summaryrefslogtreecommitdiff
path: root/postfix
diff options
context:
space:
mode:
authorJonas Smedegaard <dr@jones.dk>2007-07-12 19:25:09 +0000
committerJonas Smedegaard <dr@jones.dk>2007-07-12 19:25:09 +0000
commit35e02a3d9bae04f15c2add66d89905df27ab0e65 (patch)
tree39370060da2ed73a3c82ba5a62a91ecc6cb8c65b /postfix
parent73a4b937a6d89d13f0ef2f3b3d5062e4b8962c06 (diff)
Verify senders from known (other realms of same Redpill) domains. Rename param -> file in catfirstfile function.
Diffstat (limited to 'postfix')
-rwxr-xr-xpostfix/postfix.sh29
1 files changed, 25 insertions, 4 deletions
diff --git a/postfix/postfix.sh b/postfix/postfix.sh
index 8f8459b..5a79969 100755
--- a/postfix/postfix.sh
+++ b/postfix/postfix.sh
@@ -3,7 +3,7 @@
# /etc/local-COMMON/postfix/postfix.sh
# Copyright 2002-2007 Jonas Smedegaard <dr@jones.dk>
#
-# $Id: postfix.sh,v 1.48 2007-07-12 18:59:06 jonas Exp $
+# $Id: postfix.sh,v 1.49 2007-07-12 19:25:09 jonas Exp $
#
# Auto-tweak plain installed postfix Debian package
#
@@ -15,6 +15,7 @@
set -e
+realmsdir='/etc/local-REDPILL'
configdirs='/etc/local/postfix /etc/local-ORG/postfix /etc/local-REDPILL/postfix /etc/local-COMMON/postfix'
confdir='/etc/postfix'
postconf=/usr/sbin/postconf
@@ -23,6 +24,9 @@ if ! $postconf -d mail_version | grep -q '= 2\.2'; then
echo "ERROR: Bad postfix version - this script is known to work only for postfix 2.2"
exit 1
fi
+if ! [ -d "$realmsdir" ]; then
+ echo "WARNING: Realms directory \"$realmsdir\" does not exist."
+fi
postgrey=
if [ -x /usr/sbin/postgrey ]; then
# FIXME: Use this somehow, and only warn below
@@ -42,19 +46,35 @@ else
fi
sasldir="$confdir/sasl"
+catallfilesfromotherrealms() {
+ file="$1"
+ [ -d "$realmsdir" ] || exit 0
+ [ -f "$realmsdir/realms" ] || exit 0
+
+ realms="$(cat "$realmsdir/realms" | sed 's/#.*//')"
+ thisdomain="$(dnsdomainname)"
+
+ for realm in $realms; do
+ if [ "$thisdomain" != "$realm" ]; then
+ cat "$realmsdir/$realm/$file"
+ fi
+ done
+}
+
catfirstfile() {
+ file="$1"
configdir=''
for dir in $configdirs; do
- if [ -d "$dir" ] && [ -f "$dir/$param" ]; then
+ if [ -d "$dir" ] && [ -f "$dir/$file" ]; then
configdir="$dir"
break
fi
done
if [ -z "$configdir" ]; then
- echo "ERROR: Parameter file for \"$param\" not found."
+ echo "ERROR: file \"$file\" not found."
exit 1
fi
- cat "$configdir/$param"
+ cat "$configdir/$file"
}
getlinesfromfile() {
@@ -107,6 +127,7 @@ $postconf -e "`getlinesfromfile smtpd_data_restrictions`"
# Verify senders of known and suspect domains
# FIXME: somehow do this step only if enabled in smtpd_sender_restrictions
cat /etc/local-COMMON/postfix/maildomains | sort | sed 's/$/ reject_unverified_sender/' > "$confdir/sender_access"
+catallfilesfromotherrealms maildomains | sort | sed 's/$/ reject_unverified_sender/' >> "$confdir/sender_access"
postmap "$confdir/sender_access"
$postconf -e "unverified_sender_reject_code = 550"