summaryrefslogtreecommitdiff
path: root/postfix
diff options
context:
space:
mode:
authorJonas Smedegaard <dr@jones.dk>2008-02-28 18:54:22 +0000
committerJonas Smedegaard <dr@jones.dk>2008-02-28 18:54:22 +0000
commit4709f98482b8a0e82d4f56dc502cb544e7c31076 (patch)
tree631e0e871f509e9853ed358f8f8e0061b5792f5c /postfix
parent12c3dd93cfd915c38c7c4b9fda2ad9a8bd673dcd (diff)
Tell why TLS not activated (there's only one reason: missing SSL certificate).
Diffstat (limited to 'postfix')
-rwxr-xr-xpostfix/postfix.sh13
1 files changed, 10 insertions, 3 deletions
diff --git a/postfix/postfix.sh b/postfix/postfix.sh
index 4a67e28..e288f32 100755
--- a/postfix/postfix.sh
+++ b/postfix/postfix.sh
@@ -3,7 +3,7 @@
# /etc/local-COMMON/postfix/postfix.sh
# Copyright 2002-2007 Jonas Smedegaard <dr@jones.dk>
#
-# $Id: postfix.sh,v 1.64 2007-12-11 14:44:16 jonas Exp $
+# $Id: postfix.sh,v 1.65 2008-02-28 18:54:22 jonas Exp $
#
# Auto-tweak plain installed postfix Debian package
#
@@ -51,6 +51,13 @@ else
fi
saslsubdir="sasl"
+sslcert=
+if [ -n "$sasl2" ] && [ -f /etc/ssl/certs/postfix.pem ]; then
+ sslcert=1
+else
+ echo >&2 "WARNING: Encryption requires SSL certificate at /etc/ssl/certs/postfix.pem."
+fi
+
catfilefromownrealm() {
file="$1"
[ -d "$realmsdir" ] || exit 0
@@ -166,7 +173,7 @@ $postconf -c "$tempdir" -e "unverified_recipient_reject_code = 550"
# TLS breaks postfix if no SASL modules available (and doesn't make sense either)
# (change the test if using some other modules and avoid the plain ones)
-if [ -n "$sasl2" ] && [ -f /etc/ssl/certs/postfix.pem ]; then
+if [ -n "$sasl2" ] && [ -n "$sslcert" ]; then
mkdir -p "$tempdir/$saslsubdir"
echo 'mech_list: plain login' > "$tempdir/$saslsubdir/smtpd.conf"
echo 'minimum_layer: 0' >> "$tempdir/$saslsubdir/smtpd.conf"
@@ -228,7 +235,7 @@ if [ -n "$sasl2" ] && [ -f /etc/ssl/certs/postfix.pem ]; then
echo >&2 "WARNING: CA certificate not found - consider using proper signed certificates!"
fi
else
- echo >&2 'WARNING: TLS not activated - check the script for requirements...'
+ echo >&2 'WARNING: TLS not activated due to missing rewuirements...'
fi
if [ -x /usr/sbin/amavisd ] || [ -x /usr/sbin/amavisd-new ]; then