335 lines
9.4 KiB
Bash
Executable File
335 lines
9.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# -------------
|
|
# --- Some functions
|
|
# -------------
|
|
clean_up() {
|
|
|
|
# Perform program exit housekeeping
|
|
rm -f $tmp_err_msg
|
|
echo ""
|
|
exit $1
|
|
}
|
|
|
|
echononl(){
|
|
echo X\\c > /tmp/shprompt$$
|
|
if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
|
|
echo -e -n "$*\\c" 1>&2
|
|
else
|
|
echo -e -n "$*" 1>&2
|
|
fi
|
|
rm /tmp/shprompt$$
|
|
}
|
|
|
|
fatal(){
|
|
echo ""
|
|
echo ""
|
|
echo -e "Fatal error: $*"
|
|
echo ""
|
|
echo -e "\t\033[31m\033[1mInstalllation will be interrupted\033[m\033[m"
|
|
echo ""
|
|
clean_up 1
|
|
}
|
|
|
|
error(){
|
|
echo ""
|
|
echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*"
|
|
echo ""
|
|
}
|
|
|
|
warn (){
|
|
echo ""
|
|
echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*"
|
|
echo ""
|
|
}
|
|
|
|
info (){
|
|
echo ""
|
|
echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*"
|
|
echo ""
|
|
}
|
|
|
|
echo_done() {
|
|
echo -e "\033[80G[ \033[32mdone\033[m ]"
|
|
}
|
|
echo_ok() {
|
|
echo -e "\033[80G[ \033[32mok\033[m ]"
|
|
}
|
|
echo_warning() {
|
|
echo -e "\033[80G[ \033[33m\033[1mwarn\033[m ]"
|
|
}
|
|
echo_failed(){
|
|
echo -e "\033[80G[ \033[1;31mfailed\033[m ]"
|
|
}
|
|
echo_skipped() {
|
|
echo -e "\033[80G[ \033[33m\033[1mskipped\033[m ]"
|
|
}
|
|
detect_os_1 () {
|
|
|
|
if $(which lsb_release > /dev/null 2>&1) ; then
|
|
|
|
os_dist="$(lsb_release -i | awk '{print tolower($3)}')"
|
|
os_version="$(lsb_release -r | awk '{print tolower($2)}')"
|
|
os_codename="$(lsb_release -c | awk '{print tolower($2)}')"
|
|
|
|
if [[ "$os_dist" = "debian" ]]; then
|
|
if $(echo "$os_version" | grep -q '\.') ; then
|
|
os_version=$(echo "$os_version" | cut --delimiter='.' -f1)
|
|
fi
|
|
fi
|
|
|
|
elif [[ -e "/etc/os-release" ]]; then
|
|
|
|
. /etc/os-release
|
|
|
|
os_dist=$ID
|
|
os_version=${VERSION_ID}
|
|
|
|
fi
|
|
|
|
# remove whitespace from os_dist and os_version
|
|
os_dist="${os_dist// /}"
|
|
os_version="${os_version// /}"
|
|
|
|
}
|
|
trim() {
|
|
local var="$*"
|
|
var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters
|
|
var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters
|
|
echo -n "$var"
|
|
}
|
|
|
|
|
|
# -------------
|
|
# --- Some default settings
|
|
# -------------
|
|
|
|
DEFAULT_ADMIN_EMAIL="argus@oopen.de"
|
|
|
|
|
|
# - Is this a systemd system?
|
|
# -
|
|
if [[ "X`which systemd`" = "X" ]]; then
|
|
systemd_exists=false
|
|
else
|
|
systemd_exists=true
|
|
fi
|
|
|
|
FORCE_UPDATE=""
|
|
UPDATED=false
|
|
|
|
if [[ -f "/etc/postfix/header_checks.pcre" ]] \
|
|
|| [[ -f "/etc/postfix/body_check.pcre" ]] \
|
|
|| [[ -f "/etc/postfix/mime_header_check.pcre" ]]; then
|
|
|
|
echo ""
|
|
echo -e "\033[32m--\033[m"
|
|
echo ""
|
|
echo " Header/MIME-Header/Body Checks"
|
|
echo ""
|
|
echo " At least one PCRE check file exits. Should these files be updated?"
|
|
echo ""
|
|
echo -e " \033[33mType <return> to choose the highlighted value\033[m"
|
|
echo ""
|
|
echo ""
|
|
echononl " Force update existing header/mime-header/body checks? [\033[1;33myes\033[m/no]: "
|
|
|
|
read FORCE_UPDATE
|
|
FORCE_UPDATE=${FORCE_UPDATE,,}
|
|
FORCE_UPDATE="$(trim "$FORCE_UPDATE")"
|
|
|
|
if [[ -z "$FORCE_UPDATE" ]] || [[ "$FORCE_UPDATE" = "yes" ]]; then
|
|
FORCE_UPDATE=true
|
|
elif [[ "$FORCE_UPDATE" = "no" ]]; then
|
|
FORCE_UPDATE=false
|
|
else
|
|
FORCE_UPDATE=""
|
|
fi
|
|
|
|
while [[ -z "$FORCE_UPDATE" ]] ; do
|
|
|
|
echononl " Wrong entry! [\033[1myes\033[m/no]: "
|
|
|
|
read FORCE_UPDATE
|
|
FORCE_UPDATE=${FORCE_UPDATE,,}
|
|
FORCE_UPDATE="$(trim "$FORCE_UPDATE")"
|
|
|
|
if [[ -z "$FORCE_UPDATE" ]] || [[ "$FORCE_UPDATE" = "yes" ]]; then
|
|
FORCE_UPDATE=true
|
|
elif [[ "$FORCE_UPDATE" = "no" ]]; then
|
|
FORCE_UPDATE=false
|
|
else
|
|
FORCE_UPDATE=""
|
|
fi
|
|
|
|
done
|
|
|
|
echo ""
|
|
echo " FORCE_UPDATE.....: $FORCE_UPDATE"
|
|
echo ""
|
|
echononl " Continue (yes/no): "
|
|
read OK
|
|
OK=${OK,,}
|
|
while [ "X$OK" != "Xyes" -a "X$OK" != "Xno" ]; do
|
|
echononl " Wrong entry! [yes/no]: "
|
|
read OK
|
|
OK=${OK,,}
|
|
done
|
|
[ $OK = "yes" ] || fatal Repeat with other settings..
|
|
|
|
echo ""
|
|
echo -e "\033[32m--\033[m"
|
|
echo ""
|
|
|
|
else
|
|
FORCE_UPDATE="true"
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
_file="/etc/postfix/header_checks.pcre"
|
|
echononl " Create file '$_file' used for header replacing"
|
|
if $FORCE_UPDATE ; then
|
|
cat << EOF > "$_file"
|
|
# ---
|
|
# - Replace headers
|
|
# ---
|
|
|
|
# - Replace recieved from
|
|
#/^Received: from (.* \([-._[:alnum:]]+ \[[.[:digit:]]{7,15}\]\)).*?([[:space:]]+).*\(Authenticated sender: ([^)]+)\)(.*)/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])\$2(Authenticated sender: \$3)\$4
|
|
|
|
|
|
# ---
|
|
# - Ignore Headers
|
|
# ---
|
|
|
|
#/^\s*User-Agent/ IGNORE
|
|
#/^\s*X-Enigmail/ IGNORE
|
|
#/^\s*X-Mailer/ IGNORE
|
|
#/^\s*X-Originating-IP/ IGNORE
|
|
|
|
|
|
# ---
|
|
# - Reject / Discard headers
|
|
# ---
|
|
|
|
/^To:.*<>/ DISCARD Possible SPAM Blank email address To: header - Header-Spamschutzregel T0-1001
|
|
|
|
/\(envelope-from <>\)/ REJECT Possible SPAM - Header-Spamschutzregel RECIEV-1001
|
|
|
|
/^Reply-To: .+\@inx1and1\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1001
|
|
/^Reply-To: .+\@ppe-healthcare-europe\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1002
|
|
/^Reply-To: .+\@testbedarf.shop/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1003
|
|
/^Reply-To: .+\@acieu\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1004
|
|
/^Reply-To: .+\@acievents\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1005
|
|
/^Reply-To: .+\@dokpotenz\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1006
|
|
/^Reply-To: .+\@doktorapo\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1007
|
|
/^Reply-To: .+\@sendelope.eu/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1008
|
|
/^Reply-To: .+\@team-de-luxe\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1009
|
|
/^Reply-To: .+\@klickensiejetzt\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1010
|
|
/^Reply-To: .+\@podiumskate\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1011
|
|
/^Reply-To: videotech\@gmx\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1012
|
|
/^Reply-To: stdukefoundation@hotmail.com/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1013
|
|
|
|
/^From:.*<>/ DISCARD Possible SPAM - Header-Spamschutzregel FROM-1001
|
|
/^From: .+\@inx1and1\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1002
|
|
/^From: .+\@ppe-healthcare-europe\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1003
|
|
/^From: .+\@testbedarf.shop/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1004
|
|
/^From: .+\@acieu\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1005
|
|
/^From: .+\@acievents\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1006
|
|
/^From: .+\@dokpotenz\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1007
|
|
/^From: .+\@doktorapo\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1008
|
|
/^From: .+\@sendelope.eu/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1009
|
|
/^From: .+\@team-de-luxe\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1010
|
|
/^From: .+\@klickensiejetzt\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1011
|
|
/^From: .+\@podiumskate\..+/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1012
|
|
/^From: .+\@growthrecords.com/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1013
|
|
|
|
/^Date: .* 19[0-9][0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1001
|
|
/^Date: .* 200[0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1002
|
|
/^Date: .* 201[0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1003
|
|
/^Date: .* 2020/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1004
|
|
EOF
|
|
if [[ $? -eq 0 ]] ; then
|
|
echo_ok
|
|
UPDATED=true
|
|
else
|
|
echo_failed
|
|
fi
|
|
else
|
|
echo_skipped
|
|
fi
|
|
|
|
|
|
_file="/etc/postfix/mime_header_check.pcre"
|
|
echononl " Create file '$_file' used for header replacing"
|
|
if $FORCE_UPDATE ; then
|
|
cat << EOF > "$_file"
|
|
# ---
|
|
# - Check MIME-Headers
|
|
# ---
|
|
|
|
/name=[^>]*\.exe/ REJECT No .exe files allowed - Mime--Spamschutzregel EXE-1001
|
|
/name=[^>]*\.bat/ REJECT No .bat files allowed - Mime--Spamschutzregel BAT-1002
|
|
/name=[^>](screensaver|movie)\.zip/ REJECT Sobig Virus found - Mime-Spamschutzregel VIR-1003
|
|
EOF
|
|
if [[ $? -eq 0 ]] ; then
|
|
echo_ok
|
|
UPDATED=true
|
|
else
|
|
echo_failed
|
|
fi
|
|
else
|
|
echo_skipped
|
|
fi
|
|
|
|
|
|
_file="/etc/postfix/body_check.pcre"
|
|
echononl " Create file '$_file' used for header replacing"
|
|
if $FORCE_UPDATE ; then
|
|
cat << EOF > "$_file"
|
|
# ---
|
|
# - Body Checks
|
|
# ---
|
|
|
|
/See the attached file for details/ REJECT Sobig Virus found. - Body-Spamschutzregel TEXT-1001
|
|
|
|
/.*https?:\/\/click2eat.shop\/Installer\/updatedwebmails/ REJECT Maype fishing E-Mail credentials - Body-Spamschutzregel TEXT-1002
|
|
EOF
|
|
if [[ $? -eq 0 ]] ; then
|
|
echo_ok
|
|
UPDATED=true
|
|
else
|
|
echo_failed
|
|
fi
|
|
else
|
|
echo_skipped
|
|
fi
|
|
|
|
|
|
if $UPDATED ; then
|
|
echo ""
|
|
echo ""
|
|
echononl " Reload postfix daemon"
|
|
if $systemd_exists ; then
|
|
systemctl reload postfix 2> /dev/null
|
|
if [[ $? -eq 0 ]] ; then
|
|
echo_ok
|
|
else
|
|
echo_failed
|
|
fi
|
|
else
|
|
/etc/init.d/postfix reload 2> /dev/null
|
|
if [[ $? -eq 0 ]] ; then
|
|
echo_ok
|
|
else
|
|
echo_failed
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
|
|
clean_up 0
|