Update dovecot, spampd settings for Ubuntu 22.04
* dovecot's ssl_protocols became ssl_min_protocol in 2.3 * spampd fixed a bug so we can remove lmtp_destination_recipient_limit=1 in postfix
This commit is contained in:
Joshua Tauberer
parent
96bab10b53
commit
3599bbbf2e
|
|
@ -84,7 +84,7 @@ tools/editconf.py /etc/dovecot/conf.d/10-ssl.conf \
|
|||
ssl=required \
|
||||
"ssl_cert=<$STORAGE_ROOT/ssl/ssl_certificate.pem" \
|
||||
"ssl_key=<$STORAGE_ROOT/ssl/ssl_private_key.pem" \
|
||||
"ssl_protocols=TLSv1.2" \
|
||||
"ssl_min_protocol=TLSv1.2" \
|
||||
"ssl_cipher_list=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" \
|
||||
"ssl_prefer_server_ciphers=no" \
|
||||
"ssl_dh_parameters_length=2048"
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@
|
|||
# destinations according to aliases, and passses email on to
|
||||
# another service for local mail delivery.
|
||||
#
|
||||
# The first hop in local mail delivery is to Spamassassin via
|
||||
# LMTP. Spamassassin then passes mail over to Dovecot for
|
||||
# The first hop in local mail delivery is to spampd via
|
||||
# LMTP. spampd then passes mail over to Dovecot for
|
||||
# storage in the user's mailbox.
|
||||
#
|
||||
# Postfix also listens on ports 465/587 (SMTPS, SMTP+STARTLS) for
|
||||
|
|
@ -193,16 +193,17 @@ tools/editconf.py /etc/postfix/main.cf \
|
|||
|
||||
# ### Incoming Mail
|
||||
|
||||
# Pass any incoming mail over to a local delivery agent. Spamassassin
|
||||
# will act as the LDA agent at first. It is listening on port 10025
|
||||
# with LMTP. Spamassassin will pass the mail over to Dovecot after.
|
||||
# Pass mail to spampd, which acts as the local delivery agent (LDA),
|
||||
# which then passes the mail over to the Dovecot LMTP server after.
|
||||
# spampd runs on port 10025 by default.
|
||||
#
|
||||
# In a basic setup we would pass mail directly to Dovecot by setting
|
||||
# virtual_transport to `lmtp:unix:private/dovecot-lmtp`.
|
||||
tools/editconf.py /etc/postfix/main.cf "virtual_transport=lmtp:[127.0.0.1]:10025"
|
||||
# Because of a spampd bug, limit the number of recipients in each connection.
|
||||
# Clear the lmtp_destination_recipient_limit setting which in previous
|
||||
# versions of Mail-in-a-Box was set to 1 because of a spampd bug.
|
||||
# See https://github.com/mail-in-a-box/mailinabox/issues/1523.
|
||||
tools/editconf.py /etc/postfix/main.cf lmtp_destination_recipient_limit=1
|
||||
tools/editconf.py /etc/postfix/main.cf -e lmtp_destination_recipient_limit=
|
||||
|
||||
|
||||
# Who can send mail to us? Some basic filters.
|
||||
|
|
|
|||
|
|
@ -14,6 +14,10 @@
|
|||
#
|
||||
# NAME VALUE
|
||||
#
|
||||
# If the -e option is given and VALUE is empty, the setting is removed
|
||||
# from the configuration file if it is set (i.e. existing occurrences
|
||||
# are commented out and no new setting is added).
|
||||
#
|
||||
# If the -c option is given, then the supplied character becomes the comment character
|
||||
#
|
||||
# If the -w option is given, then setting lines continue onto following
|
||||
|
|
@ -35,6 +39,7 @@ settings = sys.argv[2:]
|
|||
|
||||
delimiter = "="
|
||||
delimiter_re = r"\s*=\s*"
|
||||
erase_setting = False
|
||||
comment_char = "#"
|
||||
folded_lines = False
|
||||
testing = False
|
||||
|
|
@ -44,6 +49,9 @@ while settings[0][0] == "-" and settings[0] != "--":
|
|||
# Space is the delimiter
|
||||
delimiter = " "
|
||||
delimiter_re = r"\s+"
|
||||
elif opt == "-e":
|
||||
# Erase settings that have empty values.
|
||||
erase_setting = True
|
||||
elif opt == "-w":
|
||||
# Line folding is possible in this file.
|
||||
folded_lines = True
|
||||
|
|
@ -81,7 +89,7 @@ while len(input_lines) > 0:
|
|||
|
||||
# See if this line is for any settings passed on the command line.
|
||||
for i in range(len(settings)):
|
||||
# Check that this line contain this setting from the command-line arguments.
|
||||
# Check if this line contain this setting from the command-line arguments.
|
||||
name, val = settings[i].split("=", 1)
|
||||
m = re.match(
|
||||
"(\s*)"
|
||||
|
|
@ -91,8 +99,10 @@ while len(input_lines) > 0:
|
|||
if not m: continue
|
||||
indent, is_comment, existing_val = m.groups()
|
||||
|
||||
# If this is already the setting, do nothing.
|
||||
if is_comment is None and existing_val == val:
|
||||
# If this is already the setting, keep it in the file, except:
|
||||
# * If we've already seen it before, then remove this duplicate line.
|
||||
# * If val is empty and erase_setting is on, then comment it out.
|
||||
if is_comment is None and existing_val == val and not (not val and erase_setting):
|
||||
# It may be that we've already inserted this setting higher
|
||||
# in the file so check for that first.
|
||||
if i in found: break
|
||||
|
|
@ -107,8 +117,9 @@ while len(input_lines) > 0:
|
|||
# the line is already commented, pass it through
|
||||
buf += line
|
||||
|
||||
# if this option oddly appears more than once, don't add the setting again
|
||||
if i in found:
|
||||
# if this option already is set don't add the setting again,
|
||||
# or if we're clearing the setting with -e, don't add it
|
||||
if (i in found) or (not val and erase_setting):
|
||||
break
|
||||
|
||||
# add the new setting
|
||||
|
|
@ -122,9 +133,10 @@ while len(input_lines) > 0:
|
|||
# If did not match any setting names, pass this line through.
|
||||
buf += line
|
||||
|
||||
# Put any settings we didn't see at the end of the file.
|
||||
# Put any settings we didn't see at the end of the file,
|
||||
# except settings being cleared.
|
||||
for i in range(len(settings)):
|
||||
if i not in found:
|
||||
if (i not in found) and not (not val and erase_setting):
|
||||
name, val = settings[i].split("=", 1)
|
||||
buf += name + delimiter + val + "\n"
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue