docker-mailserver/target
Georg Lauterbach 5f2fb72c9c
Rspamd: add check for DKIM private key files' permissions (#3627)
* added check for Rspamd DKIM on startup

The newly added function `__rspamd__check_dkim_permissions` performs a
check on DKIM private key files. This is useful to prevent issues
like #3621 in the future. The function is deliberately kept simple and
may not catch every single misconfiguration in terms of permissions and
ownership, but it should be quite accurate.

Please note that the Rspamd setup does NOT change at all, and the checks
will not abort the setup in case they fail. A simple warning is emmited.

* add more documentation to Rspamd functions

* Apply suggestions from code review

* improve `__do_as_rspamd_user`

* rework check similar to review suggestion

see https://github.com/docker-mailserver/docker-mailserver/pull/3627#discussion_r1388697547

---------

Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2023-11-13 12:34:46 +01:00
..
amavis ci(fix): Normalize for .gitattributes + improve eclint coverage (#3566) 2023-10-04 12:53:32 +02:00
bin Rspamd: add check for DKIM private key files' permissions (#3627) 2023-11-13 12:34:46 +01:00
dovecot chore: LDAP config improvements (#3522) 2023-09-02 22:07:02 +12:00
fail2ban F2B: update F2B after discussion in #3256 (#3288) 2023-05-01 15:00:35 +02:00
fetchmail Implement fetchmail (#260) (#271) 2016-08-21 22:13:13 +02:00
getmail feature: adding getmail as an alternative to fetchmail (#2803) 2023-05-23 17:25:08 +02:00
logwatch Add logwatch maillog.conf file to support /var/log/mail/ (#2112) 2021-08-11 11:31:00 +02:00
opendkim Fixed KeyTable refile in opendkim.conf https://serverfault.com/a/861701/377751 (#2249) 2021-10-16 19:04:51 +02:00
opendmarc fix: Change the default OpenDMARC policy to reject (#2933) 2022-12-19 08:54:38 +13:00
postfix feat: Postfix permit DSN (Delivery Status Notification) only on authenticated ports (465 + 587) (#3572) 2023-10-22 15:16:41 +02:00
postgrey ci(fix): Normalize for .gitattributes + improve eclint coverage (#3566) 2023-10-04 12:53:32 +02:00
postsrsd config: remove chroot for Dovecot & PostSRSd (#3208) 2023-03-31 12:17:44 +02:00
rspamd/local.d rspamd: disable checks for authenticated users (#3440) 2023-08-08 10:43:21 +02:00
scripts Rspamd: add check for DKIM private key files' permissions (#3627) 2023-11-13 12:34:46 +01:00
shared init tests cases ffdhe4096 2020-04-26 22:23:51 +02:00
supervisor refactor: logrotate setup + rspamd log path + tests log helper fallback path (#3576) 2023-10-14 17:14:10 +02:00