diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2012-03-26 13:26:05 +0200 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2012-03-26 13:26:05 +0200 |
| commit | 411f5a7a038eb69e9fbe10fe7746bfb2c6f8138c (patch) | |
| tree | b39355dc9937c3c0f96af1f14fa2c458740448d7 /postfix | |
| parent | 9ad922aa1fb94caa28393f01f2b8ccc049ddde21 (diff) | |
Improve warnings on requirements.
Diffstat (limited to 'postfix')
| -rwxr-xr-x | postfix/postfix.sh | 59 |
1 files changed, 41 insertions, 18 deletions
diff --git a/postfix/postfix.sh b/postfix/postfix.sh index ee81449..27efb9f 100755 --- a/postfix/postfix.sh +++ b/postfix/postfix.sh @@ -18,6 +18,10 @@ set -e # Let's standardize sort export LC_ALL=C +warn() { + echo >&2 "Warning: $1" +} + exit1() { echo >&2 "Error: $1" echo >&2 "Exiting..." @@ -45,7 +49,7 @@ echo "$pfver" | grep -q '2\.[2-9]' \ pf23= ! echo "$pfver" | grep -q '2\.[3-9]' || pf23=1 if ! [ -d "$realmsdir" ]; then - echo >&2 "WARNING: Realms directory \"$realmsdir\" does not exist." + warn "Realms directory \"$realmsdir\" does not exist." fi #postgrey= #if [ -x /usr/sbin/postgrey ]; then @@ -54,47 +58,66 @@ fi #else # exit1 "ERROR: Greylisting support (Debian package postgrey) missing." #fi +cyrus= +if [ -x /usr/sbin/saslauthd ]; then + if saslauthd -v 2>&1 | grep -q '^saslauthd 2.1'; then + cyrus=1 + else + warn "Cyrus SASL too old - requires >= 2.1.1)." + fi +else + warn "Cyrus SASL missing - (Debian package sasl2-bin)." +fi +dovecot= +if [ -x /usr/sbin/dovecot ]; then + dovecot=1 +else + warn "Dovecot missing - (Debian package dovecot-core or dovecot)." +fi sslcert= if [ -f /etc/ssl/certs/postfix.pem ]; then sslcert=1 else - echo >&2 "WARNING: TLS encryption requires SSL certificate at /etc/ssl/certs/postfix.pem." + warn "No TLS encryption - requires SSL certificate at /etc/ssl/certs/postfix.pem." fi sasl_main_type= sasl_dovecot= sasl_cyrus= if [ -n "$sslcert" ]; then # FIXME: We really want to check for at least 2.1.1 but that's tricky... - if saslauthd -v 2>&1 | grep -q '^saslauthd 2.1'; then + if [ -n "$cyrus" ]; then sasl_cyrus=1 sasl_main_type=cyrus - else - echo >&2 "WARNING: Cyrus SASL authentication requires sasl tools 2.1.1 (Debian package sasl2-bin)." fi - if [ -n "$pf23" ] && dovecot --version | grep -q '^2'; then - sasl_dovecot=1 - sasl_main_type=dovecot - else - echo >&2 "WARNING: Dovecot SASL authentication requires Dovecot 2.0 (Debian package dovecot-core or dovecot)." + if [ -n "$dovecot" ]; then + if [ -n "$pf23" ]; then + sasl_dovecot=1 + sasl_main_type=dovecot + else + warn "No Dovecot SASL - requires postfix >= 2.3." + fi fi if [ -z "$sasl_main_type" ]; then - echo >&2 "WARNING: Cyrus SASL authentication requires sasl tools 2.1.1 (Debian package sasl2-bin)." + warn "No SASL authentication - requires Cyrus SASL or Dovecot." fi else - echo >&2 "WARNING: SASL authentication requires TLS encryption." + warn "No SASL authentication - requires TLS encryption." fi amavis= if [ -x /usr/sbin/amavisd ] || [ -x /usr/sbin/amavisd-new ]; then amavis=1 else - echo >&2 "WARNING: Avoiding AMaViS setup: not installed." + warn "AMaViS missing (Debian package amavisd-new)." fi - dkimproxy= -if [ "1" = "$amavis" ] && [ -x /usr/bin/dkimproxy-sign ]; then - dkimproxy=1 +if [ -x /usr/bin/dkimproxy-sign ]; then + if [ "1" = "$amavis" ]; then + dkimproxy=1 + else + warn "No DKIM/Domainkey - requires DKIMproxy and AMaViS." + fi else - echo >&2 "WARNING: Avoiding/disabling DKIMproxy setup: not installed." + warn "DKIMproxy missing (Debian package dkimproxy)." fi catfilefromownrealm() { @@ -292,7 +315,7 @@ if [ -n "$sslcert" ]; then $postconf -c "$tempdir" -e "smtp_tls_policy_maps = hash:$confdir/tls_policy" else $postconf -c "$tempdir" -e 'smtp_use_tls = no' - echo >&2 "WARNING: Private certificate not found - client side TLS not enabled!" + warn "No client-side TLS - requires private SSL certificate at /etc/ssl/private/postfix.pem." fi fi |