2023-02-26 10:42:14 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
2023-04-16 12:09:00 +00:00
|
|
|
# Just a helper to prepend the log messages with `(Postfix setup)` so
|
|
|
|
# users know exactly where the message originated from.
|
|
|
|
#
|
|
|
|
# @param ${1} = log level
|
|
|
|
# @param ${2} = message
|
|
|
|
function __postfix__log { _log "${1:-}" "(Postfix setup) ${2:-}" ; }
|
|
|
|
|
2023-05-25 23:01:41 +00:00
|
|
|
function _setup_postfix_early() {
|
2023-04-16 12:09:00 +00:00
|
|
|
_log 'debug' 'Configuring Postfix (early setup)'
|
2023-02-26 10:42:14 +00:00
|
|
|
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' 'Applying hostname and domainname'
|
|
|
|
postconf "myhostname = ${HOSTNAME}"
|
|
|
|
postconf "mydomain = ${DOMAINNAME}"
|
2023-02-26 10:42:14 +00:00
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ ${POSTFIX_INET_PROTOCOLS} != 'all' ]]; then
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' 'Setting up POSTFIX_INET_PROTOCOLS option'
|
|
|
|
postconf "inet_protocols = ${POSTFIX_INET_PROTOCOLS}"
|
2023-02-26 10:42:14 +00:00
|
|
|
fi
|
|
|
|
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' "Configuring SASLauthd"
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ ${ENABLE_SASLAUTHD} -eq 1 ]] && [[ ! -f /etc/postfix/sasl/smtpd.conf ]]; then
|
2023-02-26 10:42:14 +00:00
|
|
|
cat >/etc/postfix/sasl/smtpd.conf << EOF
|
|
|
|
pwcheck_method: saslauthd
|
|
|
|
mech_list: plain login
|
|
|
|
EOF
|
|
|
|
fi
|
|
|
|
|
2023-12-05 04:16:39 +00:00
|
|
|
# User has explicitly requested to disable SASL auth:
|
|
|
|
# TODO: Additive config by feature would be better. Should only enable SASL auth
|
|
|
|
# on submission(s) services in master.cf when SASLAuthd or Dovecot is enabled.
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ ${ENABLE_SASLAUTHD} -eq 0 ]] && [[ ${SMTP_ONLY} -eq 1 ]]; then
|
2023-12-05 04:16:39 +00:00
|
|
|
# Default for services (eg: Port 25); NOTE: This has since become the default:
|
2023-02-26 10:42:14 +00:00
|
|
|
sed -i -E \
|
|
|
|
's|^smtpd_sasl_auth_enable =.*|smtpd_sasl_auth_enable = no|g' \
|
|
|
|
/etc/postfix/main.cf
|
2023-12-05 04:16:39 +00:00
|
|
|
# Submission services that are explicitly enabled by default:
|
2023-02-26 10:42:14 +00:00
|
|
|
sed -i -E \
|
|
|
|
's|^ -o smtpd_sasl_auth_enable=.*| -o smtpd_sasl_auth_enable=no|g' \
|
|
|
|
/etc/postfix/master.cf
|
|
|
|
fi
|
|
|
|
|
2023-12-05 04:16:39 +00:00
|
|
|
# scripts/helpers/aliases.sh:_create_aliases()
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' 'Setting up aliases'
|
2023-02-26 10:42:14 +00:00
|
|
|
_create_aliases
|
|
|
|
|
2023-12-05 04:16:39 +00:00
|
|
|
# scripts/helpers/postfix.sh:_create_postfix_vhost()
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' 'Setting up Postfix vhost'
|
2023-02-26 10:42:14 +00:00
|
|
|
_create_postfix_vhost
|
|
|
|
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' 'Setting up DH Parameters'
|
|
|
|
_setup_dhparam 'Postfix' '/etc/postfix/dhparams.pem'
|
|
|
|
|
|
|
|
__postfix__log 'trace' "Configuring message size limit to '${POSTFIX_MESSAGE_SIZE_LIMIT}'"
|
|
|
|
postconf "message_size_limit = ${POSTFIX_MESSAGE_SIZE_LIMIT}"
|
2023-02-28 09:25:23 +00:00
|
|
|
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' "Configuring mailbox size limit to '${POSTFIX_MAILBOX_SIZE_LIMIT}'"
|
|
|
|
postconf "mailbox_size_limit = ${POSTFIX_MAILBOX_SIZE_LIMIT}"
|
|
|
|
|
|
|
|
__postfix__log 'trace' "Configuring virtual mailbox size limit to '${POSTFIX_MAILBOX_SIZE_LIMIT}'"
|
|
|
|
postconf "virtual_mailbox_limit = ${POSTFIX_MAILBOX_SIZE_LIMIT}"
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ ${POSTFIX_REJECT_UNKNOWN_CLIENT_HOSTNAME} -eq 1 ]]; then
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' 'Enabling reject_unknown_client_hostname to dms_smtpd_sender_restrictions'
|
|
|
|
sedfile -i -E \
|
|
|
|
's|^(dms_smtpd_sender_restrictions = .*)|\1, reject_unknown_client_hostname|' \
|
|
|
|
/etc/postfix/main.cf
|
|
|
|
fi
|
2023-12-05 04:16:39 +00:00
|
|
|
|
|
|
|
# Dovecot feature integration
|
|
|
|
# TODO: Alias SMTP_ONLY=0 to DOVECOT_ENABLED=1?
|
|
|
|
if [[ ${SMTP_ONLY} -ne 1 ]]; then
|
|
|
|
__postfix__log 'trace' 'Configuring Postfix with Dovecot integration'
|
|
|
|
|
|
|
|
# /etc/postfix/vmailbox is created by: scripts/helpers/accounts.sh:_create_accounts()
|
|
|
|
# This file config is for Postfix to verify a mail account exists before accepting
|
|
|
|
# mail arriving and delivering it to Dovecot over LMTP.
|
2023-12-10 21:22:31 +00:00
|
|
|
if [[ ${ACCOUNT_PROVISIONER} == 'FILE' ]]; then
|
|
|
|
postconf 'virtual_mailbox_maps = texthash:/etc/postfix/vmailbox'
|
|
|
|
fi
|
2023-12-05 04:16:39 +00:00
|
|
|
postconf 'virtual_transport = lmtp:unix:/var/run/dovecot/lmtp'
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [[ -n ${POSTFIX_DAGENT} ]]; then
|
|
|
|
__postfix__log 'trace' "Changing virtual transport to '${POSTFIX_DAGENT}'"
|
|
|
|
postconf "virtual_transport = ${POSTFIX_DAGENT}"
|
|
|
|
fi
|
2023-02-26 10:42:14 +00:00
|
|
|
}
|
|
|
|
|
2023-05-25 23:01:41 +00:00
|
|
|
function _setup_postfix_late() {
|
2023-04-16 12:09:00 +00:00
|
|
|
_log 'debug' 'Configuring Postfix (late setup)'
|
2023-02-28 09:25:23 +00:00
|
|
|
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' 'Configuring user access'
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -f /tmp/docker-mailserver/postfix-send-access.cf ]]; then
|
2023-04-18 09:08:19 +00:00
|
|
|
sed -i -E 's|(smtpd_sender_restrictions =)|\1 check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf,|' /etc/postfix/main.cf
|
2023-04-16 12:09:00 +00:00
|
|
|
fi
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -f /tmp/docker-mailserver/postfix-receive-access.cf ]]; then
|
2023-04-16 12:09:00 +00:00
|
|
|
sed -i -E 's|(smtpd_recipient_restrictions =)|\1 check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf,|' /etc/postfix/main.cf
|
|
|
|
fi
|
|
|
|
|
|
|
|
__postfix__log 'trace' 'Configuring relay host'
|
|
|
|
_setup_relayhost
|
|
|
|
|
|
|
|
__postfix__setup_override_configuration
|
2023-02-26 10:42:14 +00:00
|
|
|
}
|
|
|
|
|
2023-05-25 23:01:41 +00:00
|
|
|
function __postfix__setup_override_configuration() {
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'debug' 'Overriding / adjusting configuration with user-supplied values'
|
2023-02-26 10:42:14 +00:00
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -f /tmp/docker-mailserver/postfix-main.cf ]]; then
|
2023-02-26 10:42:14 +00:00
|
|
|
cat /tmp/docker-mailserver/postfix-main.cf >>/etc/postfix/main.cf
|
|
|
|
_adjust_mtime_for_postfix_maincf
|
|
|
|
|
|
|
|
# do not directly output to 'main.cf' as this causes a read-write-conflict
|
|
|
|
postconf -n >/tmp/postfix-main-new.cf 2>/dev/null
|
|
|
|
|
|
|
|
mv /tmp/postfix-main-new.cf /etc/postfix/main.cf
|
|
|
|
_adjust_mtime_for_postfix_maincf
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' "Adjusted '/etc/postfix/main.cf' according to '/tmp/docker-mailserver/postfix-main.cf'"
|
2023-02-26 10:42:14 +00:00
|
|
|
else
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' "No extra Postfix settings loaded because optional '/tmp/docker-mailserver/postfix-main.cf' was not provided"
|
2023-02-26 10:42:14 +00:00
|
|
|
fi
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -f /tmp/docker-mailserver/postfix-master.cf ]]; then
|
2023-05-25 23:39:39 +00:00
|
|
|
while read -r LINE; do
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ ${LINE} =~ ^[0-9a-z] ]]; then
|
2023-02-26 10:42:14 +00:00
|
|
|
postconf -P "${LINE}"
|
|
|
|
fi
|
|
|
|
done < /tmp/docker-mailserver/postfix-master.cf
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' "Adjusted '/etc/postfix/master.cf' according to '/tmp/docker-mailserver/postfix-master.cf'"
|
2023-02-26 10:42:14 +00:00
|
|
|
else
|
2023-04-16 12:09:00 +00:00
|
|
|
__postfix__log 'trace' "No extra Postfix settings loaded because optional '/tmp/docker-mailserver/postfix-master.cf' was not provided"
|
2023-02-26 10:42:14 +00:00
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2023-05-25 23:01:41 +00:00
|
|
|
function _setup_SRS() {
|
2023-02-26 10:42:14 +00:00
|
|
|
_log 'debug' 'Setting up SRS'
|
|
|
|
|
|
|
|
postconf 'sender_canonical_maps = tcp:localhost:10001'
|
|
|
|
postconf "sender_canonical_classes = ${SRS_SENDER_CLASSES}"
|
|
|
|
postconf 'recipient_canonical_maps = tcp:localhost:10002'
|
|
|
|
postconf 'recipient_canonical_classes = envelope_recipient,header_recipient'
|
2023-03-02 16:44:01 +00:00
|
|
|
|
2023-05-25 23:01:41 +00:00
|
|
|
function __generate_secret() {
|
2023-03-02 16:44:01 +00:00
|
|
|
(
|
|
|
|
umask 0077
|
|
|
|
dd if=/dev/urandom bs=24 count=1 2>/dev/null | base64 -w0 >"${1}"
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
2023-03-12 11:10:45 +00:00
|
|
|
local POSTSRSD_SECRET_FILE
|
2023-03-02 16:44:01 +00:00
|
|
|
|
|
|
|
sed -i "s/localdomain/${SRS_DOMAINNAME}/g" /etc/default/postsrsd
|
|
|
|
|
|
|
|
POSTSRSD_SECRET_FILE='/etc/postsrsd.secret'
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -n ${SRS_SECRET} ]]; then
|
2023-03-02 16:44:01 +00:00
|
|
|
(
|
|
|
|
umask 0077
|
|
|
|
echo "${SRS_SECRET}" | tr ',' '\n' >"${POSTSRSD_SECRET_FILE}"
|
|
|
|
)
|
|
|
|
else
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ ! -f ${POSTSRSD_SECRET_FILE} ]]; then
|
2023-03-02 16:44:01 +00:00
|
|
|
__generate_secret "${POSTSRSD_SECRET_FILE}"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2023-05-24 07:06:59 +00:00
|
|
|
if [[ -n ${SRS_EXCLUDE_DOMAINS} ]]; then
|
2023-04-18 15:07:08 +00:00
|
|
|
sedfile -i -E \
|
|
|
|
"s|^#?(SRS_EXCLUDE_DOMAINS=).*|\1${SRS_EXCLUDE_DOMAINS}|" \
|
2023-03-02 16:44:01 +00:00
|
|
|
/etc/default/postsrsd
|
|
|
|
fi
|
2023-02-26 10:42:14 +00:00
|
|
|
}
|