install_opendmarc.sh: adjust configuration file.
This commit is contained in:
parent
99b1205d1b
commit
894ff4eced
@ -23,7 +23,7 @@ opendmarc_socket_dir="${postfix_spool_dir}/opendmarc"
|
||||
opendmarc_socket_file="${opendmarc_socket_dir}/opendmarc.sock"
|
||||
|
||||
config_file_name_value_parameters="
|
||||
AuthservID|OpenDMARC
|
||||
AuthservID|DMARC check $(hostname -f)
|
||||
PidFile|/run/opendmarc/opendmarc.pid
|
||||
RejectFailures|true
|
||||
Syslog|true
|
||||
@ -36,6 +36,7 @@ config_file_name_value_parameters="
|
||||
FailureReports|false
|
||||
AutoRestart|true
|
||||
HistoryFile|/run/opendmarc/opendmarc.dat
|
||||
SPFIgnoreResults|false
|
||||
SPFSelfValidate|true
|
||||
Socket|${opendmarc_socket_file}
|
||||
"
|
||||
@ -182,6 +183,200 @@ else
|
||||
fi
|
||||
|
||||
|
||||
# - Add 'IgnoreHosts' with default value to the original opendmarc.conf file
|
||||
#
|
||||
echononl " Add 'IgnoreHosts' with default value to the opendmarc.conf file.."
|
||||
if ! $(grep -q -E "^IgnoreHosts\s+" ${opendmarc_conf_file} 2> /dev/null) ; then
|
||||
cat << EOF >> ${opendmarc_conf_file}
|
||||
|
||||
## Specifies the path to a file that contains a list of hostnames, IP addresses,
|
||||
## and/or CIDR expressions identifying hosts whose SMTP connections are to be
|
||||
## ignored by the filter. If not specified, defaults to "127.0.0.1" only.
|
||||
#
|
||||
IgnoreHosts 127.0.0.1
|
||||
EOF
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# - Add 'IgnoreAuthenticatedClients' with default value to the original opendmarc.conf file
|
||||
#
|
||||
_param="IgnoreAuthenticatedClients"
|
||||
echononl " Add '${_param}' with default value to the opendmarc.conf file.."
|
||||
if ! $(grep -q -E "^${_param}\s+" ${opendmarc_conf_file} 2> /dev/null) ; then
|
||||
cat << EOF >> ${opendmarc_conf_file}
|
||||
|
||||
## If set, causes mail from authenticated clients (i.e., those that used
|
||||
## SMTP AUTH) to be ignored by the filter. The default is "false".
|
||||
#
|
||||
IgnoreAuthenticatedClients false
|
||||
EOF
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# - Add 'RequiredHeaders' with default value to the original opendmarc.conf file
|
||||
#
|
||||
_param="IgnoreAuthenticatedClients"
|
||||
echononl " Add '${_param}' with default value to the opendmarc.conf file.."
|
||||
if ! $(grep -q -E "^${_param}\s+" ${opendmarc_conf_file} 2> /dev/null) ; then
|
||||
cat << EOF >> ${opendmarc_conf_file}
|
||||
|
||||
## If set, causes mail from authenticated clients (i.e., those that used
|
||||
## SMTP AUTH) to be ignored by the filter. The default is "false".
|
||||
#
|
||||
IgnoreAuthenticatedClients false
|
||||
EOF
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# - Add 'RequiredHeaders' with default value to the original opendmarc.conf file
|
||||
#
|
||||
_param="RequiredHeaders"
|
||||
echononl " Add '${_param}' with default value to the opendmarc.conf file.."
|
||||
if ! $(grep -q -E "^${_param}\s+" ${opendmarc_conf_file} 2> /dev/null) ; then
|
||||
cat << EOF >> ${opendmarc_conf_file}
|
||||
|
||||
## If set, the filter will ensure the header of the message conforms to the basic
|
||||
## header field count restrictions laid out in RFC5322, Section 3.6. Messages
|
||||
## failing this test are rejected without further processing. A From: field from
|
||||
## which no domain name could be extracted will also be rejected.
|
||||
#
|
||||
RequiredHeaders false
|
||||
EOF
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# - Add 'AutoRestart' with default value to the original opendmarc.conf file
|
||||
#
|
||||
_param="AutoRestart"
|
||||
echononl " Add '${_param}' with default value to the opendmarc.conf file.."
|
||||
if ! $(grep -q -E "^${_param}\s+" ${opendmarc_conf_file} 2> /dev/null) ; then
|
||||
cat << EOF >> ${opendmarc_conf_file}
|
||||
|
||||
## Automatically re-start on failures. Use with caution; if the filter fails
|
||||
## instantly after it starts, this can cause a tight fork(2) loop.
|
||||
#
|
||||
AutoRestart false
|
||||
EOF
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# - Add 'HistoryFile' with default value to the original opendmarc.conf file
|
||||
#
|
||||
_param="HistoryFile"
|
||||
echononl " Add '${_param}' with default value to the opendmarc.conf file.."
|
||||
if ! $(grep -q -E "^${_param}\s+" ${opendmarc_conf_file} 2> /dev/null) ; then
|
||||
cat << EOF >> ${opendmarc_conf_file}
|
||||
|
||||
## If set, specifies the location of a text file to which records are written
|
||||
## that can be used to generate DMARC aggregate reports. Records are batches of
|
||||
## rows containing information about a single received message, and include all
|
||||
## relevant information needed to generate a DMARC aggregate report. It is
|
||||
## expected that this will not be used in its raw form, but rather periodically
|
||||
## imported into a relational database from which the aggregate reports can be
|
||||
## extracted using opendmarc-importstats(8).
|
||||
#
|
||||
HistoryFile /run/opendmarc/opendmarc.dat
|
||||
EOF
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# - Add 'SPFIgnoreResults' with default value to the original opendmarc.conf file
|
||||
#
|
||||
_param="SPFIgnoreResults"
|
||||
echononl " Add '${_param}' with default value to the opendmarc.conf file.."
|
||||
if ! $(grep -q -E "^${_param}\s+" ${opendmarc_conf_file} 2> /dev/null) ; then
|
||||
cat << EOF >> ${opendmarc_conf_file}
|
||||
|
||||
## Causes the filter to ignore any SPF results in the header of the message. This
|
||||
## is useful if you want the filter to perform SPF checks itself, or because you
|
||||
## don't trust the arriving header. The default is "false".
|
||||
#
|
||||
SPFIgnoreResults false
|
||||
EOF
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# - Add 'SPFSelfValidate' with default value to the original opendmarc.conf file
|
||||
#
|
||||
_param="SPFSelfValidate"
|
||||
echononl " Add '${_param}' with default value to the opendmarc.conf file.."
|
||||
if ! $(grep -q -E "^${_param}\s+" ${opendmarc_conf_file} 2> /dev/null) ; then
|
||||
cat << EOF >> ${opendmarc_conf_file}
|
||||
|
||||
## Causes the filter to perform a fallback SPF check itself when it can find no
|
||||
## SPF results in the message header. If SPFIgnoreResults is also set, it never
|
||||
## looks for SPF results in headers and always performs the SPF check itself when
|
||||
## this is set. The default is "false".
|
||||
#
|
||||
SPFSelfValidate false
|
||||
EOF
|
||||
if [[ $? -eq 0 ]] ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# - Save configuration file from distribution
|
||||
# -
|
||||
echononl " Save configuration file from distribution"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user