docker-mailserver/target/scripts/startup/setup.d
Georg Lauterbach 5f2fb72c9c
Rspamd: add check for DKIM private key files' permissions (#3627)
* added check for Rspamd DKIM on startup

The newly added function `__rspamd__check_dkim_permissions` performs a
check on DKIM private key files. This is useful to prevent issues
like #3621 in the future. The function is deliberately kept simple and
may not catch every single misconfiguration in terms of permissions and
ownership, but it should be quite accurate.

Please note that the Rspamd setup does NOT change at all, and the checks
will not abort the setup in case they fail. A simple warning is emmited.

* add more documentation to Rspamd functions

* Apply suggestions from code review

* improve `__do_as_rspamd_user`

* rework check similar to review suggestion

see https://github.com/docker-mailserver/docker-mailserver/pull/3627#discussion_r1388697547

---------

Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2023-11-13 12:34:46 +01:00
..
security Rspamd: add check for DKIM private key files' permissions (#3627) 2023-11-13 12:34:46 +01:00
dmarc_dkim_spf.sh scripts: add wrapper to update Postfix configuration safely (#3484) 2023-08-22 08:03:41 +00:00
dovecot.sh Change 'for' style (#3368) 2023-05-26 14:00:40 +02:00
fetchmail.sh Change 'for' style (#3368) 2023-05-26 14:00:40 +02:00
getmail.sh Change 'for' style (#3368) 2023-05-26 14:00:40 +02:00
ldap.sh chore: LDAP config improvements (#3522) 2023-09-02 22:07:02 +12:00
log.sh refactor: logrotate setup + rspamd log path + tests log helper fallback path (#3576) 2023-10-14 17:14:10 +02:00
mail_state.sh fix: Drop special bits from Postfix maildrop/ and public/ directory permissions (#3625) 2023-11-10 19:57:17 +01:00
networking.sh Change 'for' style (#3368) 2023-05-26 14:00:40 +02:00
postfix.sh Change 'while' style (#3365) 2023-05-26 01:39:39 +02:00
saslauthd.sh chore: LDAP config improvements (#3522) 2023-09-02 22:07:02 +12:00
vmail-id.sh feat: Allow changing the Dovecot vmail UID/GID via ENV (#3550) 2023-10-01 00:20:03 +13:00