diff options
Diffstat (limited to 'postfix/postfix.sh')
| -rwxr-xr-x | postfix/postfix.sh | 62 |
1 files changed, 47 insertions, 15 deletions
diff --git a/postfix/postfix.sh b/postfix/postfix.sh index 53bb63f..c5a5546 100755 --- a/postfix/postfix.sh +++ b/postfix/postfix.sh @@ -3,15 +3,16 @@ # /etc/local-COMMON/postfix/postfix.sh # Copyright 2002-2003 Jonas Smedegaard <dr@jones.dk> # -# $Id: postfix.sh,v 1.23 2004-01-27 19:49:53 jonas Exp $ +# $Id: postfix.sh,v 1.24 2004-02-03 22:16:17 jonas Exp $ # # Auto-tweak plain installed postfix Debian package # -# TODO: Implement stuff from here: http://www.wsrcc.com/spam/ -# -# TODO: Implement stuff from here: http://www.muine.org/~hoang/postfix.html -# -# TODO: Figure out a way to use chroot jail for TLS stuff. +# TODO: +# * Implement stuff from here: http://www.wsrcc.com/spam/ +# * Implement stuff from here: http://www.muine.org/~hoang/postfix.html +# * Implement stuff from here: http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt +# * Figure out a way to use chroot jail for TLS stuff. +# * Resolve 1.x/2.x differences in RBL map expansion within getlinesfromfile() set -e @@ -24,12 +25,45 @@ if $postconf -d mail_version | grep -q '= 2'; then pf2=1 fi +#function getlinesfromfile() { +# param="$1" +# echo -n "$param = " +# cat $paramdir/$param | grep -v '^#' | sed 's/#.*//' | tr '\n' ',' | sed -e 's/^[, ]*//' -e 's/[, ]\+/,/g' -e 's/,$//' +#} + function getlinesfromfile() { param="$1" + shift + replacements= + for subparam in $@; do + case "$subparam" in + *=*=*) + oldparam="`echo $subparam | awk -F= '{print $1}'`" + newparam="`echo $subparam | awk -F= '{print $2}'`" + newparamfile="`echo $subparam | awk -F= '{print $3}'`" + shift + ;; + *) + oldparam=$subparam + newparam=$subparam + newparamfile=$subparam + shift + ;; + esac + newparamvalues="`getlinesfromfile $newparamfile | sed -e 's/.*=[ ]*//' -e 's/,/ /g'`" + newstring= + for newparamvalue in $newparamvalues; do + newstring="${newstring}$newparam $newparamvalue," + done + replacements="$replacements;s/$oldparam/$newstring/" + done echo -n "$param = " - cat $paramdir/$param | grep -v '^#' | sed 's/#.*//' | tr '\n' ',' | sed -e 's/^[, ]*//' -e 's/[, ]\+/,/g' -e 's/,$//' + cat $paramdir/$param | grep -v '^#' | sed 's/#.*//' | tr '\n' ',' | sed -e 's/^[, ]*//;s/[, ]\+/,/g' -e "s/,\$//$replacements" } +# Inspired by D. J. Bernstein: http://cr.yp.to/smtp/greeting.html +$postconf -e 'smtpd_banner = $myhostname NO UCE ESMTP $mail_name (Debian/GNU)' + # Some badly configured setup use hostname instead of FQDN # Disable completely: Effective, but hurts executive type guys using windows servers... :-( #if $postconf myhostname | grep -q '\.'; then @@ -38,17 +72,15 @@ function getlinesfromfile() { $postconf -e 'smtpd_helo_required = no' $postconf -e "`getlinesfromfile permit_mx_backup_networks`" if [ "$pf2" ]; then - rbl_domains="`getlinesfromfile maps_rbl_domains | sed -e 's/.*=[ ]*//' -e 's/,/ /g'`" - rbl_domain_line= - for rbl_domain in $rbl_domains; do - rbl_domain_line="${rbl_domain_line}reject_rbl_client $rbl_domain," - done - recipient_restrictions="`getlinesfromfile smtpd_recipient_restrictions | sed 's/.*=[ ]*//' | sed \"s/reject_maps_rbl/$rbl_domain_line/\"`" $postconf -e "maps_rbl_domains =" - $postconf -e "smtpd_recipient_restrictions = $recipient_restrictions" - $postconf -e "smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org" + $postconf -e "`getlinesfromfile smtpd_client_restrictions reject_rhsbl_client`" + $postconf -e "`getlinesfromfile smtpd_helo_restrictions`" + $postconf -e "`getlinesfromfile smtpd_sender_restrictions reject_rhsbl_sender`" + $postconf -e "`getlinesfromfile smtpd_recipient_restrictions reject_maps_rbl=reject_rbl_client=maps_rbl_domains`" + $postconf -e "`getlinesfromfile smtpd_data_restrictions`" else $postconf -e "`getlinesfromfile maps_rbl_domains`" + $postconf -e "`getlinesfromfile smtpd_helo_restrictions`" $postconf -e "`getlinesfromfile smtpd_recipient_restrictions`" fi |