mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Merge branch 'master' into issues/2467
This commit is contained in:
commit
a435c32661
2
.github/ISSUE_TEMPLATE/bug_report.yml
vendored
2
.github/ISSUE_TEMPLATE/bug_report.yml
vendored
|
@ -148,7 +148,7 @@ body:
|
|||
**You are not obliged to answer this question**.
|
||||
We do encourage answering though as it provides context to better assist you.
|
||||
Less experienced users tend to make common mistakes, which is ok; by letting us know we can spot those more easily.
|
||||
|
||||
|
||||
options:
|
||||
- label: I am inexperienced with docker
|
||||
- label: I am inexperienced with mail servers
|
||||
|
|
|
@ -271,7 +271,7 @@ start_misc
|
|||
start_daemons
|
||||
|
||||
# marker to check, if container was restarted
|
||||
date > /CONTAINER_START
|
||||
date >/CONTAINER_START
|
||||
|
||||
_notify 'tasklog' "${HOSTNAME} is up and running"
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ function _setup_supervisor
|
|||
if ! grep -q "loglevel = ${SUPERVISOR_LOGLEVEL}" /etc/supervisor/supervisord.conf
|
||||
then
|
||||
case "${SUPERVISOR_LOGLEVEL}" in
|
||||
'critical' | 'error' | 'info' | 'debug' )
|
||||
( 'critical' | 'error' | 'info' | 'debug' )
|
||||
sed -i -E \
|
||||
"s|(loglevel).*|\1 = ${SUPERVISOR_LOGLEVEL}|g" \
|
||||
/etc/supervisor/supervisord.conf
|
||||
|
@ -23,11 +23,11 @@ function _setup_supervisor
|
|||
exit
|
||||
;;
|
||||
|
||||
'warn' )
|
||||
( 'warn' )
|
||||
return 0
|
||||
;;
|
||||
|
||||
* )
|
||||
( * )
|
||||
_notify 'err' \
|
||||
"SUPERVISOR_LOGLEVEL '${SUPERVISOR_LOGLEVEL}' unknown. Using default 'warn'"
|
||||
;;
|
||||
|
@ -160,7 +160,7 @@ function _setup_dovecot
|
|||
|
||||
# set mail_location according to mailbox format
|
||||
case "${DOVECOT_MAILBOX_FORMAT}" in
|
||||
"sdbox" | "mdbox" )
|
||||
( "sdbox" | "mdbox" )
|
||||
_notify 'inf' "Dovecot ${DOVECOT_MAILBOX_FORMAT} format configured"
|
||||
sed -i -e \
|
||||
"s|^mail_location = .*$|mail_location = ${DOVECOT_MAILBOX_FORMAT}:\/var\/mail\/%d\/%n|g" \
|
||||
|
@ -171,7 +171,7 @@ function _setup_dovecot
|
|||
chmod 644 /etc/cron.d/dovecot-purge
|
||||
;;
|
||||
|
||||
* )
|
||||
( * )
|
||||
_notify 'inf' "Dovecot maildir format configured (default)"
|
||||
sed -i -e 's|^mail_location = .*$|mail_location = maildir:\/var\/mail\/%d\/%n|g' /etc/dovecot/conf.d/10-mail.conf
|
||||
;;
|
||||
|
@ -719,12 +719,12 @@ function _setup_docker_permit
|
|||
done < <(ip -o -4 addr show type veth | grep -E -o '[0-9\.]+/[0-9]+')
|
||||
|
||||
case "${PERMIT_DOCKER}" in
|
||||
"none" )
|
||||
( 'none' )
|
||||
_notify 'inf' "Clearing Postfix's 'mynetworks'"
|
||||
postconf -e "mynetworks ="
|
||||
;;
|
||||
|
||||
"connected-networks" )
|
||||
( 'connected-networks' )
|
||||
for NETWORK in "${CONTAINER_NETWORKS[@]}"
|
||||
do
|
||||
NETWORK=$(_sanitize_ipv4_to_subnet_cidr "${NETWORK}")
|
||||
|
@ -735,28 +735,28 @@ function _setup_docker_permit
|
|||
done
|
||||
;;
|
||||
|
||||
"container" )
|
||||
( 'container' )
|
||||
_notify 'inf' "Adding container IP address to Postfix's 'mynetworks'"
|
||||
postconf -e "$(postconf | grep '^mynetworks =') ${CONTAINER_IP}/32"
|
||||
echo "${CONTAINER_IP}/32" >> /etc/opendmarc/ignore.hosts
|
||||
echo "${CONTAINER_IP}/32" >> /etc/opendkim/TrustedHosts
|
||||
;;
|
||||
|
||||
"host" )
|
||||
( 'host' )
|
||||
_notify 'inf' "Adding ${CONTAINER_NETWORK}/16 to Postfix's 'mynetworks'"
|
||||
postconf -e "$(postconf | grep '^mynetworks =') ${CONTAINER_NETWORK}/16"
|
||||
echo "${CONTAINER_NETWORK}/16" >> /etc/opendmarc/ignore.hosts
|
||||
echo "${CONTAINER_NETWORK}/16" >> /etc/opendkim/TrustedHosts
|
||||
;;
|
||||
|
||||
"network" )
|
||||
( 'network' )
|
||||
_notify 'inf' "Adding docker network to Postfix's 'mynetworks'"
|
||||
postconf -e "$(postconf | grep '^mynetworks =') 172.16.0.0/12"
|
||||
echo 172.16.0.0/12 >> /etc/opendmarc/ignore.hosts
|
||||
echo 172.16.0.0/12 >> /etc/opendkim/TrustedHosts
|
||||
;;
|
||||
|
||||
* )
|
||||
( * )
|
||||
_notify 'warn' "Invalid value for PERMIT_DOCKER: ${PERMIT_DOCKER}"
|
||||
_notify 'inf' "Clearing Postfix's 'mynetworks'"
|
||||
postconf -e "mynetworks ="
|
||||
|
@ -942,10 +942,21 @@ function _setup_security_stack
|
|||
local SPAMASSASSIN_KAM_CRON_FILE=/etc/cron.daily/spamassassin_kam
|
||||
|
||||
sa-update --import /etc/spamassassin/kam/kam.sa-channels.mcgrail.com.key
|
||||
|
||||
cat >"${SPAMASSASSIN_KAM_CRON_FILE}" <<"EOM"
|
||||
#! /bin/bash
|
||||
|
||||
sa-update --gpgkey 24C063D8 --channel kam.sa-channels.mcgrail.com
|
||||
RESULT="$(sa-update --gpgkey 24C063D8 --channel kam.sa-channels.mcgrail.com 2>&1)"
|
||||
EXIT_CODE=${?}
|
||||
|
||||
# see https://spamassassin.apache.org/full/3.1.x/doc/sa-update.html#exit_codes
|
||||
if [[ ${EXIT_CODE} -ge 4 ]]
|
||||
then
|
||||
echo -e "Updating SpamAssassin KAM failed:\n${RESULT}\n" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
exit 0
|
||||
|
||||
EOM
|
||||
|
||||
|
@ -986,7 +997,9 @@ EOM
|
|||
fi
|
||||
|
||||
# fix cron.daily for spamassassin
|
||||
sed -i -e 's|invoke-rc.d spamassassin reload|/etc/init\.d/spamassassin reload|g' /etc/cron.daily/spamassassin
|
||||
sed -i \
|
||||
's|invoke-rc.d spamassassin reload|/etc/init\.d/spamassassin reload|g' \
|
||||
/etc/cron.daily/spamassassin
|
||||
|
||||
# Amavis
|
||||
if [[ ${ENABLE_AMAVIS} -eq 1 ]]
|
||||
|
@ -1010,22 +1023,22 @@ function _setup_logrotate
|
|||
LOGROTATE='/var/log/mail/mail.log\n{\n compress\n copytruncate\n delaycompress\n'
|
||||
|
||||
case "${LOGROTATE_INTERVAL}" in
|
||||
'daily' )
|
||||
( 'daily' )
|
||||
_notify 'inf' 'Setting postfix logrotate interval to daily'
|
||||
LOGROTATE="${LOGROTATE} rotate 4\n daily\n"
|
||||
;;
|
||||
|
||||
'weekly' )
|
||||
( 'weekly' )
|
||||
_notify 'inf' 'Setting postfix logrotate interval to weekly'
|
||||
LOGROTATE="${LOGROTATE} rotate 4\n weekly\n"
|
||||
;;
|
||||
|
||||
'monthly' )
|
||||
( 'monthly' )
|
||||
_notify 'inf' 'Setting postfix logrotate interval to monthly'
|
||||
LOGROTATE="${LOGROTATE} rotate 4\n monthly\n"
|
||||
;;
|
||||
|
||||
* )
|
||||
( * )
|
||||
_notify 'warn' 'LOGROTATE_INTERVAL not found in _setup_logrotate'
|
||||
;;
|
||||
|
||||
|
@ -1039,27 +1052,30 @@ function _setup_mail_summary
|
|||
_notify 'inf' "Enable postfix summary with recipient ${PFLOGSUMM_RECIPIENT}"
|
||||
|
||||
case "${PFLOGSUMM_TRIGGER}" in
|
||||
'daily_cron' )
|
||||
( 'daily_cron' )
|
||||
_notify 'inf' 'Creating daily cron job for pflogsumm report'
|
||||
|
||||
echo '#! /bin/bash' > /etc/cron.daily/postfix-summary
|
||||
echo "/usr/local/bin/report-pflogsumm-yesterday ${HOSTNAME} ${PFLOGSUMM_RECIPIENT} ${PFLOGSUMM_SENDER}" >>/etc/cron.daily/postfix-summary
|
||||
cat >/etc/cron.daily/postfix-summary << EOM
|
||||
#! /bin/bash
|
||||
|
||||
/usr/local/bin/report-pflogsumm-yesterday ${HOSTNAME} ${PFLOGSUMM_RECIPIENT} ${PFLOGSUMM_SENDER}
|
||||
EOM
|
||||
|
||||
chmod +x /etc/cron.daily/postfix-summary
|
||||
;;
|
||||
|
||||
'logrotate' )
|
||||
( 'logrotate' )
|
||||
_notify 'inf' 'Add postrotate action for pflogsumm report'
|
||||
sed -i \
|
||||
"s|}| postrotate\n /usr/local/bin/postfix-summary ${HOSTNAME} ${PFLOGSUMM_RECIPIENT} ${PFLOGSUMM_SENDER}\n endscript\n}\n|" \
|
||||
/etc/logrotate.d/maillog
|
||||
;;
|
||||
|
||||
'none' )
|
||||
( 'none' )
|
||||
_notify 'inf' 'Postfix log summary reports disabled.'
|
||||
;;
|
||||
|
||||
* )
|
||||
( * )
|
||||
_notify 'err' 'PFLOGSUMM_TRIGGER not found in _setup_mail_summery'
|
||||
;;
|
||||
|
||||
|
@ -1068,34 +1084,37 @@ function _setup_mail_summary
|
|||
|
||||
function _setup_logwatch
|
||||
{
|
||||
_notify 'inf' "Enable logwatch reports with recipient ${LOGWATCH_RECIPIENT}"
|
||||
|
||||
echo 'LogFile = /var/log/mail/freshclam.log' >>/etc/logwatch/conf/logfiles/clam-update.conf
|
||||
|
||||
echo "MailFrom = ${LOGWATCH_SENDER}" >> /etc/logwatch/conf/logwatch.conf
|
||||
echo "MailFrom = ${LOGWATCH_SENDER}" >>/etc/logwatch/conf/logwatch.conf
|
||||
|
||||
case "${LOGWATCH_INTERVAL}" in
|
||||
'daily' )
|
||||
_notify 'inf' "Creating daily cron job for logwatch reports"
|
||||
echo "#! /bin/bash" > /etc/cron.daily/logwatch
|
||||
echo "/usr/sbin/logwatch --range Yesterday --hostname ${HOSTNAME} --mailto ${LOGWATCH_RECIPIENT}" \
|
||||
>>/etc/cron.daily/logwatch
|
||||
chmod 744 /etc/cron.daily/logwatch
|
||||
( 'daily' | 'weekly' )
|
||||
_notify 'inf' "Enable logwatch reports with recipient ${LOGWATCH_RECIPIENT}"
|
||||
_notify 'inf' "Creating ${LOGWATCH_INTERVAL} cron job for logwatch reports"
|
||||
|
||||
local LOGWATCH_FILE INTERVAL
|
||||
|
||||
LOGWATCH_FILE="/etc/cron.${LOGWATCH_INTERVAL}/logwatch"
|
||||
INTERVAL='--range Yesterday'
|
||||
|
||||
if [[ ${LOGWATCH_INTERVAL} == 'weekly' ]]
|
||||
then
|
||||
INTERVAL="--range 'between -7 days and -1 days'"
|
||||
fi
|
||||
|
||||
cat >"${LOGWATCH_FILE}" << EOM
|
||||
#! /bin/bash
|
||||
|
||||
/usr/sbin/logwatch ${INTERVAL} --hostname ${HOSTNAME} --mailto ${LOGWATCH_RECIPIENT}
|
||||
EOM
|
||||
chmod 744 "${LOGWATCH_FILE}"
|
||||
;;
|
||||
|
||||
'weekly' )
|
||||
_notify 'inf' "Creating weekly cron job for logwatch reports"
|
||||
echo "#! /bin/bash" > /etc/cron.weekly/logwatch
|
||||
echo "/usr/sbin/logwatch --range 'between -7 days and -1 days' --hostname ${HOSTNAME} --mailto ${LOGWATCH_RECIPIENT}" \
|
||||
>>/etc/cron.weekly/logwatch
|
||||
chmod 744 /etc/cron.weekly/logwatch
|
||||
;;
|
||||
|
||||
'none' )
|
||||
( 'none' )
|
||||
_notify 'inf' 'Logwatch reports disabled.'
|
||||
;;
|
||||
|
||||
* )
|
||||
( * )
|
||||
_notify 'warn' 'LOGWATCH_INTERVAL not found in _setup_logwatch'
|
||||
;;
|
||||
|
||||
|
@ -1127,7 +1146,9 @@ function _setup_fail2ban
|
|||
function _setup_dnsbl_disable
|
||||
{
|
||||
_notify 'task' 'Disabling postfix DNS block list (zen.spamhaus.org)'
|
||||
sedfile -i '/^smtpd_recipient_restrictions = / s/, reject_rbl_client zen.spamhaus.org//' /etc/postfix/main.cf
|
||||
sedfile -i \
|
||||
'/^smtpd_recipient_restrictions = / s/, reject_rbl_client zen.spamhaus.org//' \
|
||||
/etc/postfix/main.cf
|
||||
|
||||
_notify 'task' 'Disabling postscreen DNS block lists'
|
||||
postconf -e "postscreen_dnsbl_action = ignore"
|
||||
|
|
|
@ -4,8 +4,8 @@ setup_file() {
|
|||
local PRIVATE_CONFIG
|
||||
PRIVATE_CONFIG="$(duplicate_config_for_container .)"
|
||||
docker run -d --name mail_special_use_folders \
|
||||
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
|
||||
-v "$(pwd)/test/test-files":/tmp/docker-mailserver-test:ro \
|
||||
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
|
||||
-v "$(pwd)/test/test-files":/tmp/docker-mailserver-test:ro \
|
||||
-e SASL_PASSWD="external-domain.com username:password" \
|
||||
-e ENABLE_CLAMAV=0 \
|
||||
-e ENABLE_SPAMASSASSIN=0 \
|
||||
|
|
|
@ -101,7 +101,7 @@ function teardown_file() {
|
|||
@test "checking ssl: manual cert changes are picked up by check-for-changes" {
|
||||
printf 'someThingsChangedHere' \
|
||||
>>"$(pwd)/test/test-files/ssl/${DOMAIN_SSL_MANUAL}/with_ca/ecdsa/key.ecdsa.pem"
|
||||
sleep 10
|
||||
sleep 15
|
||||
|
||||
run docker exec mail_manual_ssl /bin/bash -c "supervisorctl tail -3000 changedetector"
|
||||
assert_output --partial 'Change detected'
|
||||
|
|
Loading…
Reference in a new issue