped
+fi
+
+
+_file="/etc/postfix/mime_header_check.pcre"
+echononl "   Create file '$_file' used for header replacing"
+if [[ ! -f "$_file" ]]; then
+   cat << EOF > "$_file"
+# ---
+# - Check MIME-Headers
+# ---
+
+/name=[^>]*\.exe/                         REJECT No .exe files allowed  - Mime--Spamschutzregel EXE-1001
+/name=[^>]*\.bat/                         REJECT No .bat files allowed  - Mime--Spamschutzregel BAT-1002
+/name=[^>](screensaver|movie)\.zip/       REJECT Sobig Virus found - Mime-Spamschutzregel VIR-1003
+EOF
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+   fi
+else
+   echo_skipped
+fi
+
+
+_file="/etc/postfix/body_check.pcre"
+echononl "   Create file '$_file' used for header replacing"
+if [[ ! -f "$_file" ]]; then
+   cat << EOF > "$_file"
+# ---
+# - Body Checks
+# ---
+
+/See the attached file for details/       REJECT Sobig Virus found. - Body-Spamschutzregel TEXT-1001
+
+/.*https?:\/\/click2eat.shop\/Installer\/updatedwebmails/   REJECT Maype fishing E-Mail credentials - Body-Spamschutzregel TEXT-1002
+EOF
+   if [[ $? -eq 0 ]] ; then
+      echo_ok
+   else
+      echo_failed
+   fi
+else
+   echo_skipped
+fi
+
+clean_up 0