docker-mailserver/target/bin/restrict-access

#! /bin/bash

# shellcheck source=../scripts/helper-functions.sh
. /usr/local/bin/helper-functions.sh

MODE="${1}"
USER="${3}"

function usage  {	echo "Usage: ${0} <add|del|list> <send|receive> [<email@domain.com>]" ; }

[[ -z ${MODE} ]] && errex "missing parameters: <add|del|list> <send|receive> [<email@domain.com>]"

case ${2} in
  send)
    DATABASE="/tmp/docker-mailserver/postfix-send-access.cf"
    ;;
  receive)
    DATABASE="/tmp/docker-mailserver/postfix-receive-access.cf"
    ;;
  *)
    usage
    errex "missing parameters. Specify \"send\" or \"receive\""
    ;;
esac

if [[ -z ${USER} ]] && [[ ${MODE} != list ]]
then
  read -r -p "User(user@domain.com): " USER
  echo
  [[ -z ${USER} ]] && errex "User must not be empty"
fi

case ${MODE} in
  add)
    grep -qi "^$(escape "${USER}")" "${DATABASE}" 2>/dev/null && errex "User \"${USER}\" already denied to ${2} mails"

    if [[ ! -f ${DATABASE} ]]
    then
      # shellcheck disable=SC2015
      [[ ${DATABASE} = *"send"* ]] && \
          sed -i 's|smtpd_sender_restrictions =|smtpd_sender_restrictions = check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf,|' /etc/postfix/main.cf \
        || sed -i 's|smtpd_recipient_restrictions =|smtpd_recipient_restrictions = check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf,|' /etc/postfix/main.cf

      service postfix reload >/dev/null
    fi

    echo -e "${USER} \t\t REJECT" >>"${DATABASE}"
  ;;

  del)
    sed -ie "/^$(escape "${USER}")/d" "${DATABASE}" 2>/dev/null || errex "User \"${USER}\" not found."
  ;;

  list)
    grep "REJECT" "${DATABASE}" 2>/dev/null || echo "Everyone is allowed to ${2} mails."
    ;;
  *)
    usage
    errex "missing mode. Specify \"add\", \"del\" or \"list\""
  ;;

esac
Restrict access (Closes #452, #816) new setup.sh function, new tests, new script 2018-02-07 20:33:07 +00:00			`#! /bin/bash`

Final Migration Step (#6) * first migration steps * altered issue templates * altered README * removed .travis.yml * adjusting registry & repository, Dockerfile and compose.env * Close stale issues automatically * Integrated CI with Github Actions (#3) * feat: integrated ci with github actions * fix: use secrets for docker org and update image * docs: clarify why we use -t if no tty exists * fix: correct remaining references to old repo chore: prettier automatically updated markdown as well * fix: hardcode docker org * change testing image to just testing * ci: add armv7 as a supported platform * finished migration steps * corrected linting in build-push action * corrected linting in build-push action (2) * minor preps for PR * correcting push on pull request and minor details * adjusted workflows to adhere closer to @wernerfred's diagram * minor patches * adjusting Dockerfile's installation of base packages * adjusting schedule for stale issue action * reverting license text * improving CONTRIBUTING.md PR text * Update CONTRIBUTING.md * a bigger patch at the end * moved all scripts into one directory under target/scripts/ * moved the quota-warning.sh script into target/scripts/ and removed empty directory /target/dovecot/scripts * minor fixes here and there * adjusted workflows for use a fully qualified name (i.e. docker.io/...) * improved on the Dockerfile layer count * corrected local tests - now they (actually) work (fine)! * corrected start-mailserver.sh to make use of defaults consistently * removed very old, deprecated variables (actually only one) * various smaller improvements in the end * last commit before merging #6 * rearranging variables to use alphabetic order Co-authored-by: casperklein <casperklein@users.noreply.github.com> Co-authored-by: Nick Pappas <radicand@users.noreply.github.com> Co-authored-by: William Desportes <williamdes@wdes.fr> 2021-01-16 09:16:05 +00:00			`# shellcheck source=../scripts/helper-functions.sh`
			`. /usr/local/bin/helper-functions.sh`
Restrict access (Closes #452, #816) new setup.sh function, new tests, new script 2018-02-07 20:33:07 +00:00
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`MODE="${1}"`
			`USER="${3}"`
Restrict access (Closes #452, #816) new setup.sh function, new tests, new script 2018-02-07 20:33:07 +00:00
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`function usage { echo "Usage: ${0} <add\|del\|list> <send\|receive> [<email@domain.com>]" ; }`
Restrict access (Closes #452, #816) new setup.sh function, new tests, new script 2018-02-07 20:33:07 +00:00
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`[[ -z ${MODE} ]] && errex "missing parameters: <add\|del\|list> <send\|receive> [<email@domain.com>]"`
Restrict access (Closes #452, #816) new setup.sh function, new tests, new script 2018-02-07 20:33:07 +00:00
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`case ${2} in`
			`send)`
			`DATABASE="/tmp/docker-mailserver/postfix-send-access.cf"`
			`;;`
			`receive)`
			`DATABASE="/tmp/docker-mailserver/postfix-receive-access.cf"`
			`;;`
			`*)`
			`usage`
			`errex "missing parameters. Specify \"send\" or \"receive\""`
			`;;`
Restrict access (Closes #452, #816) new setup.sh function, new tests, new script 2018-02-07 20:33:07 +00:00			`esac`

Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`if [[ -z ${USER} ]] && [[ ${MODE} != list ]]`
			`then`
			`read -r -p "User(user@domain.com): " USER`
			`echo`
			`[[ -z ${USER} ]] && errex "User must not be empty"`
Restrict access (Closes #452, #816) new setup.sh function, new tests, new script 2018-02-07 20:33:07 +00:00			`fi`

Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`case ${MODE} in`
			`add)`
			`grep -qi "^$(escape "${USER}")" "${DATABASE}" 2>/dev/null && errex "User \"${USER}\" already denied to ${2} mails"`

			`if [[ ! -f ${DATABASE} ]]`
			`then`
			`# shellcheck disable=SC2015`
			`[[ ${DATABASE} = "send" ]] && \`
			`sed -i 's\|smtpd_sender_restrictions =\|smtpd_sender_restrictions = check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf,\|' /etc/postfix/main.cf \`
			`\|\| sed -i 's\|smtpd_recipient_restrictions =\|smtpd_recipient_restrictions = check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf,\|' /etc/postfix/main.cf`
postscreen implementation altered (#846) * new setup.sh function, new tests, new script and some minor updates to main.cf * fix for missing files * removed obsolete test-files * restart postfix if neccessary. * see pr #845 * fixed typo * fixed branchmixup * changed postfix reload command & changed to operate on container instead of image * reload postfix only on adding new restriction * main.cf is only changed when user is added. - Postfix reload changed - working on container instead of image now in setup.sh - added cleanup after tests * moved cleanup to makefile 2018-02-18 12:29:43 +00:00
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`service postfix reload >/dev/null`
			`fi`
postscreen implementation altered (#846) * new setup.sh function, new tests, new script and some minor updates to main.cf * fix for missing files * removed obsolete test-files * restart postfix if neccessary. * see pr #845 * fixed typo * fixed branchmixup * changed postfix reload command & changed to operate on container instead of image * reload postfix only on adding new restriction * main.cf is only changed when user is added. - Postfix reload changed - working on container instead of image now in setup.sh - added cleanup after tests * moved cleanup to makefile 2018-02-18 12:29:43 +00:00
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`echo -e "${USER} \t\t REJECT" >>"${DATABASE}"`
			`;;`

			`del)`
			`sed -ie "/^$(escape "${USER}")/d" "${DATABASE}" 2>/dev/null \|\| errex "User \"${USER}\" not found."`
			`;;`

			`list)`
			`grep "REJECT" "${DATABASE}" 2>/dev/null \|\| echo "Everyone is allowed to ${2} mails."`
Restrict access (Closes #452, #816) new setup.sh function, new tests, new script 2018-02-07 20:33:07 +00:00			`;;`
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`*)`
			`usage`
			`errex "missing mode. Specify \"add\", \"del\" or \"list\""`
			`;;`
postscreen implementation altered (#846) * new setup.sh function, new tests, new script and some minor updates to main.cf * fix for missing files * removed obsolete test-files * restart postfix if neccessary. * see pr #845 * fixed typo * fixed branchmixup * changed postfix reload command & changed to operate on container instead of image * reload postfix only on adding new restriction * main.cf is only changed when user is added. - Postfix reload changed - working on container instead of image now in setup.sh - added cleanup after tests * moved cleanup to makefile 2018-02-18 12:29:43 +00:00
Complete Refactor for `target/bin` (#1654) * documentation and script updates trying to fix #1647 * preparations for refactoring target/bin/ * complete refactor for target/bin/ * changing script output slightly * outsourcing functions in `bin-helper.sh` * re-wrote linting to allow for proper shellcheck -x execution * show explanation for shellcheck ignore * adding some more information 2020-10-21 16:16:32 +00:00			`esac`