mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-24 07:37:04 +00:00
Update dovecot, spampd settings for Ubuntu 22.04
* dovecot's ssl_protocols became ssl_min_protocol in 2.3 * spampd fixed a bug so we can remove lmtp_destination_recipient_limit=1 in postfix
This commit is contained in:
parent
96bab10b53
commit
3599bbbf2e
@ -84,7 +84,7 @@ tools/editconf.py /etc/dovecot/conf.d/10-ssl.conf \
|
|||||||
ssl=required \
|
ssl=required \
|
||||||
"ssl_cert=<$STORAGE_ROOT/ssl/ssl_certificate.pem" \
|
"ssl_cert=<$STORAGE_ROOT/ssl/ssl_certificate.pem" \
|
||||||
"ssl_key=<$STORAGE_ROOT/ssl/ssl_private_key.pem" \
|
"ssl_key=<$STORAGE_ROOT/ssl/ssl_private_key.pem" \
|
||||||
"ssl_protocols=TLSv1.2" \
|
"ssl_min_protocol=TLSv1.2" \
|
||||||
"ssl_cipher_list=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" \
|
"ssl_cipher_list=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" \
|
||||||
"ssl_prefer_server_ciphers=no" \
|
"ssl_prefer_server_ciphers=no" \
|
||||||
"ssl_dh_parameters_length=2048"
|
"ssl_dh_parameters_length=2048"
|
||||||
|
@ -13,8 +13,8 @@
|
|||||||
# destinations according to aliases, and passses email on to
|
# destinations according to aliases, and passses email on to
|
||||||
# another service for local mail delivery.
|
# another service for local mail delivery.
|
||||||
#
|
#
|
||||||
# The first hop in local mail delivery is to Spamassassin via
|
# The first hop in local mail delivery is to spampd via
|
||||||
# LMTP. Spamassassin then passes mail over to Dovecot for
|
# LMTP. spampd then passes mail over to Dovecot for
|
||||||
# storage in the user's mailbox.
|
# storage in the user's mailbox.
|
||||||
#
|
#
|
||||||
# Postfix also listens on ports 465/587 (SMTPS, SMTP+STARTLS) for
|
# Postfix also listens on ports 465/587 (SMTPS, SMTP+STARTLS) for
|
||||||
@ -193,16 +193,17 @@ tools/editconf.py /etc/postfix/main.cf \
|
|||||||
|
|
||||||
# ### Incoming Mail
|
# ### Incoming Mail
|
||||||
|
|
||||||
# Pass any incoming mail over to a local delivery agent. Spamassassin
|
# Pass mail to spampd, which acts as the local delivery agent (LDA),
|
||||||
# will act as the LDA agent at first. It is listening on port 10025
|
# which then passes the mail over to the Dovecot LMTP server after.
|
||||||
# with LMTP. Spamassassin will pass the mail over to Dovecot after.
|
# spampd runs on port 10025 by default.
|
||||||
#
|
#
|
||||||
# In a basic setup we would pass mail directly to Dovecot by setting
|
# In a basic setup we would pass mail directly to Dovecot by setting
|
||||||
# virtual_transport to `lmtp:unix:private/dovecot-lmtp`.
|
# virtual_transport to `lmtp:unix:private/dovecot-lmtp`.
|
||||||
tools/editconf.py /etc/postfix/main.cf "virtual_transport=lmtp:[127.0.0.1]:10025"
|
tools/editconf.py /etc/postfix/main.cf "virtual_transport=lmtp:[127.0.0.1]:10025"
|
||||||
# Because of a spampd bug, limit the number of recipients in each connection.
|
# Clear the lmtp_destination_recipient_limit setting which in previous
|
||||||
|
# versions of Mail-in-a-Box was set to 1 because of a spampd bug.
|
||||||
# See https://github.com/mail-in-a-box/mailinabox/issues/1523.
|
# See https://github.com/mail-in-a-box/mailinabox/issues/1523.
|
||||||
tools/editconf.py /etc/postfix/main.cf lmtp_destination_recipient_limit=1
|
tools/editconf.py /etc/postfix/main.cf -e lmtp_destination_recipient_limit=
|
||||||
|
|
||||||
|
|
||||||
# Who can send mail to us? Some basic filters.
|
# Who can send mail to us? Some basic filters.
|
||||||
|
@ -14,6 +14,10 @@
|
|||||||
#
|
#
|
||||||
# NAME VALUE
|
# NAME VALUE
|
||||||
#
|
#
|
||||||
|
# If the -e option is given and VALUE is empty, the setting is removed
|
||||||
|
# from the configuration file if it is set (i.e. existing occurrences
|
||||||
|
# are commented out and no new setting is added).
|
||||||
|
#
|
||||||
# If the -c option is given, then the supplied character becomes the comment character
|
# If the -c option is given, then the supplied character becomes the comment character
|
||||||
#
|
#
|
||||||
# If the -w option is given, then setting lines continue onto following
|
# If the -w option is given, then setting lines continue onto following
|
||||||
@ -35,6 +39,7 @@ settings = sys.argv[2:]
|
|||||||
|
|
||||||
delimiter = "="
|
delimiter = "="
|
||||||
delimiter_re = r"\s*=\s*"
|
delimiter_re = r"\s*=\s*"
|
||||||
|
erase_setting = False
|
||||||
comment_char = "#"
|
comment_char = "#"
|
||||||
folded_lines = False
|
folded_lines = False
|
||||||
testing = False
|
testing = False
|
||||||
@ -44,6 +49,9 @@ while settings[0][0] == "-" and settings[0] != "--":
|
|||||||
# Space is the delimiter
|
# Space is the delimiter
|
||||||
delimiter = " "
|
delimiter = " "
|
||||||
delimiter_re = r"\s+"
|
delimiter_re = r"\s+"
|
||||||
|
elif opt == "-e":
|
||||||
|
# Erase settings that have empty values.
|
||||||
|
erase_setting = True
|
||||||
elif opt == "-w":
|
elif opt == "-w":
|
||||||
# Line folding is possible in this file.
|
# Line folding is possible in this file.
|
||||||
folded_lines = True
|
folded_lines = True
|
||||||
@ -81,7 +89,7 @@ while len(input_lines) > 0:
|
|||||||
|
|
||||||
# See if this line is for any settings passed on the command line.
|
# See if this line is for any settings passed on the command line.
|
||||||
for i in range(len(settings)):
|
for i in range(len(settings)):
|
||||||
# Check that this line contain this setting from the command-line arguments.
|
# Check if this line contain this setting from the command-line arguments.
|
||||||
name, val = settings[i].split("=", 1)
|
name, val = settings[i].split("=", 1)
|
||||||
m = re.match(
|
m = re.match(
|
||||||
"(\s*)"
|
"(\s*)"
|
||||||
@ -91,8 +99,10 @@ while len(input_lines) > 0:
|
|||||||
if not m: continue
|
if not m: continue
|
||||||
indent, is_comment, existing_val = m.groups()
|
indent, is_comment, existing_val = m.groups()
|
||||||
|
|
||||||
# If this is already the setting, do nothing.
|
# If this is already the setting, keep it in the file, except:
|
||||||
if is_comment is None and existing_val == val:
|
# * If we've already seen it before, then remove this duplicate line.
|
||||||
|
# * If val is empty and erase_setting is on, then comment it out.
|
||||||
|
if is_comment is None and existing_val == val and not (not val and erase_setting):
|
||||||
# It may be that we've already inserted this setting higher
|
# It may be that we've already inserted this setting higher
|
||||||
# in the file so check for that first.
|
# in the file so check for that first.
|
||||||
if i in found: break
|
if i in found: break
|
||||||
@ -107,8 +117,9 @@ while len(input_lines) > 0:
|
|||||||
# the line is already commented, pass it through
|
# the line is already commented, pass it through
|
||||||
buf += line
|
buf += line
|
||||||
|
|
||||||
# if this option oddly appears more than once, don't add the setting again
|
# if this option already is set don't add the setting again,
|
||||||
if i in found:
|
# or if we're clearing the setting with -e, don't add it
|
||||||
|
if (i in found) or (not val and erase_setting):
|
||||||
break
|
break
|
||||||
|
|
||||||
# add the new setting
|
# add the new setting
|
||||||
@ -122,9 +133,10 @@ while len(input_lines) > 0:
|
|||||||
# If did not match any setting names, pass this line through.
|
# If did not match any setting names, pass this line through.
|
||||||
buf += line
|
buf += line
|
||||||
|
|
||||||
# Put any settings we didn't see at the end of the file.
|
# Put any settings we didn't see at the end of the file,
|
||||||
|
# except settings being cleared.
|
||||||
for i in range(len(settings)):
|
for i in range(len(settings)):
|
||||||
if i not in found:
|
if (i not in found) and not (not val and erase_setting):
|
||||||
name, val = settings[i].split("=", 1)
|
name, val = settings[i].split("=", 1)
|
||||||
buf += name + delimiter + val + "\n"
|
buf += name + delimiter + val + "\n"
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user