2021-11-20 20:33:49 +00:00
|
|
|
#! /bin/bash
|
|
|
|
# Support for Relay Hosts
|
|
|
|
|
|
|
|
function _relayhost_default_port_fallback
|
|
|
|
{
|
|
|
|
RELAY_PORT=${RELAY_PORT:-25}
|
|
|
|
}
|
|
|
|
|
|
|
|
# setup /etc/postfix/sasl_passwd
|
|
|
|
# --
|
|
|
|
# @domain1.com postmaster@domain1.com:your-password-1
|
|
|
|
# @domain2.com postmaster@domain2.com:your-password-2
|
|
|
|
# @domain3.com postmaster@domain3.com:your-password-3
|
|
|
|
#
|
|
|
|
# [smtp.mailgun.org]:587 postmaster@domain2.com:your-password-2
|
|
|
|
function _relayhost_sasl
|
|
|
|
{
|
|
|
|
if [[ ! -f /tmp/docker-mailserver/postfix-sasl-password.cf ]] && [[ -z ${RELAY_USER} || -z ${RELAY_PASSWORD} ]]
|
|
|
|
then
|
|
|
|
_notify 'warn' "No relay auth file found and no default set"
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [[ -f /tmp/docker-mailserver/postfix-sasl-password.cf ]]
|
|
|
|
then
|
|
|
|
_notify 'inf' "Adding relay authentication from postfix-sasl-password.cf"
|
|
|
|
|
|
|
|
# add domain-specific auth from config file:
|
|
|
|
while read -r LINE
|
|
|
|
do
|
2021-11-28 16:02:07 +00:00
|
|
|
if ! _is_comment "${LINE}"
|
2021-11-20 20:33:49 +00:00
|
|
|
then
|
|
|
|
echo "${LINE}" >> /etc/postfix/sasl_passwd
|
|
|
|
fi
|
|
|
|
done < /tmp/docker-mailserver/postfix-sasl-password.cf
|
|
|
|
fi
|
|
|
|
|
|
|
|
# add default relay
|
|
|
|
if [[ -n ${RELAY_USER} ]] && [[ -n ${RELAY_PASSWORD} ]]
|
|
|
|
then
|
|
|
|
# white-space separates value pairs (any length is valid)
|
|
|
|
echo "[${RELAY_HOST}]:${RELAY_PORT} ${RELAY_USER}:${RELAY_PASSWORD}" >> /etc/postfix/sasl_passwd
|
|
|
|
fi
|
|
|
|
|
|
|
|
_sasl_set_passwd_permissions
|
|
|
|
}
|
|
|
|
|
|
|
|
# Introduced by: https://github.com/docker-mailserver/docker-mailserver/pull/1596
|
|
|
|
# setup /etc/postfix/relayhost_map
|
|
|
|
# --
|
|
|
|
# @domain1.com [smtp.mailgun.org]:587
|
|
|
|
# @domain2.com [smtp.mailgun.org]:587
|
|
|
|
# @domain3.com [smtp.mailgun.org]:587
|
|
|
|
function _populate_relayhost_map
|
|
|
|
{
|
|
|
|
# Create the relayhost_map config file:
|
|
|
|
: >/etc/postfix/relayhost_map
|
|
|
|
chown root:root /etc/postfix/relayhost_map
|
|
|
|
chmod 0600 /etc/postfix/relayhost_map
|
|
|
|
|
|
|
|
if [[ -f /tmp/docker-mailserver/postfix-relaymap.cf ]]
|
|
|
|
then
|
|
|
|
_notify 'inf' "Adding relay mappings from postfix-relaymap.cf"
|
|
|
|
# keep lines which are not a comment *and* have a destination.
|
|
|
|
sed -n '/^\s*[^#[:space:]]\S*\s\+\S/p' /tmp/docker-mailserver/postfix-relaymap.cf >> /etc/postfix/relayhost_map
|
|
|
|
fi
|
|
|
|
|
|
|
|
{
|
|
|
|
# note: won't detect domains when lhs has spaces (but who does that?!)
|
|
|
|
sed -n '/^\s*[^#[:space:]]/ s/^[^@|]*@\([^|]\+\)|.*$/\1/p' /tmp/docker-mailserver/postfix-accounts.cf
|
|
|
|
|
|
|
|
[ -f /tmp/docker-mailserver/postfix-virtual.cf ] && sed -n '/^\s*[^#[:space:]]/ s/^\s*[^@[:space:]]*@\(\S\+\)\s.*/\1/p' /tmp/docker-mailserver/postfix-virtual.cf
|
|
|
|
} | while read -r DOMAIN
|
|
|
|
do
|
|
|
|
# DOMAIN not already present *and* not ignored
|
|
|
|
if ! grep -q -e "^@${DOMAIN}\b" /etc/postfix/relayhost_map && ! grep -qs -e "^\s*@${DOMAIN}\s*$" /tmp/docker-mailserver/postfix-relaymap.cf
|
|
|
|
then
|
|
|
|
_notify 'inf' "Adding relay mapping for ${DOMAIN}"
|
|
|
|
echo "@${DOMAIN} [${RELAY_HOST}]:${RELAY_PORT}" >> /etc/postfix/relayhost_map
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
}
|
|
|
|
|
|
|
|
function _relayhost_configure_postfix
|
|
|
|
{
|
|
|
|
postconf -e \
|
|
|
|
"smtp_sasl_auth_enable = yes" \
|
|
|
|
"smtp_sasl_security_options = noanonymous" \
|
|
|
|
"smtp_sasl_password_maps = texthash:/etc/postfix/sasl_passwd" \
|
|
|
|
"smtp_tls_security_level = encrypt" \
|
|
|
|
"smtp_tls_note_starttls_offer = yes" \
|
|
|
|
"smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt" \
|
|
|
|
"sender_dependent_relayhost_maps = texthash:/etc/postfix/relayhost_map" \
|
|
|
|
"smtp_sender_dependent_authentication = yes"
|
|
|
|
}
|
|
|
|
|
|
|
|
# ? --------------------------------------------- Callers
|
|
|
|
|
|
|
|
# setup-stack.sh:
|
|
|
|
function _setup_relayhost
|
|
|
|
{
|
|
|
|
_notify 'task' 'Setting up Postfix Relay Hosts'
|
|
|
|
|
|
|
|
if [[ -n ${DEFAULT_RELAY_HOST} ]]
|
|
|
|
then
|
|
|
|
_notify 'inf' "Setting default relay host ${DEFAULT_RELAY_HOST} to /etc/postfix/main.cf"
|
|
|
|
postconf -e "relayhost = ${DEFAULT_RELAY_HOST}"
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [[ -n ${RELAY_HOST} ]]
|
|
|
|
then
|
|
|
|
_relayhost_default_port_fallback
|
|
|
|
_notify 'inf' "Setting up outgoing email relaying via ${RELAY_HOST}:${RELAY_PORT}"
|
|
|
|
|
|
|
|
# Expects `_sasl_passwd_create` was called prior in `setup-stack.sh`
|
|
|
|
_relayhost_sasl
|
|
|
|
_populate_relayhost_map
|
|
|
|
|
|
|
|
_relayhost_configure_postfix
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
# check-for-changes.sh:
|
|
|
|
function _rebuild_relayhost
|
|
|
|
{
|
|
|
|
if [[ -n ${RELAY_HOST} ]]
|
|
|
|
then
|
|
|
|
_relayhost_default_port_fallback
|
|
|
|
|
|
|
|
# Start from a new `/etc/postfix/sasl_passwd` state:
|
|
|
|
_sasl_passwd_create
|
|
|
|
|
|
|
|
_relayhost_sasl
|
|
|
|
_populate_relayhost_map
|
|
|
|
fi
|
|
|
|
}
|