install/mailsystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: install:41f5f61d3226e188df60e87604f6ac7008e32dcb
Branches Tags
install:master
...
compare: install:master
Branches Tags
install:master

14 Commits
41f5f61d32 ... master

Author SHA1 Message Date
Christoph
50bc28dc2a install_update_dovecot-2.4.sh: support english language in qota warn messages. 2025-12-20 23:55:57 +01:00
Christoph
b87793cbad Fis systemd support on debian system version 13 (trixie) or newer. 2025-12-15 01:23:16 +01:00
Christoph
cc155c578a install_amavis.sh: fix error in creating master.cf if aditional port is used. 2025-12-10 02:13:58 +01:00
Christoph
b28b3a8316 install_update_dovecot-2.4.sh: adjust sieve configuration. 2025-12-09 17:49:41 +01:00
Christoph
ecfd630612 install_amavis.sh: no warn messages from amavis to admin. 2025-12-09 13:50:52 +01:00
Christoph
68d2bd18b7 install_amavis.sh: some minor changes. 2025-12-09 00:01:31 +01:00
Christoph
6521b03aa2 install_amavis.sh: adjust printing master.cf. 2025-12-08 23:44:29 +01:00
Christoph
05723c0514 Merge branch 'master' of https://git.oopen.de/install/mailsystem 2025-12-08 19:26:34 +01:00
Christoph
32b3c8b01e install_update_dovecot-2.4.sh: some minor changes. 2025-12-08 19:25:46 +01:00
Christoph
f2f3797c1e install_amavis.sh: Some minor changes. 2025-12-08 19:14:37 +01:00
Christoph
d8979faa06 install_update_dovecot-2.4.sh: increase sieve_max_redirects to 25. 2025-12-05 12:35:07 +01:00
Christoph
d407b2ecf0 install_opendkim.sh,install_opendmarc.sh: Support the execution of scripts at any time. A non-existent configuration is created, and an already installed configuration is adjusted if necessary. 2025-11-26 12:36:56 +01:00
Christoph
13e1d575f9 install_opendmarc.sh: remove duplicate setting 'AuthservID'. 2025-11-26 11:33:58 +01:00
Christoph
a246f5009f install_opendmarc.sh: some minor changes. 2025-11-25 22:43:11 +01:00
13 changed files with 713 additions and 503 deletions
Expand all files Collapse all files

10
conf/install_update_dovecot.conf.sample
View File

@@ -165,8 +165,16 @@ max_userip_connections=24
#auth_mechanisms="plain login digest-md5 cram-md5" #auth_mechanisms="plain login digest-md5 cram-md5"
auth_mechanisms="plain login" auth_mechanisms="plain login"
# ---
# - Settings for quota warning sript # - Settings for quota warning sript
# - # ---
# msg_language
#
# possible Vallues are 'en' or 'de'
#
msg_language=de
from_address="o.open <oo@oopen.de>" from_address="o.open <oo@oopen.de>"
reply_to="oo@oopen.de" reply_to="oo@oopen.de"
webmailer="https://webmail.oopen.de" webmailer="https://webmail.oopen.de"

8
create-update-postfix-pcre-chek-files.sh
View File

@@ -115,9 +115,11 @@ DEFAULT_ADMIN_EMAIL="argus@oopen.de"
# - Is this a systemd system? # - Is this a systemd system?
# - # -
if [[ "X`which systemd`" = "X" ]]; then systemd_exists=false
systemd_exists=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
systemd_exists=true systemd_exists=true
fi fi

646
install_amavis.sh
View File

@@ -154,9 +154,11 @@ QUARANTINE_ADMIN=$DEFAULT_QUARANTINE_ADMIN
# - Is this a systemd system? # - Is this a systemd system?
# - # -
if [[ "X`which systemd`" = "X" ]]; then systemd_exists=false
systemd_exists=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
systemd_exists=true systemd_exists=true
fi fi
@@ -1168,19 +1170,38 @@ fi
## - If not testing as user roor, you need to change int a directora, where the testing ## - If not testing as user roor, you need to change int a directora, where the testing
## - user has read/write? access, even if the sample spam file is located at /tmp ## - user has read/write? access, even if the sample spam file is located at /tmp
## - ## -
echononl " Download a sample spam file" echononl " Save a sample spam file into /root folder."
installation_failed=false cat <<'EOF' > /root/sample-spam.txt
wget -O /tmp/sample-spam.txt https://opensource.apple.com/source/SpamAssassin/SpamAssassin-137.1/SpamAssassin/sample-spam.txt 2> $tmp_err_msg Subject: Test spam mail (GTUBE)
if [[ "$?" -ne 0 ]] ; then Message-ID: <GTUBE1.1010101@example.net>
installation_failed=true Date: Wed, 23 Jul 2003 23:30:00 +0200
From: Sender <sender@example.net>
To: Recipient <recipient@example.net>
Precedence: junk
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
This is the GTUBE, the
Generic
Test for
Unsolicited
Bulk
Email
If your spam filter supports it, the GTUBE provides a test by which you
can verify that the filter is installed correctly and is detecting incoming
spam. You can send yourself a test mail containing the following string of
characters (in upper case and with no white spaces and line breaks):
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
You should send this test mail from an account outside of your network
EOF
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat $tmp_err_msg)" error "$(cat $tmp_err_msg)"
fi else
cp -a /tmp/sample-spam.txt /root > $tmp_err_msg 2>&1
if [[ "$?" -ne 0 ]] ; then
installation_failed=true
error "$(cat $tmp_err_msg)"
fi
if ! $installation_failed ; then
echo_ok echo_ok
fi fi
@@ -1470,27 +1491,45 @@ echo -e " \033[37m\033[1mConfigure Distributed Checksum Clearinghouses (DCC)..
info "Open firewall outgoing port UDP 6277 and if DCC Server is running\n also in- and outfoing port TCP 6277." info "Open firewall outgoing port UDP 6277 and if DCC Server is running\n also in- and outfoing port TCP 6277."
services=("clamav-freshclam" "clamav-daemon" "adcc")
for svc in "${services[@]}"; do
echononl " Stop Service '${svc}.."
if systemctl is-active --quiet "$svc"; then
systemctl stop "$svc" > /dev/null 2> $tmp_err_msg
if [[ $? -ne 0 ]] ; then
echo_failed
if ps -ax | grep /var/dcc/libexec/dccifd | grep -v grep > /dev/null 2>&1 ; then
echononl " An instance off dccifd ist already running. Stop it now."
installation_failed=false
if $systemd_exists ; then
systemctl stop adcc > /dev/null 2> $tmp_err_msg
if [[ "$?" -ne 0 ]] ; then
installation_failed=true
error "$(cat $tmp_err_msg)" error "$(cat $tmp_err_msg)"
fi
else else
/etc/init.d/adcc stop > /dev/null 2> $tmp_err_msg
if [[ "$?" -ne 0 ]] ; then
installation_failed=true
error "$(cat $tmp_err_msg)"
fi
fi
if ! $installation_failed ; then
echo_ok echo_ok
fi fi
fi else
echo_skipped
fi
done
#if ps -ax | grep /var/dcc/libexec/dccifd | grep -v grep > /dev/null 2>&1 ; then
# echononl " An instance off dccifd ist already running. Stop it now."
# installation_failed=false
# if $systemd_exists ; then
# systemctl stop adcc > /dev/null 2> $tmp_err_msg
# if [[ "$?" -ne 0 ]] ; then
# installation_failed=true
# error "$(cat $tmp_err_msg)"
# fi
# else
# /etc/init.d/adcc stop > /dev/null 2> $tmp_err_msg
# if [[ "$?" -ne 0 ]] ; then
# installation_failed=true
# error "$(cat $tmp_err_msg)"
# fi
# fi
# if ! $installation_failed ; then
# echo_ok
# fi
#fi
_dcc_src_dir="$script_dir" _dcc_src_dir="$script_dir"
#_archiv=dcc-dccproc.tar.Z #_archiv=dcc-dccproc.tar.Z
@@ -4003,6 +4042,7 @@ if [[ ! -f "/etc/postfix/spam_lovers" ]]; then
# - adress_1@domain3.com 0 # - adress_1@domain3.com 0
# - domain3.com 1 # - domain3.com 1
# - # -
# - Wichtig: letzte Zeile mit Newline abschließen!
EOF EOF
if [[ $? -eq 0 ]] ; then if [[ $? -eq 0 ]] ; then
echo_ok echo_ok
@@ -4031,6 +4071,7 @@ if [[ ! -f "/etc/postfix/virus_lovers" ]]; then
# - adress_1@domain3.com 0 # - adress_1@domain3.com 0
# - domain3.com 1 # - domain3.com 1
# - # -
# - Wichtig: letzte Zeile mit Newline abschließen!
EOF EOF
if [[ $? -eq 0 ]] ; then if [[ $? -eq 0 ]] ; then
echo_ok echo_ok
@@ -4187,203 +4228,111 @@ read_hash(\%whitelist_sender, '/etc/postfix/sender_whitelist');
@whitelist_sender_maps = (\%whitelist_sender); @whitelist_sender_maps = (\%whitelist_sender);
## ---
## - Default antivirus checking mode
## ---
## - bypass_virus_checks_maps # ----------------------------------------------------------
## - # Basis-Quarantäneverzeichnis
## - Addresses/Domains listet here will not be checked. # ----------------------------------------------------------
## -
## - !! Notice !!
## -
## - Virus checks are bypassed only if all of the recipients of a message have
## - been added to one of these variables. If even one recipient is not listed,
## - virus-checking will still be performed. To ensure that virus is still delivered
## - to whitelisted recipients in such cases, use the "virus_lovers" features
## - see below.
## -
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \\\$bypass_virus_checks_re);
\$QUARANTINEDIR = '${QUARANTINE_DIR}';
## - We will use '%bypass_virus_checks_maps'. So we could set: # Keine automatisch erzeugten Unterverzeichnisse wie a/, b/, c/, f/, g/
## -
## - %bypass_virus_checks = (
## - # Adresses
## - adress@domain1.com => '1',
## - [..]
## - # All addresses of a domain
## - domain2.com => '1',
## - [..]
## - # All adresses of a domain except a single user
## - address_1@domain3.com => '0',
## - domain3.com => '1',
## - );
## -
## - But we will use the read_hash function to read in a list
## - of recipients from the external file '/etc/postfix/spam_lovers'
## -
## - Example '/etc/postfix/virus_lovers'
## -
## - # Adresses
## - adress@domain1.com 1
## - [..]
## -
## - # All addresses of a domain
## - domain2.com 1
## - [..]
## -
## - # All adresses of a domain except a single user
## - adress_1@domain3.com 0
## - domain3.com 1
## -
read_hash(\%bypass_virus_checks, '/etc/postfix/virus_lovers');
## - virus_lovers_maps
## -
## - For Adresses/Domains listet at spam_lovers_maps, no spam actions (like
## - adding spam headers or discarding the mail) will be performed.
## -
@virus_lovers_maps = (
\%virus_lovers, \@virus_lovers_acl, \\\$virus_lovers_re);
## - We will use the read_hash function to read in a list of recipients
## - from the external file '/etc/postfix/spam_lovers' into '%spam_lovers'.
## -
## - For more explanations see above
## -
read_hash(\%virus_lovers, '/etc/postfix/virus_lovers');
## ---
## - Default SPAM checking mode
## ---
## - bypass_spam_checks_maps
## -
## - Addresses/Domains listet here will not be checked.
## -
## - !! Notice !!
## -
## - Spam checks are bypassed only if all of the recipients of a message have
## - been added to one of these variables. If even one recipient is not listed,
## - spam-checking will still be performed. To ensure that spam is still delivered
## - to whitelisted recipients in such cases, use the "spam_lovers" features
## - see below.
## -
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \\\$bypass_spam_checks_re);
## - We will use '%bypass_spam_checks'. So we could set:
## -
## - %bypass_spam_checks = (
## - # Adresses
## - adress@domain1.com => '1',
## - [..]
## - # All addresses of a domain
## - domain2.com => '1',
## - [..]
## - # All adresses of a domain except a single user
## - address_1@domain3.com => '0',
## - domain3.com => '1',
## - );
## -
## - But we will use the read_hash function to read in a list
## - of recipients from the external file '/etc/postfix/spam_lovers'
## -
## - Example '/etc/postfix/spam_lovers'
## -
## - # Adresses
## - adress@domain1.com 1
## - [..]
## -
## - # All addresses of a domain
## - domain2.com 1
## - [..]
## -
## - # All adresses of a domain except a single user
## - adress_1@domain3.com 0
## - domain3.com 1
## -
read_hash(\%bypass_spam_checks, '/etc/postfix/spam_lovers');
## - spam_lovers_maps
## -
## - For Adresses/Domains listet at spam_lovers_maps, no spam actions (like
## - adding spam headers or discarding the mail) will be performed.
## -
@spam_lovers_maps = (
\%spam_lovers, \@spam_lovers_acl, \\\$spam_lovers_re);
## - We will use the read_hash function to read in a list of recipients
## - from the external file '/etc/postfix/spam_lovers' into '%spam_lovers'.
## -
## - For more explanations see above
## -
read_hash(\%spam_lovers, '/etc/postfix/spam_lovers');
## - overrides settings in 20-debian_defaults
## -
\$final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine)
\$final_banned_destiny = D_DISCARD; # D_REJECT when front-end MTA
#\$final_spam_destiny = D_DISCARD;
\$final_spam_destiny = D_BOUNCE;
#\$final_bad_header_destiny = D_PASS; # False-positive prone (for spam)
##- Moved to file '/etc/amavis/policy_banks.conf'
## -
## - \$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
## - \$sa_tag2_level_deflt = 5.1; # add 'spam detected' headers at that level
## - \$sa_kill_level_deflt = 10.31; # reject/bounce/discard/pass
## -
do "/etc/amavis/policy_banks.conf"; # Externe Datei einbinden
## - QUARANTINE
## -
\$QUARANTINEDIR = "$QUARANTINE_DIR";
\$quarantine_subdir_levels = 0; \$quarantine_subdir_levels = 0;
\$sa_spam_subject_tag = undef; # Kein Prefix wie "***SPAM***" o.ä.
\$sa_spam_modifies_subj = 0; # Betreff NICHT verändern
## - don't store mails in quarantine directory # Viren: /var/QUARANTINE/virus/virus-<msgid>.gz
## - \$virus_quarantine_method = 'local:virus/virus-%m.gz';
#\$virus_quarantine_method = undef;
#\$spam_quarantine_method = undef;
#\$banned_files_quarantine_method = undef;
#\$bad_header_quarantine_method = undef;
## - store mails in quarantine directory # Spam (Kill-Spam): /var/QUARANTINE/spam/spam-<msgid>.gz
## -
\$virus_quarantine_method = 'local:virus/virus-%m';
\$spam_quarantine_method = 'local:spam/spam-%m.gz'; \$spam_quarantine_method = 'local:spam/spam-%m.gz';
\$banned_files_quarantine_method = 'local:banned/banned-%m';
\$bad_header_quarantine_method = 'local:bad-headers/badh-%m';
\$clean_quarantine_method = undef;
\$archive_quarantine_method = undef;
#\$virus_admin ="$QUARANTINE_ADMIN"; # Banned: /var/QUARANTINE/banned/banned-<msgid>
#\$spam_admin = "$QUARANTINE_ADMIN"; \$banned_files_quarantine_method = 'local:banned/banned-%m';
#\$banned_admin = "$QUARANTINE_ADMIN";
#\$bad_header_admin = "$QUARANTINE_ADMIN"; # Bad headers: /var/QUARANTINE/bad-headers/badh-<msgid>
\$bad_header_quarantine_method = 'local:bad-headers/badh-%m';
# ----------------------------------------------------------
# Einbinden der Spam- und Virus-Lovers Dateien
# ----------------------------------------------------------
@bypass_spam_checks_maps = (
read_hash('/etc/postfix/spam_lovers'),
);
@bypass_virus_checks_maps = (
read_hash('/etc/postfix/virus_lovers'),
);
# ----------------------------------------------------------
# Spam-Schwellwerte
# ----------------------------------------------------------
\$sa_tag_level_deflt = 1.9; # ab hier Info-Header
\$sa_tag2_level_deflt = 5.1; # ab hier X-Spam-Flag: YES
\$sa_kill_level_deflt = 9.51; # high-spam - final destiny (DISCARD)
\$sa_dsn_cutoff_level = 20.1; # ab hier keine DSN mehr
\$sa_quarantine_cutoff_level = 30.1; # oberhalb keine Quarantäne mehr
# ----------------------------------------------------------
# Domain-/Adress-spezifische Einstellungen extern einlesen
# ----------------------------------------------------------
my \$policy_banks_file = '/etc/amavis/policy_banks.conf';
if (-r \$policy_banks_file) {
do \$policy_banks_file
or die "Fehler beim Einlesen von \$policy_banks_file: \$@";
}
# ----------------------------------------------------------
# spammy (zwischen Tag2 und Kill-Level)
# zusätzlich in /spammy/, Mail wird zugestellt
# ----------------------------------------------------------
# spammy in /var/QUARANTINE/spammy/
\$quarantine_method_by_ccat{+CC_SPAMMY}
= 'local:spammy/spammy-%m.gz';
\$final_destiny_by_ccat{+CC_SPAMMY} = D_PASS;
# ----------------------------------------------------------
# Final Destinies
# ----------------------------------------------------------
# High-Spam (>=9.51)
\$final_spam_destiny = D_DISCARD;
# Viren
\$final_virus_destiny = D_DISCARD;
# Banned (z.B. .exe)
\$final_banned_destiny = D_BOUNCE;
# Schlechte Header
\$final_bad_header_destiny = D_PASS;
# ----------------------------------------------------------
# Admin E-Mails / Warnungen direct von AMaViS (nicht DSN- oder Bounce-Mails)
# ----------------------------------------------------------
# Bemerkung:
# *nochmal*: das hat nichts mit den eigentlichen DSN-/Bounce-Mails zu tun.
\$virus_admin = undef; \$virus_admin = undef;
\$spam_admin = undef; \$spam_admin = undef;
\$banned_admin = undef;
\$bad_header_admin = undef;
\$warnvirusrecip = 0;
\$warnbannedrecip = 0;
\$warnbannedsender = 0;
\$warnbadhrecip = 0;
\$warn_offsite = 0;
# Pass SPAMMY but quarantine and inform admin
#
\$quarantine_to_maps_by_ccat{+CC_SPAMMY} = \\@spam_quarantine_to_maps ;
\$quarantine_method_by_ccat{+CC_SPAMMY} = 'local:spammy/spammy-%m.gz' ;
\$final_destiny_by_ccat{+CC_SPAMMY} = D_PASS ;
\$admin_maps_by_ccat{+CC_SPAMMY} = sub { ca('spam_admin_maps') };
# Bypass spam checking for trusted networks using mynetworks # Bypass spam checking for trusted networks using mynetworks
@@ -4598,133 +4547,67 @@ echononl " Create File \"${_config_policy_banks_file}\""
if [[ -f "${_config_policy_banks_file}" ]]; then if [[ -f "${_config_policy_banks_file}" ]]; then
echo_skipped echo_skipped
else else
cat << EOF > ${_config_policy_banks_file} cat <<'EOF' > ${_config_policy_banks_file}
# Externe Richtliniendatei für amavisd # /etc/amavis/policy_banks.conf
#
use strict; # ---------------------------------------------
# Domain- und adressspezifische Amavis-Settings
# ---------------------------------------------
# --- #
# add spam info headers if at, or above that level #
# --- # Wichtig: KEIN "use strict;" hier, das ist schon in 50-user aktiv.
# Diese Datei wird via "do" aus /etc/amavis/conf.d/50-user eingelesen.
## - All recipients with identical the same setting: #
## - #
#\$sa_tag_level_deflt = 2.0; # Tag2-Level (Schwelle für X-Spam-Flag: YES) abhängig von Empfänger/Domain
# ========================================================================
## - Per-recipient mapping of tag2 levels to email addresses (tag2 level): #
## - #
## - Set directly: # Read from file using @spam_tag2_level_maps
## - # ------------------------------------------
\$sa_tag_level_deflt = { #
'oopen.de' => '-4.5', # default: @spam_tag2_level_maps = ($sa_tag2_level_deflt);
# default #
'.'=>'2.0' # Example file '/etc/postfix/tag2_level_maps.dat'
}; #
# # Specific address first
## - Read from file using @spam_tag2_level_maps # info@123comics.net 2.1
## - # ckubu@oopen.de 2.2
## - default: @spam_tag2_level_maps = (\$sa_tag2_level_deflt); # ...
## - #
## - Example file '/etc/postfix/tag2_level_maps.dat' # # All recipients of the domains @oopen.de / @k8h.de
## - # oopen.de 3.1
## - # oopen.de # k8h.de 4.5
## - oopen.de 2.1 #
## - ckubu@oopen.de 2.2 # # default
## - argus@oopen.de 2.3 # . 5.1
## - [..] #
## - # k8h.de #
## - k8h.de 6.5 # Read file into the variable @spam_tag2_level_maps
## - [..] #
## - # default # @spam_tag2_level_maps = ( read_hash('/etc/postfix/tag2_level_maps.dat') );
## - . 5.1 #
## - #
#@spam_tag2_level_maps = ( read_hash('/etc/postfix/tag2_level_maps.dat') ); # Set the variable $sa_tag2_level_deflt directly.
# -----------------------------------------------
#
#\$sa_spam_subject_tag = '***SPAM*** '; # Spam-Betreff-Tag # Example:
\$sa_spam_subject_tag = undef; #
# @spam_tag2_level_maps = (
# {
# # Spezifische Adresse zuerst
# --- # 'info@123comics.net' => 3.1,
# add 'spam detected' headers at that level # 'info@berliner-register.de' => 3.1,
# --- #
# # Domains (alle Empfänger @oopen.de / @123comics.net)
## - All recipients with identical the same setting: # '.oopen.de' => 3.1,
## - # '.123comics.net' => 4.1,
#\$sa_tag2_level_deflt = 5.1; # add 'spam detected' headers at that level # 'regishut.de' => 2.5,
# },
## - Per-recipient mapping of kill levels to email addresses (kill level): #
## - # # Fallback: Standard-Tag2-Level aus 50-user
## - Set directly # $sa_tag2_level_deflt,
## - # );
\$sa_tag2_level_deflt = {
'oopen.de' => '3.1',
'123comics.net' => '4.1',
'info@123comics.net' => '3.1',
# default
'.' => '5.1',
};
## - Read from file using @spam_kill_level_maps
## -
## - default: @spam_kill_level_maps = (\$sa_kill_level_deflt);
## -
## - Example file '/etc/postfix/kill_level_maps.dat'
## -
## - # oopen.de
## - ckubu@oopen.de 1500.0
## - ckubu-adm@oopen.de 1500.0
## - [..]
## - # default
## - . 10.31
## -
#@spam_kill_level_maps = ( read_hash('/etc/postfix/kill_level_maps.dat') );
# ---
# adding more detailed spam-related headers.
# ---
## - All recipients with identical the same setting:
## -
\$sa_tag3_level_deflt = 7.0; # threshold for sa_tag3_level_deflt
## - Note
## - Like 'sa_tag2_level_deflt' above per-recipient also possible
@sa_tag3_level_maps = (
['^Subject:', '\[HIGH-SPAM\] $&'], # Modify subject
['HEADER', 'X-High-Spam-Flag', 'YES'], # Add a custom header
);
# ---
# spam score threshold at which amavisd-new will reject (kill) an email.
# ---
## - All recipients with identical the same setting:
## -
\$sa_kill_level_deflt = 10.31; # reject/bounce/discard/pass
## - Note
## - Like 'sa_tag2_level_deflt' above per-recipient also possible
# ---
# The threshold for sending a delivery status notification (DSN) to the sender
# ---
## - We will inform the sender about bouncing his mail with a DSN (Delivery
## - StatusNotification). That DSN message will no be send, if the spamvalue
## - exceeds the value of sa_dsn_cutoff_level
## -
#\$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
\$sa_dsn_cutoff_level = 20;
#------------ Do not modify anything below this line ------------- #------------ Do not modify anything below this line -------------
@@ -5125,19 +5008,6 @@ EOF
EOF EOF
fi fi
if ${listen_on_additional_smtp_port} ; then
cat >> $postfix_master_cf << EOF
${additional_smtp_port} inet n - y - - smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o content_filter=
EOF
if [[ "$SASL_AUTH_ENABLED" = "no" ]] ; then
cat >> $postfix_master_cf << EOF
-o smtpd_sasl_auth_enable=no
EOF
fi
fi
if ! $submission_present && ! $smtps_present && ! $localhost_10025_present ; then if ! $submission_present && ! $smtps_present && ! $localhost_10025_present ; then
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
localhost:10025 inet n - y - - smtpd localhost:10025 inet n - y - - smtpd
@@ -5152,13 +5022,9 @@ localhost:10025 inet n - y - - smtpd
-o mynetworks=127.0.0.0/8,[::1]/128 -o mynetworks=127.0.0.0/8,[::1]/128
-o receive_override_options=no_unknown_recipient_checks -o receive_override_options=no_unknown_recipient_checks
EOF EOF
if [[ -n "$(which opendkim)" && -n "$(which opendmarc)" ]] ; then if [[-n "$(which opendmarc)" ]] ; then
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock,local:/opendmarc/opendmarc.sock -o smtpd_milters=local:/opendmarc/opendmarc.sock
EOF
elif [[ -n "$(which opendkim)" ]] ; then
cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock
EOF EOF
fi fi
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
@@ -5169,8 +5035,26 @@ EOF
continue continue
fi fi
if ${listen_on_additional_smtp_port} \
&& echo "$_line" | grep -i -E "^\s*${additional_smtp_port}\s+inet" > /dev/null 2>&1 ; then
_found=true
cat >> $postfix_master_cf << EOF
${additional_smtp_port} inet n - y - - smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o content_filter=
EOF
if [[ "$SASL_AUTH_ENABLED" = "no" ]] ; then
cat >> $postfix_master_cf << EOF
-o smtpd_sasl_auth_enable=no
EOF
fi
if $submission_present && echo "$_line" | grep -i -E "^^submission\s+" > /dev/null 2>&1 ; then continue
fi
if $submission_present && echo "$_line" | grep -i -E "^submission\s+" > /dev/null 2>&1 ; then
_found=true _found=true
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
submission inet n - y - 20 smtpd submission inet n - y - 20 smtpd
@@ -5178,6 +5062,13 @@ submission inet n - y - 20 smtpd
-o smtpd_tls_security_level=encrypt -o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
EOF
if [[ -n "$(which opendkim)" ]] ; then
cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock
EOF
fi
cat >> $postfix_master_cf << EOF
#-o milter_macro_daemon_name=ORIGINATING #-o milter_macro_daemon_name=ORIGINATING
EOF EOF
if ! $smtps_present ; then if ! $smtps_present ; then
@@ -5195,13 +5086,9 @@ localhost:10025 inet n - y - - smtpd
-o mynetworks=127.0.0.0/8,[::1]/128 -o mynetworks=127.0.0.0/8,[::1]/128
-o receive_override_options=no_unknown_recipient_checks -o receive_override_options=no_unknown_recipient_checks
EOF EOF
if [[ -n "$(which opendkim)" && -n "$(which opendmarc)" ]] ; then if [[ -n "$(which opendmarc)" ]] ; then
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock,local:/opendmarc/opendmarc.sock -o smtpd_milters=local:/opendmarc/opendmarc.sock
EOF
elif [[ -n "$(which opendkim)" ]] ; then
cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock
EOF EOF
fi fi
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
@@ -5232,6 +5119,13 @@ smtps inet n - y - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject
EOF
if [[ -n "$(which opendkim)" ]] ; then
cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock
EOF
fi
cat >> $postfix_master_cf << EOF
#-o milter_macro_daemon_name=ORIGINATING #-o milter_macro_daemon_name=ORIGINATING
EOF EOF
@@ -5249,13 +5143,9 @@ localhost:10025 inet n - y - - smtpd
-o mynetworks=127.0.0.0/8,[::1]/128 -o mynetworks=127.0.0.0/8,[::1]/128
-o receive_override_options=no_unknown_recipient_checks -o receive_override_options=no_unknown_recipient_checks
EOF EOF
if [[ -n "$(which opendkim)" && -n "$(which opendmarc)" ]] ; then if [[ -n "$(which opendmarc)" ]] ; then
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock,local:/opendmarc/opendmarc.sock -o smtpd_milters=local:/opendmarc/opendmarc.sock
EOF
elif [[ -n "$(which opendkim)" ]] ; then
cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock
EOF EOF
fi fi
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
@@ -5292,13 +5182,9 @@ localhost:10025 inet n - y - - smtpd
-o mynetworks=127.0.0.0/8,[::1]/128 -o mynetworks=127.0.0.0/8,[::1]/128
-o receive_override_options=no_unknown_recipient_checks -o receive_override_options=no_unknown_recipient_checks
EOF EOF
if [[ -n "$(which opendkim)" && -n "$(which opendmarc)" ]] ; then if [[ -n "$(which opendmarc)" ]] ; then
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock,local:/opendmarc/opendmarc.sock -o smtpd_milters=local:/opendmarc/opendmarc.sock
EOF
elif [[ -n "$(which opendkim)" ]] ; then
cat >> $postfix_master_cf << EOF
-o smtpd_milters=local:/opendkim/opendkim.sock
EOF EOF
fi fi
cat >> $postfix_master_cf << EOF cat >> $postfix_master_cf << EOF

44
install_opendkim.sh
View File

@@ -94,9 +94,11 @@ echo_skipped() {
# - Is 'systemd' supported on this system # - Is 'systemd' supported on this system
# - # -
if [ "X`which systemd`" = "X" ]; then SYSTEMD_EXISTS=false
SYSTEMD_EXISTS=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
SYSTEMD_EXISTS=true SYSTEMD_EXISTS=true
fi fi
@@ -508,6 +510,35 @@ milter_protocol = 6
# #
#smtpd_milters = local:/opendkim/opendkim.sock #smtpd_milters = local:/opendkim/opendkim.sock
smtpd_milters = smtpd_milters =
# Was sind non_smtpd_milters?
#
# non_smtpd_milters gilt für alle Postfix-Prozesse, die Mails verarbeiten, aber NICHT
# der smtpd-Daemon sind.
#
# Das betrifft z. B.:
#
# cleanup Header/Content-Bereinigung
# qmgr Queue-Manager
# lmtp / smtp Auslieferung nach extern
# local lokale Zustellung
#
# Das sind z. B.:
#
# - interne Bounces (MAILER-DAEMON)
#
# - Cron-Mails vom Server
#
# - Weiterleitungen, die Postfix selbst generiert
#
# - Mails, die über sendmail CLI gesendet werden
#
# - Mails, die Amavis über LMTP zurückgibt
#
# - etc.
#
#
# DKIM soll auch die ausgehenden Mails signieren, die nicht über smtpd daemon versendet werden.
non_smtpd_milters = local:/opendkim/opendkim.sock non_smtpd_milters = local:/opendkim/opendkim.sock
EOF EOF
postfix_needs_restart=true postfix_needs_restart=true
@@ -558,6 +589,11 @@ while IFS='' read -r _line || [[ -n $_line ]] ; do
if $_found && echo "$_line" | grep -i -q -E "^\s*-o\s+smtpd_milters=\s*" ; then if $_found && echo "$_line" | grep -i -q -E "^\s*-o\s+smtpd_milters=\s*" ; then
_found=false _found=false
if ! echo "$_line" | grep -i -q -E "^\s*-o\s+smtpd_milters=\s*local:/opendkim/opendkim.sock\s*$" ; then
echo " -o smtpd_milters=local:/opendkim/opendkim.sock" >> "$tmp_master_file"
_changed=true
continue
fi
fi fi
if echo "$_line" | grep -i -q -E "^\s*(submission|smtps)\s+inet\s+" 2> /dev/null ; then if echo "$_line" | grep -i -q -E "^\s*(submission|smtps)\s+inet\s+" 2> /dev/null ; then
@@ -578,7 +614,7 @@ if $_changed ; then
fi fi
else else
echo_skipped echo_skipped
warn "Postfix (master.cf) seems already be configured." info "Postfix (master.cf) was not changed - seems already be configured right."
echononl " Delete previosly saved file '/etc/postfix/master.cf'.." echononl " Delete previosly saved file '/etc/postfix/master.cf'.."
rm /etc/postfix/master.cf.$backup_date 2> $log_file rm /etc/postfix/master.cf.$backup_date 2> $log_file
if [[ $? -eq 0 ]] ; then if [[ $? -eq 0 ]] ; then

203
install_opendmarc.sh
View File

@@ -30,7 +30,6 @@ config_file_name_value_parameters="
RejectFailures|true RejectFailures|true
Syslog|true Syslog|true
SyslogFacility|mail SyslogFacility|mail
TrustedAuthservIDs|$(hostname -f)
IgnoreHosts|${opendmarc_base_dir}/ignore.hosts IgnoreHosts|${opendmarc_base_dir}/ignore.hosts
IgnoreMailFrom|${opendmarc_base_dir}/ignore.mailfrom IgnoreMailFrom|${opendmarc_base_dir}/ignore.mailfrom
IgnoreAuthenticatedClients|true IgnoreAuthenticatedClients|true
@@ -117,9 +116,11 @@ echo_skipped() {
# - Is 'systemd' supported on this system # - Is 'systemd' supported on this system
# - # -
if [ "X`which systemd`" = "X" ]; then SYSTEMD_EXISTS=false
SYSTEMD_EXISTS=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
SYSTEMD_EXISTS=true SYSTEMD_EXISTS=true
fi fi
@@ -527,11 +528,22 @@ else
cat <<EOF > ${opendmarc_base_dir}/ignore.hosts 2> $log_file cat <<EOF > ${opendmarc_base_dir}/ignore.hosts 2> $log_file
# /etc/opendmarc/ignore.hosts # /etc/opendmarc/ignore.hosts
# #
# Diese Datei wird aktuell NICHT genutzt, da OpenDMARC # Aktuell hat OpenDMARC seinen Milter nur am Dienst
# auf localhost:10025 arbeitet und dort immer nur # 'localhost:10025' hängen. Dort ist der Client
# 127.0.0.1/::1 als Client-IP sieht. # immer 127.0.0.1, nicht die externe Gegenstelle.
#
# Bitte KEINE Einträge hinzufügen. # Deshalb macht es in diesem Setup keinen Sinn,
# hier IP-Adressen von externen Diensten (CRSend etc.)
# einzutragen sie würden nie matchen.
#
# WICHTIG:
# - KEIN 127.0.0.1
# - KEIN localhost
# - KEIN ::1
#
# Eintrag dieser Adressen würde DMARC komplett deaktivieren.
#
# ==> Datei bleibt absichtlich leer.
EOF EOF
opendmarc_needs_restart=true opendmarc_needs_restart=true
if [[ $? -eq 0 ]] ; then if [[ $? -eq 0 ]] ; then
@@ -566,8 +578,16 @@ else
cat <<EOF > ${opendmarc_base_dir}/ignore.mailfrom 2> $log_file cat <<EOF > ${opendmarc_base_dir}/ignore.mailfrom 2> $log_file
# /etc/opendmarc/ignore.mailfrom # /etc/opendmarc/ignore.mailfrom
# #
# Wird derzeit nicht genutzt. # Hier könnte man Absender-Domains von der DMARC-Prüfung
# Keine Einträge hinzufügen. # ausnehmen (z. B. problematische Partner-Domains).
#
# Aktuell ist das für dein Setup nicht notwendig.
#
# Beispiele (NICHT aktiv!):
# @example.org
# example.org
#
# ==> Datei bleibt absichtlich leer.
EOF EOF
opendmarc_needs_restart=true opendmarc_needs_restart=true
if [[ $? -eq 0 ]] ; then if [[ $? -eq 0 ]] ; then
@@ -671,6 +691,101 @@ else
fi fi
echo ""
# - Edit /etc/postfix/main.cf and add a section to activate
# - processing of e-mail through the OpenDKIM daemon:
# -
backup_date="$(date +%Y-%m-%d-%H%M)"
echononl " Backup existing postfix configuration (main.cf).."
cp -a /etc/postfix/main.cf /etc/postfix/main.cf.$backup_date 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
echononl " Activate processing of e-mail through the OpenDKIM daemon.."
if grep -q -E "milter_default_action\s*=\s*accept" /etc/postfix/main.cf ; then
echo_skipped
info "Postfix (main.cf) was not changed - seems already be configured right."
echononl " Delete previosly saved Postfix configuration.."
rm /etc/postfix/main.cf.$backup_date 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
else
cat <<EOF >> /etc/postfix/main.cf 2> $log_file
# ======= Milter configuration =======
# OpenDKIM
milter_default_action = accept
# Postfix ≥ 2.6 milter_protocol = 6, Postfix ≤ 2.5 milter_protocol = 2
milter_protocol = 6
# Note:
# We will sign AFTER sending through AmaVIS, just befor sending out. So
# set 'smtpd_milters =' to an emty string here and add to localhost:10025
# section in master.cf: 'smtpd_milters=local:/opendkim/opendkim.sock'
#
# If you want sign mails before sending through AmaVIS, set
# 'smtpd_milters = local:/opendkim/opendkim.sock' here and add to
# localhost:10025 section in master.cf: 'smtpd_milters='
#
#smtpd_milters = local:/opendkim/opendkim.sock
smtpd_milters =
# Was sind non_smtpd_milters?
#
# non_smtpd_milters gilt für alle Postfix-Prozesse, die Mails verarbeiten, aber NICHT
# der smtpd-Daemon sind.
#
# Das betrifft z. B.:
#
# cleanup Header/Content-Bereinigung
# qmgr Queue-Manager
# lmtp / smtp Auslieferung nach extern
# local lokale Zustellung
#
# Das sind z. B.:
#
# - interne Bounces (MAILER-DAEMON)
#
# - Cron-Mails vom Server
#
# - Weiterleitungen, die Postfix selbst generiert
#
# - Mails, die über sendmail CLI gesendet werden
#
# - Mails, die Amavis über LMTP zurückgibt
#
# - etc.
#
#
# DKIM soll auch die ausgehenden Mails signieren, die nicht über smtpd daemon versendet werden.
non_smtpd_milters = local:/opendkim/opendkim.sock
EOF
postfix_needs_restart=true
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
echo ""
# - Prevent Postfix from setting the DMARC Header twice (one befor # - Prevent Postfix from setting the DMARC Header twice (one befor
# - and one after processing amavis # - and one after processing amavis
# - # -
@@ -696,24 +811,58 @@ else
fi fi
echononl " Adjust /etc/postfix/master.cf. Set DMARC after sending throuh AmaVIS.." echononl " Adjust /etc/postfix/master.cf. Set DMARC after sending throuh AmaVIS.."
if $(grep -q -E "^\s*-o\s+smtpd_milters\s*=\s*.*opendkim.sock" /etc/postfix/master.cf 2> /dev/null) ; then _found=false
if $(grep -q -E "^\s*-o\s+smtpd_milters\s*=\s*.*$(basename ${opendmarc_socket_file})" /etc/postfix/master.cf); then _changed=false
echo_skipped tmp_master_file="/tmp/postfix_master.cf"
else > $tmp_master_file
perl -i -n -p -e "s&(^\s*-o\s+smtpd_milters\s*=.*)&\1,local:/$(basename "${opendmarc_socket_dir}")/$(basename "${opendmarc_socket_file}")&" \ while IFS='' read -r _line || [[ -n $_line ]] ; do
/etc/postfix/master.cf > $log_file 2>&1
if $_found && ! echo "$_line" | grep -i -q -E "^\s*-o" 2> /dev/null ; then
echo " -o smtpd_milters=local:/opendmarc/opendmarc.sock" >> "$tmp_master_file"
_changed=true
_found=false
fi
if $_found && echo "$_line" | grep -i -q -E "^\s*-o\s+smtpd_milters=\s*" ; then
_found=false
if ! echo "$_line" | grep -i -q -E "^\s*-o\s+smtpd_milters=\s*local:/opendmarc/opendmarc.sock\s*$" ; then
echo " -o smtpd_milters=local:/opendmarc/opendmarc.sock" >> "$tmp_master_file"
_changed=true
continue
fi
fi
if echo "$_line" | grep -i -q -E "^\s*(localhost|127.0.0.1):10025\s+inet\s+" 2> /dev/null ; then
_found=true
fi
echo "$_line" >> "$tmp_master_file"
done < "/etc/postfix/master.cf"
if $_changed ; then
cp $tmp_master_file /etc/postfix/master.cf 2> $log_file
postfix_needs_restart=true
if [[ $? -eq 0 ]] ; then if [[ $? -eq 0 ]] ; then
echo_ok echo_ok
postfix_needs_restart=true
else else
echo_failed echo_failed
error "$(cat $log_file)" error "$(cat $log_file)"
fi fi
fi
else else
echo_skipped echo_skipped
warn "Postfix is not adjusted. Complete Postfix configuration (master.cf) manually\!" info "Postfix (master.cf) was not changed - seems already be configured right."
echononl " Delete previosly saved file '/etc/postfix/master.cf'.."
rm /etc/postfix/master.cf.$backup_date 2> $log_file
if [[ $? -eq 0 ]] ; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi fi
rm -f $tmp_master_file
echo "" echo ""
@@ -781,20 +930,6 @@ else
echo_skipped echo_skipped
fi fi
echo ""
if [[ -f "/etc/postfix/master.cf.${backup_date}" ]] ; then
if $(diff "/etc/postfix/master.cf" "/etc/postfix/master.cf.${backup_date}"> /dev/null 2>&1) ; then
info "File \033[1m/etc/postfix/master.cf\033[m has not changed.\n\t Removing previos created backup.."
rm "/etc/postfix/master.cf.${backup_date}"
fi
fi
if [[ -f "/etc/postfix/main.cf.${backup_date}" ]] ; then
if $(diff "/etc/postfix/main.cf" "/etc/postfix/main.cf.${backup_date}"> /dev/null 2>&1) ; then
info "File \033[1m/etc/postfix/main.cf\033[m has not changed.\n\t Removing previos created backup.."
rm "/etc/postfix/main.cf.${backup_date}"
fi
fi
echo "" echo ""
rm -f "$log_file" rm -f "$log_file"

8
install_postfix_advanced.sh
View File

@@ -136,9 +136,11 @@ DEFAULT_INSTALL_DMARC_REPORT_SUPPORT=false
# - Is this a systemd system? # - Is this a systemd system?
# - # -
if [[ "X`which systemd`" = "X" ]]; then systemd_exists=false
systemd_exists=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
systemd_exists=true systemd_exists=true
fi fi

8
install_postfix_base.sh
View File

@@ -136,9 +136,11 @@ DEFAULT_REWRITE_SENDER_DOMAIN=None
# - Is this a systemd system? # - Is this a systemd system?
# - # -
if [[ "X`which systemd`" = "X" ]]; then systemd_exists=false
systemd_exists=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
systemd_exists=true systemd_exists=true
fi fi

8
install_postfwd.sh
View File

@@ -65,6 +65,14 @@ echo_skipped() {
echo -e "\033[80G[ \033[33m\033[1mskipped\033[m ]" echo -e "\033[80G[ \033[33m\033[1mskipped\033[m ]"
} }
systemd_exists=false
systemd=$(which systemd)
systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
systemd_exists=true
fi
## - Install Postfix Firewall Daemon from debian packages system ## - Install Postfix Firewall Daemon from debian packages system
## - ## -
echononl " Install Postfix Firewall Daemon from debian packages system" echononl " Install Postfix Firewall Daemon from debian packages system"

175
install_update_dovecot-2.4.sh
View File

@@ -964,9 +964,11 @@ delete_variable_with_comments() {
# - Support systemd ? # - Support systemd ?
# - # -
if [[ "X$(which systemd)" = "X" ]]; then SYSTEMD_EXISTS=false
SYSTEMD_EXISTS=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
SYSTEMD_EXISTS=true SYSTEMD_EXISTS=true
fi fi
@@ -1024,6 +1026,13 @@ if [[ "$database" != "postgres" ]] && [[ "$database" != "mysql" ]] ; then
fi fi
[[ -n "$dbpassword" ]] || fatal "Parameter "dbpassword" not set." [[ -n "$dbpassword" ]] || fatal "Parameter "dbpassword" not set."
lang="${msg_language,,}"
if [[ "$lang" =~ ^(en|us|en_us)$ ]]; then
msg_language="en"
else
msg_language="de"
fi
[[ -n "$from_address" ]] || fatal ""Parameter "from_address" not set."" [[ -n "$from_address" ]] || fatal ""Parameter "from_address" not set.""
[[ -n "$reply_to" ]] || fatal ""Parameter "reply_to" not set."" [[ -n "$reply_to" ]] || fatal ""Parameter "reply_to" not set.""
[[ -n "$webmailer" ]] || fatal ""Parameter "webmailer" not set."" [[ -n "$webmailer" ]] || fatal ""Parameter "webmailer" not set.""
@@ -2790,11 +2799,12 @@ fi
## - Compile dovecot ## - Compile dovecot
## - ## -
echononl " Compile Dovecot Sources.." echononl " Compile Dovecot Sources.."
make > ${_log_dir}/dovecot-${_version}-make.log 2>&1 || clean_up 1 make > ${_log_dir}/dovecot-${_version}-make.log 2>&1
if [ "$?" = 0 ]; then if [ "$?" = 0 ]; then
echo -e "$rc_done" echo -e "$rc_done"
else else
echo -e "$rc_failed" echo -e "$rc_failed"
echo -e "\n See file \033[1m${_log_dir}/dovecot-${_version}-make.log\033[m for more details."
fatal Compiling dovecot failed fatal Compiling dovecot failed
fi fi
@@ -7586,6 +7596,7 @@ if [[ $dovecot_major_version -gt 2 ]] \
read -r -d '' NEW_BLOCK <<EOF read -r -d '' NEW_BLOCK <<EOF
sieve_script personal { sieve_script personal {
type = personal # kann man schreiben, ist aber Default
driver = file driver = file
path = ~/sieve path = ~/sieve
active_path = ~/.dovecot.sieve active_path = ~/.dovecot.sieve
@@ -7603,6 +7614,8 @@ EOF
# personal # personal
# -------- # --------
# #
# ** Used by both the Sieve plugin and the ManageSieve protocol **
#
# The personal storage serves as the user's main personal storage. Although more than a single # The personal storage serves as the user's main personal storage. Although more than a single
# personal storage can be defined, only the first one listed in the configuration is used. # personal storage can be defined, only the first one listed in the configuration is used.
# #
@@ -7625,6 +7638,7 @@ EOF
# no default script is executed. # no default script is executed.
sieve_script personal { sieve_script personal {
type = personal # kann man schreiben, ist aber Default
driver = file driver = file
path = ~/sieve path = ~/sieve
active_path = ~/.dovecot.sieve active_path = ~/.dovecot.sieve
@@ -7637,16 +7651,17 @@ EOF
fi fi
if grep -qE "^\s*sieve_script\s+before\s*{" "${_conf_file}"; then if grep -qE "^\s*sieve_script\s+before_spam\s*{" "${_conf_file}"; then
read -r -d '' NEW_BLOCK <<EOF read -r -d '' NEW_BLOCK <<EOF
sieve_script before { sieve_script before_spam {
type = before
driver = file driver = file
path = /usr/local/dovecot/etc/dovecot/sieve/ path = /usr/local/dovecot/etc/dovecot/sieve/
} }
EOF EOF
replace_or_append_code_block "sieve_script before" "${NEW_BLOCK}" "${_conf_file}" >> "${log_file}" 2>&1 replace_or_append_code_block "sieve_script before_spam" "${NEW_BLOCK}" "${_conf_file}" >> "${log_file}" 2>&1
if [[ $? -gt 0 ]]; then if [[ $? -gt 0 ]]; then
_failed=true _failed=true
fi fi
@@ -7675,7 +7690,8 @@ EOF
# A before storage behaves identical to an after storage, except the contained script or # A before storage behaves identical to an after storage, except the contained script or
# scripts are run before user's personal script (instead of after). # scripts are run before user's personal script (instead of after).
sieve_script before { sieve_script before_spam {
type = before
driver = file driver = file
path = /usr/local/dovecot/etc/dovecot/sieve/ path = /usr/local/dovecot/etc/dovecot/sieve/
} }
@@ -7687,16 +7703,17 @@ EOF
fi fi
if grep -qE "^\s*sieve_script\s+global\s*{" "${_conf_file}"; then if grep -qE "^\s*sieve_script\s+global_includes\s*{" "${_conf_file}"; then
read -r -d '' NEW_BLOCK <<EOF read -r -d '' NEW_BLOCK <<EOF
sieve_script global { sieve_script global_includes {
type = global
driver = file driver = file
path = /usr/local/dovecot/etc/dovecot/sieve/global/ path = /usr/local/dovecot/etc/dovecot/sieve/global/
} }
EOF EOF
replace_or_append_code_block "sieve_script global" "${NEW_BLOCK}" "${_conf_file}" >> "${log_file}" 2>&1 replace_or_append_code_block "sieve_script global_includes" "${NEW_BLOCK}" "${_conf_file}" >> "${log_file}" 2>&1
if [[ $? -gt 0 ]]; then if [[ $? -gt 0 ]]; then
_failed=true _failed=true
fi fi
@@ -7745,7 +7762,8 @@ EOF
# storages are defined in the configuration until the script is found. The order can be # storages are defined in the configuration until the script is found. The order can be
# overridden by the sieve_script_precedence setting. # overridden by the sieve_script_precedence setting.
sieve_script global { sieve_script global_includes {
type = global
driver = file driver = file
path = /usr/local/dovecot/etc/dovecot/sieve/global/ path = /usr/local/dovecot/etc/dovecot/sieve/global/
} }
@@ -7776,6 +7794,32 @@ EOF
fi fi
_replace_key="sieve_max_redirects"
_replace_val=25
read -r -d '' COMMENT_BLOCK <<EOF
# sieve_max_redirects
#
# The maximum number of redirect actions that can be performed during a single script execution.
#
# Defaults to: 4
EOF
if grep -qE "^\s*${_replace_key}\s*=" "${_conf_file}"; then
replace_variable "${_replace_key}" "${_replace_val}" "${_conf_file}" 2>> "${log_file}" || _failed=true
else
cat <<EOF >> "${_conf_file}" 2>> "${log_file}" || _failed=true
${COMMENT_BLOCK}
${_replace_key} = ${_replace_val}
EOF
fi
else else
@@ -9875,6 +9919,46 @@ if [[ $dovecot_major_version -gt 2 ]] \
echononl " Create quota warning script.." echononl " Create quota warning script.."
## - create the user-warning script ## - create the user-warning script
## - ## -
if [[ "${msg_language}" == "en" ]] ; then
cat <<EOF >/usr/local/bin/quota-warning.sh
#!/usr/bin/env bash
# author: zhang huangbin <michaelbibby (at) gmail.com>
# purpose: send mail to notify user when his mailbox quota exceeds a
# specified limit.
# project: iredmail (http://www.iredmail.org/)
LANG=en_US.UTF-8
percent=\$1
user=\$2
cat << EOF | /usr/local/dovecot/libexec/dovecot/dovecot-lda -d \${user} -o quota_enforce=no
Date: `date +"%a, %e %b %Y %H:%M:%S %z"`
From: $from_address
Reply-to: $reply_to
To:\${user}
Subject: Quota warning - mailbox is ${percent}% full
content-type: text/plain;
charset=utf-8
Hello!
Your email inbox
\${user}
is over \${percent}% full. To continue receiving emails, please delete emails from your inbox on the server.
You can also use the webmail service:
$webmailer
After deleting emails, please remember to empty the trash folder as well.
Best regards
$salutation
${_EOF:-EOF}
EOF
else
cat <<EOF >/usr/local/bin/quota-warning.sh cat <<EOF >/usr/local/bin/quota-warning.sh
#!/usr/bin/env bash #!/usr/bin/env bash
@@ -9914,6 +9998,7 @@ Viele Grüße
$salutation $salutation
${_EOF:-EOF} ${_EOF:-EOF}
EOF EOF
fi
if [ "$?" = 0 ]; then if [ "$?" = 0 ]; then
echo -e "$rc_done" echo -e "$rc_done"
else else
@@ -9926,6 +10011,32 @@ EOF
echononl " Create quota warn-under script.." echononl " Create quota warn-under script.."
## - create the user-warning script ## - create the user-warning script
## - ## -
if [[ "${msg_language}" == "en" ]] ; then
cat <<EOF >/usr/local/bin/quota-warn-under.sh
cat << EOF | /usr/local/dovecot/libexec/dovecot/dovecot-lda -d \${user} -o quota_enforce=no
Date: \`date +"%a, %e %b %Y %H:%M:%S %z"\`
From: $from_address
Reply-to: $reply_to
To:\${user}
Subject: Mailbox quota: less than ${percent}% used
content-type: text/plain;
charset=utf-8
Your mailbox
\${user}
can now receive e-mail again.
Please note that, depending on how much space you have freed, your available storage may fill up again quickly.
You can check the current usage in your mail client or via the webmailer here:
$webmailer
Best regards
$salutation
${_EOF:-EOF}
EOF
else
cat <<EOF >/usr/local/bin/quota-warn-under.sh cat <<EOF >/usr/local/bin/quota-warn-under.sh
#!/usr/bin/env bash #!/usr/bin/env bash
@@ -9958,6 +10069,7 @@ Viele Grüße
$salutation $salutation
${_EOF:-EOF} ${_EOF:-EOF}
EOF EOF
fi
if [ "$?" = 0 ]; then if [ "$?" = 0 ]; then
echo -e "$rc_done" echo -e "$rc_done"
else else
@@ -10844,24 +10956,27 @@ EOF
replace_or_append_code_block "protocol sieve" "${NEW_BLOCK}" "${_conf_file}" || _failed=true replace_or_append_code_block "protocol sieve" "${NEW_BLOCK}" "${_conf_file}" || _failed=true
read -r -d '' NEW_BLOCK <<'EOF' # read -r -d '' NEW_BLOCK <<'EOF'
sieve_script personal { #sieve_script personal {
path = ~/sieve # type = personal # kann man schreiben, ist aber Default
active_path = ~/.dovecot.sieve # type = personal
} # driver = file
EOF # path = ~/sieve
if grep -qE "^\s*sieve_script\s+personal\s+{" "${_conf_file}"; then # active_path = ~/.dovecot.sieve
#}
replace_code_block "sieve_script personal" "${NEW_BLOCK}" "${_conf_file}" || _failed=true #EOF
# if grep -qE "^\s*sieve_script\s+personal\s+{" "${_conf_file}"; then
else #
# replace_code_block "sieve_script personal" "${NEW_BLOCK}" "${_conf_file}" || _failed=true
cat <<EOF >> "${_conf_file}" || _failed=true #
# else
# Used by both the Sieve plugin and the ManageSieve protocol #
${NEW_BLOCK} # cat <<EOF >> "${_conf_file}" || _failed=true
EOF #
fi ## Used by both the Sieve plugin and the ManageSieve protocol
#${NEW_BLOCK}
#EOF
# fi
if ! $_failed ; then if ! $_failed ; then

8
install_update_dovecot.sh
View File

@@ -148,9 +148,11 @@ detect_os_1 () {
# - Support systemd ? # - Support systemd ?
# - # -
if [[ "X$(which systemd)" = "X" ]]; then SYSTEMD_EXISTS=false
SYSTEMD_EXISTS=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
SYSTEMD_EXISTS=true SYSTEMD_EXISTS=true
fi fi

10
install_vacation.sh
View File

@@ -95,6 +95,16 @@ echo_skipped() {
echo -e "\033[75G[ \033[30m\033[1mskipped\033[m ]" echo -e "\033[75G[ \033[30m\033[1mskipped\033[m ]"
} }
# -Is systemd supported on this system?
# -
systemd_supported=false
systemd=$(which systemd)
systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
systemd_supported=true
fi
if [ "$POSTFIX_DB_TYPE" = "postgres" -o "$POSTFIX_DB_TYPE" = "postgresql" -o "$POSTFIX_DB_TYPE" = "pgsql" -o "$POSTFIX_DB_TYPE" = "psql" ];then if [ "$POSTFIX_DB_TYPE" = "postgres" -o "$POSTFIX_DB_TYPE" = "postgresql" -o "$POSTFIX_DB_TYPE" = "pgsql" -o "$POSTFIX_DB_TYPE" = "psql" ];then
POSTFIX_DB_TYPE=pgsql POSTFIX_DB_TYPE=pgsql

8
update_clamav-unofficial-sigs.sh
View File

@@ -182,9 +182,11 @@ fi
# - Is this a systemd system? # - Is this a systemd system?
# - # -
if [[ "X`which systemd`" = "X" ]]; then systemd_exists=false
systemd_exists=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
systemd_exists=true systemd_exists=true
fi fi

8
update_postfix_dh_parameters.sh
View File

@@ -126,9 +126,11 @@ DEFAULT_SASL_AUTH=false
# - Is this a systemd system? # - Is this a systemd system?
# - # -
if [[ "X`which systemd`" = "X" ]]; then systemd_exists=false
systemd_exists=false systemd=$(which systemd)
else systemctl=$(which systemctl)
if [[ -n "$systemd" ]] || [[ -n "$systemctl" ]] ; then
systemd_exists=true systemd_exists=true
fi fi