summaryrefslogtreecommitdiff
path: root/postfix
diff options
context:
space:
mode:
Diffstat (limited to 'postfix')
-rwxr-xr-xpostfix/postfix.sh59
1 files changed, 41 insertions, 18 deletions
diff --git a/postfix/postfix.sh b/postfix/postfix.sh
index ee81449..27efb9f 100755
--- a/postfix/postfix.sh
+++ b/postfix/postfix.sh
@@ -18,6 +18,10 @@ set -e
# Let's standardize sort
export LC_ALL=C
+warn() {
+ echo >&2 "Warning: $1"
+}
+
exit1() {
echo >&2 "Error: $1"
echo >&2 "Exiting..."
@@ -45,7 +49,7 @@ echo "$pfver" | grep -q '2\.[2-9]' \
pf23=
! echo "$pfver" | grep -q '2\.[3-9]' || pf23=1
if ! [ -d "$realmsdir" ]; then
- echo >&2 "WARNING: Realms directory \"$realmsdir\" does not exist."
+ warn "Realms directory \"$realmsdir\" does not exist."
fi
#postgrey=
#if [ -x /usr/sbin/postgrey ]; then
@@ -54,47 +58,66 @@ fi
#else
# exit1 "ERROR: Greylisting support (Debian package postgrey) missing."
#fi
+cyrus=
+if [ -x /usr/sbin/saslauthd ]; then
+ if saslauthd -v 2>&1 | grep -q '^saslauthd 2.1'; then
+ cyrus=1
+ else
+ warn "Cyrus SASL too old - requires >= 2.1.1)."
+ fi
+else
+ warn "Cyrus SASL missing - (Debian package sasl2-bin)."
+fi
+dovecot=
+if [ -x /usr/sbin/dovecot ]; then
+ dovecot=1
+else
+ warn "Dovecot missing - (Debian package dovecot-core or dovecot)."
+fi
sslcert=
if [ -f /etc/ssl/certs/postfix.pem ]; then
sslcert=1
else
- echo >&2 "WARNING: TLS encryption requires SSL certificate at /etc/ssl/certs/postfix.pem."
+ warn "No TLS encryption - requires SSL certificate at /etc/ssl/certs/postfix.pem."
fi
sasl_main_type=
sasl_dovecot=
sasl_cyrus=
if [ -n "$sslcert" ]; then
# FIXME: We really want to check for at least 2.1.1 but that's tricky...
- if saslauthd -v 2>&1 | grep -q '^saslauthd 2.1'; then
+ if [ -n "$cyrus" ]; then
sasl_cyrus=1
sasl_main_type=cyrus
- else
- echo >&2 "WARNING: Cyrus SASL authentication requires sasl tools 2.1.1 (Debian package sasl2-bin)."
fi
- if [ -n "$pf23" ] && dovecot --version | grep -q '^2'; then
- sasl_dovecot=1
- sasl_main_type=dovecot
- else
- echo >&2 "WARNING: Dovecot SASL authentication requires Dovecot 2.0 (Debian package dovecot-core or dovecot)."
+ if [ -n "$dovecot" ]; then
+ if [ -n "$pf23" ]; then
+ sasl_dovecot=1
+ sasl_main_type=dovecot
+ else
+ warn "No Dovecot SASL - requires postfix >= 2.3."
+ fi
fi
if [ -z "$sasl_main_type" ]; then
- echo >&2 "WARNING: Cyrus SASL authentication requires sasl tools 2.1.1 (Debian package sasl2-bin)."
+ warn "No SASL authentication - requires Cyrus SASL or Dovecot."
fi
else
- echo >&2 "WARNING: SASL authentication requires TLS encryption."
+ warn "No SASL authentication - requires TLS encryption."
fi
amavis=
if [ -x /usr/sbin/amavisd ] || [ -x /usr/sbin/amavisd-new ]; then
amavis=1
else
- echo >&2 "WARNING: Avoiding AMaViS setup: not installed."
+ warn "AMaViS missing (Debian package amavisd-new)."
fi
-
dkimproxy=
-if [ "1" = "$amavis" ] && [ -x /usr/bin/dkimproxy-sign ]; then
- dkimproxy=1
+if [ -x /usr/bin/dkimproxy-sign ]; then
+ if [ "1" = "$amavis" ]; then
+ dkimproxy=1
+ else
+ warn "No DKIM/Domainkey - requires DKIMproxy and AMaViS."
+ fi
else
- echo >&2 "WARNING: Avoiding/disabling DKIMproxy setup: not installed."
+ warn "DKIMproxy missing (Debian package dkimproxy)."
fi
catfilefromownrealm() {
@@ -292,7 +315,7 @@ if [ -n "$sslcert" ]; then
$postconf -c "$tempdir" -e "smtp_tls_policy_maps = hash:$confdir/tls_policy"
else
$postconf -c "$tempdir" -e 'smtp_use_tls = no'
- echo >&2 "WARNING: Private certificate not found - client side TLS not enabled!"
+ warn "No client-side TLS - requires private SSL certificate at /etc/ssl/private/postfix.pem."
fi
fi