From 3679ec984d63e8261cbc8a6b633c8ca75ceb4d62 Mon Sep 17 00:00:00 2001 From: "A. Schippers" Date: Mon, 2 Mar 2020 21:28:04 +0100 Subject: [PATCH] Default MTA_STS mode is testing, saves the state to /etc/mailinabox.conf so during upgrades, the variable is perserved --- conf/mta-sts.txt | 2 +- setup/start.sh | 6 ++++++ setup/web.sh | 2 ++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/conf/mta-sts.txt b/conf/mta-sts.txt index d2c06e85..376102bc 100644 --- a/conf/mta-sts.txt +++ b/conf/mta-sts.txt @@ -1,4 +1,4 @@ version: STSv1 -mode: testing +mode: MODE mx: PRIMARY_HOSTNAME max_age: 86400 \ No newline at end of file diff --git a/setup/start.sh b/setup/start.sh index 0b145022..9e2db214 100755 --- a/setup/start.sh +++ b/setup/start.sh @@ -82,6 +82,11 @@ if [ ! -f $STORAGE_ROOT/mailinabox.version ]; then chown $STORAGE_USER.$STORAGE_USER $STORAGE_ROOT/mailinabox.version fi +# Default policy (initial) for MTA_STS = testing in the current state of inclusion. +# it can be changed to "none", "testing" or "enforce". With this extention, this is preserved by +# future upgrades + +MTA_STS="${DEFAULT_MTA_STS:-testing}" # Save the global options in /etc/mailinabox.conf so that standalone # tools know where to look for data. @@ -93,6 +98,7 @@ PUBLIC_IP=$PUBLIC_IP PUBLIC_IPV6=$PUBLIC_IPV6 PRIVATE_IP=$PRIVATE_IP PRIVATE_IPV6=$PRIVATE_IPV6 +MTA_STS=$MTA_STS EOF # Start service configuration. diff --git a/setup/web.sh b/setup/web.sh index da0c44d9..3885e50b 100755 --- a/setup/web.sh +++ b/setup/web.sh @@ -126,7 +126,9 @@ chmod a+r /var/lib/mailinabox/mozilla-autoconfig.xml # nginx configuration at /.well-known/mta-sts.txt # more documentation is available on: # https://www.uriports.com/blog/mta-sts-explained/ + cat conf/mta-sts.txt \ + | sed "s/MODE/$MTA_STS/" \ | sed "s/PRIMARY_HOSTNAME/$PRIMARY_HOSTNAME/" \ > /var/lib/mailinabox/mta-sts.txt chmod a+r /var/lib/mailinabox/mta-sts.txt