diff --git a/management/daemon.py b/management/daemon.py index 1ccb161a..542443ce 100755 --- a/management/daemon.py +++ b/management/daemon.py @@ -645,6 +645,33 @@ def privacy_status_set(): utils.write_settings(config, env) return "OK" +@app.route('/system/postgrey-whitelist', methods=["GET","POST"]) +@authorized_personnel_only +def postgrey_whitelist_handler(): + conf_file="/etc/postgrey/whitelist_clients.local" + if request.method == "GET": + contents = "" + try: + with open(conf_file) as fp: + contents = fp.read() + except FileNotFoundError: + pass + return Response(contents, status=200, mimetype='text/plain') + + elif request.method == "POST": + try: + contents = request.form["contents"] + with open(conf_file, "w") as fp: + fp.write(contents) + utils.shell("check_call", ["/bin/systemctl", "reload", "postgrey"]) + except KeyError: + return ("Missing required parameter", 400) + except subprocess.CalledProcessError as e: + app.logger.exception(e) + return ("Postgrey reload failed", 500) + + return "OK. Saved and Postgrey reloaded." + # MUNIN @app.route('/munin/') diff --git a/management/templates/index.html b/management/templates/index.html index 35be0616..6ff38725 100644 --- a/management/templates/index.html +++ b/management/templates/index.html @@ -94,6 +94,7 @@
  • Custom DNS
  • External DNS
  • Munin Monitoring
    • +
  • Postgrey whitelist
  • @@ -135,6 +136,10 @@ {% include "custom-dns.html" %} +
    + {% include "postgrey-whitelist.html" %} +
    +
    {% include "mfa.html" %}
    diff --git a/management/templates/postgrey-whitelist.html b/management/templates/postgrey-whitelist.html new file mode 100644 index 00000000..9b41e1f6 --- /dev/null +++ b/management/templates/postgrey-whitelist.html @@ -0,0 +1,53 @@ + + +

    Postgrey Whitelist

    + +

    The text box below contains the contents of the system's Postgrey local client whitelist. It's comprised of a list of hosts, one per line, whose incoming email to this server should never be greylisted.

    + +

    Entries may be a fully qualified domain name, an IP address, or a regular expression. Regular expressions begin and end with the character "/".

    + +

    This file augments the whilelist provided by Postgrey.

    + + + + + + diff --git a/setup/mail-postfix.sh b/setup/mail-postfix.sh index 91dc30be..2f2385be 100755 --- a/setup/mail-postfix.sh +++ b/setup/mail-postfix.sh @@ -267,6 +267,18 @@ EOF chmod +x /etc/cron.daily/mailinabox-postgrey-whitelist /etc/cron.daily/mailinabox-postgrey-whitelist +# keep the postgrey local client whitelist file in STORAGE_ROOT so it +# gets backed up +mkdir -p "$STORAGE_ROOT/mail/postgrey" +if [ ! -L "/etc/postgrey/whitelist_clients.local" ] && [ -f "/etc/postgrey/whitelist_clients.local" ]; then + # regular file (non-link) exists - move it to user-data + cp -p "/etc/postgrey/whitelist_clients.local" \ + "$STORAGE_ROOT/mail/postgrey/whitelist_clients.local" +fi +ln -sf "$STORAGE_ROOT/mail/postgrey/whitelist_clients.local" \ + "/etc/postgrey/whitelist_clients.local" + + # Increase the message size limit from 10MB to 128MB. # The same limit is specified in nginx.conf for mail submitted via webmail and Z-Push. tools/editconf.py /etc/postfix/main.cf \