summaryrefslogtreecommitdiff
path: root/postfix
diff options
context:
space:
mode:
authorJonas Smedegaard <dr@jones.dk>2003-01-14 13:56:04 +0000
committerJonas Smedegaard <dr@jones.dk>2003-01-14 13:56:04 +0000
commite6c83fe94f9248aebdb35ae80c93e93063a7a14e (patch)
treec18b9b5db7109c0231c4240f0e31e1bbdbb68fc8 /postfix
parent1dbe2953294e07e7f47f42362e56483175c5abb3 (diff)
Set postconf path as variable. Correct check for FQDN.
Diffstat (limited to 'postfix')
-rwxr-xr-xpostfix/postfix.sh65
1 files changed, 33 insertions, 32 deletions
diff --git a/postfix/postfix.sh b/postfix/postfix.sh
index 455c327..9f510b5 100755
--- a/postfix/postfix.sh
+++ b/postfix/postfix.sh
@@ -3,7 +3,7 @@
# /etc/local-COMMON/postfix/postfix.sh
# Copyright 2002 Jonas Smedegaard <dr@jones.dk>
#
-# $Id: postfix.sh,v 1.10 2003-01-14 05:59:22 jonas Exp $
+# $Id: postfix.sh,v 1.11 2003-01-14 13:56:04 jonas Exp $
#
# Auto-tweak plain installed postfix Debian package
#
@@ -18,9 +18,10 @@ set -e
paramdir='/etc/local-COMMON/postfix'
confdir='/etc/postfix'
+postconf=/usr/sbin/postconf
sp='[[:space:]]'
pf2=
-if postconf -d mail_version | grep -q '= 2'; then
+if $postconf -d mail_version | grep -q '= 2'; then
pf2=1
fi
@@ -31,10 +32,10 @@ function getlinesfromfile() {
}
# Some badly configured setup use hostname instead of FQDN
-if /usr/sbin/postconf myhostname | grep -q '.'; then
- /usr/sbin/postconf -e 'smtpd_helo_required = yes'
+if $postconf myhostname | grep -q '\.'; then
+ $postconf -e 'smtpd_helo_required = yes'
fi
-/usr/sbin/postconf -e "`getlinesfromfile permit_mx_backup_networks`"
+$postconf -e "`getlinesfromfile permit_mx_backup_networks`"
if [ "$pf2" ]; then
rbl_domains="`getlinesfromfile maps_rbl_domains | sed -e 's/.*=[ ]*//' -e 's/,/ /g'`"
rbl_domain_line=
@@ -42,11 +43,11 @@ if [ "$pf2" ]; then
rbl_domain_line="${rbl_domain_line}reject_rbl_client $rbl_domain,"
done
recipient_restrictions="`getlinesfromfile smtpd_recipient_restrictions | sed 's/.*=[ ]*//' | sed \"s/reject_maps_rbl/$rbl_domain_line/\"`"
- /usr/sbin/postconf -e "maps_rbl_domains ="
- /usr/sbin/postconf -e "smtpd_recipient_restrictions = $recipient_restrictions"
+ $postconf -e "maps_rbl_domains ="
+ $postconf -e "smtpd_recipient_restrictions = $recipient_restrictions"
else
- /usr/sbin/postconf -e "`getlinesfromfile maps_rbl_domains`"
- /usr/sbin/postconf -e "`getlinesfromfile smtpd_recipient_restrictions`"
+ $postconf -e "`getlinesfromfile maps_rbl_domains`"
+ $postconf -e "`getlinesfromfile smtpd_recipient_restrictions`"
fi
# TLS breaks postfix if no SASL modules available (and doesn't make sense either)
@@ -65,39 +66,39 @@ if [ -f /usr/lib/postfix/tlsmgr -a -f /usr/lib/sasl/libplain.so -a -f /etc/ssl/c
> $confdir/master.cf
cat $confdir/master.cf | egrep -q "^tlsmgr$sp" || \
echo 'tlsmgr fifo - - - 300 1 tlsmgr' >> $confdir/master.cf
- /usr/sbin/postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem'
+ $postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem'
if [ -f /etc/ssl/private/postfix.pem ]; then
- /usr/sbin/postconf -e 'smtpd_tls_key_file = /etc/ssl/private/postfix.pem'
+ $postconf -e 'smtpd_tls_key_file = /etc/ssl/private/postfix.pem'
fi
- /usr/sbin/postconf -e 'smtpd_tls_loglevel = 1'
- /usr/sbin/postconf -e 'smtpd_use_tls = yes'
- /usr/sbin/postconf -e 'smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache'
- /usr/sbin/postconf -e 'smtpd_tls_auth_only = yes'
- /usr/sbin/postconf -e 'smtpd_sasl_auth_enable = no'
- /usr/sbin/postconf -e 'smtpd_sasl_security_options = noanonymous'
- /usr/sbin/postconf -e 'smtpd_sasl_local_domain = $myhostname'
- /usr/sbin/postconf -e 'smtpd_tls_received_header = yes'
- /usr/sbin/postconf -e 'broken_sasl_auth_clients = yes'
- /usr/sbin/postconf -e 'tls_random_source = dev:/dev/urandom'
- /usr/sbin/postconf -e 'tls_daemon_random_source = dev:/dev/urandom'
+ $postconf -e 'smtpd_tls_loglevel = 1'
+ $postconf -e 'smtpd_use_tls = yes'
+ $postconf -e 'smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache'
+ $postconf -e 'smtpd_tls_auth_only = yes'
+ $postconf -e 'smtpd_sasl_auth_enable = no'
+ $postconf -e 'smtpd_sasl_security_options = noanonymous'
+ $postconf -e 'smtpd_sasl_local_domain = $myhostname'
+ $postconf -e 'smtpd_tls_received_header = yes'
+ $postconf -e 'broken_sasl_auth_clients = yes'
+ $postconf -e 'tls_random_source = dev:/dev/urandom'
+ $postconf -e 'tls_daemon_random_source = dev:/dev/urandom'
# Check if using a proper key exists (not just a self-signed one)
# (it is assumed that a CA certificate is made public if used!)
if [ -f /etc/ssl/certs/cacert.pem ]; then
- /usr/sbin/postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'
+ $postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'
# Client side TLS only makes sense if a publicly available certificate is available
# (and DON'T publish a self-signed certificate!)
- /usr/sbin/postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/cacert.pem'
- /usr/sbin/postconf -e 'smtp_tls_cert_file = /etc/ssl/certs/postfix.pem'
+ $postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/cacert.pem'
+ $postconf -e 'smtp_tls_cert_file = /etc/ssl/certs/postfix.pem'
if [ -f /etc/ssl/private/postfix.pem ]; then
- /usr/sbin/postconf -e 'smtp_tls_key_file = /etc/ssl/private/postfix.pem'
+ $postconf -e 'smtp_tls_key_file = /etc/ssl/private/postfix.pem'
fi
- /usr/sbin/postconf -e 'smtp_tls_loglevel = 1'
- /usr/sbin/postconf -e 'smtp_use_tls = yes'
- /usr/sbin/postconf -e 'smtp_tls_CApath = /etc/ssl/certs'
- /usr/sbin/postconf -e 'smtp_tls_note_starttls_offer = no' # Enable to collect info for smtp_tls_per_site option
- /usr/sbin/postconf -e 'smtp_tls_session_cache_database = sdbm:/etc/postfix/smtp_scache'
+ $postconf -e 'smtp_tls_loglevel = 1'
+ $postconf -e 'smtp_use_tls = yes'
+ $postconf -e 'smtp_tls_CApath = /etc/ssl/certs'
+ $postconf -e 'smtp_tls_note_starttls_offer = no' # Enable to collect info for smtp_tls_per_site option
+ $postconf -e 'smtp_tls_session_cache_database = sdbm:/etc/postfix/smtp_scache'
# This makes Netscape ask for a certificate, so make sure it IS public!
- /usr/sbin/postconf -e 'smtpd_tls_ask_ccert = yes'
+ $postconf -e 'smtpd_tls_ask_ccert = yes'
fi
else
echo 'TLS not activated - check the script for requirements...'