From 411f5a7a038eb69e9fbe10fe7746bfb2c6f8138c Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Mon, 26 Mar 2012 13:26:05 +0200
Subject: Improve warnings on requirements.

---
 postfix/postfix.sh | 59 +++++++++++++++++++++++++++++++++++++-----------------
 1 file changed, 41 insertions(+), 18 deletions(-)

(limited to 'postfix')

diff --git a/postfix/postfix.sh b/postfix/postfix.sh
index ee81449..27efb9f 100755
--- a/postfix/postfix.sh
+++ b/postfix/postfix.sh
@@ -18,6 +18,10 @@ set -e
 # Let's standardize sort
 export LC_ALL=C
 
+warn()	{
+	echo >&2 "Warning: $1"
+}
+
 exit1()	{
 	echo >&2 "Error: $1"
 	echo >&2 "Exiting..."
@@ -45,7 +49,7 @@ echo "$pfver" | grep -q '2\.[2-9]' \
 pf23=
 ! echo "$pfver" | grep -q '2\.[3-9]' || pf23=1
 if ! [ -d "$realmsdir" ]; then
-	echo >&2 "WARNING: Realms directory \"$realmsdir\" does not exist."
+	warn "Realms directory \"$realmsdir\" does not exist."
 fi
 #postgrey=
 #if [ -x /usr/sbin/postgrey ]; then
@@ -54,47 +58,66 @@ fi
 #else
 #	exit1 "ERROR: Greylisting support (Debian package postgrey) missing."
 #fi
+cyrus=
+if [ -x /usr/sbin/saslauthd ]; then
+	if saslauthd -v 2>&1 | grep -q '^saslauthd 2.1'; then
+		cyrus=1
+	else
+		warn "Cyrus SASL too old - requires >= 2.1.1)."
+	fi
+else
+	warn "Cyrus SASL missing - (Debian package sasl2-bin)."
+fi
+dovecot=
+if [ -x /usr/sbin/dovecot ]; then
+	dovecot=1
+else
+	warn "Dovecot missing - (Debian package dovecot-core or dovecot)."
+fi
 sslcert=
 if [ -f /etc/ssl/certs/postfix.pem ]; then
 	sslcert=1
 else
-	echo >&2 "WARNING: TLS encryption requires SSL certificate at /etc/ssl/certs/postfix.pem."
+	warn "No TLS encryption - requires SSL certificate at /etc/ssl/certs/postfix.pem."
 fi
 sasl_main_type=
 sasl_dovecot=
 sasl_cyrus=
 if [ -n "$sslcert" ]; then
 	# FIXME: We really want to check for at least 2.1.1 but that's tricky...
-	if saslauthd -v 2>&1 | grep -q '^saslauthd 2.1'; then
+	if [ -n "$cyrus" ]; then
 		sasl_cyrus=1
 		sasl_main_type=cyrus
-	else
-		echo >&2 "WARNING: Cyrus SASL authentication requires sasl tools 2.1.1 (Debian package sasl2-bin)."
 	fi
-	if [ -n "$pf23" ] && dovecot --version | grep -q '^2'; then
-		sasl_dovecot=1
-		sasl_main_type=dovecot
-	else
-		echo >&2 "WARNING: Dovecot SASL authentication requires Dovecot 2.0 (Debian package dovecot-core or dovecot)."
+	if [ -n "$dovecot" ]; then
+		if [ -n "$pf23" ]; then
+			sasl_dovecot=1
+			sasl_main_type=dovecot
+		else
+			warn "No Dovecot SASL - requires postfix >= 2.3."
+		fi
 	fi
 	if [ -z "$sasl_main_type" ]; then
-		echo >&2 "WARNING: Cyrus SASL authentication requires sasl tools 2.1.1 (Debian package sasl2-bin)."
+		warn "No SASL authentication - requires Cyrus SASL or Dovecot."
 	fi
 else
-	echo >&2 "WARNING: SASL authentication requires TLS encryption."
+	warn "No SASL authentication - requires TLS encryption."
 fi
 amavis=
 if [ -x /usr/sbin/amavisd ] || [ -x /usr/sbin/amavisd-new ]; then
 	amavis=1
 else
-	echo >&2 "WARNING: Avoiding AMaViS setup: not installed."
+	warn "AMaViS missing (Debian package amavisd-new)."
 fi
-
 dkimproxy=
-if [ "1" = "$amavis" ] && [ -x /usr/bin/dkimproxy-sign ]; then
-	dkimproxy=1
+if [ -x /usr/bin/dkimproxy-sign ]; then
+	if [ "1" = "$amavis" ]; then
+		dkimproxy=1
+	else
+		warn "No DKIM/Domainkey - requires DKIMproxy and AMaViS."
+	fi
 else
-	echo >&2 "WARNING: Avoiding/disabling DKIMproxy setup: not installed."
+	warn "DKIMproxy missing (Debian package dkimproxy)."
 fi
 
 catfilefromownrealm() {
@@ -292,7 +315,7 @@ if [ -n "$sslcert" ]; then
 		$postconf -c "$tempdir" -e "smtp_tls_policy_maps = hash:$confdir/tls_policy"
 	else
 		$postconf -c "$tempdir" -e 'smtp_use_tls = no'
-		echo >&2 "WARNING: Private certificate not found - client side TLS not enabled!"
+		warn "No client-side TLS - requires private SSL certificate at /etc/ssl/private/postfix.pem."
 	fi
 fi
 
-- 
cgit v1.2.3