Merge 97b3207392 into 2a72c800f6

2025-04-21 03:02:09 +00:00 · 2018-07-01 13:02:44 +00:00 · 2018-07-01 13:02:44 +00:00 · 47a795dd42
commit 47a795dd42
parent 2a72c800f6 97b3207392
3 changed files with 115 additions and 0 deletions
--- a/setup/clamsmtpd.sh
+++ b/setup/clamsmtpd.sh
@ -0,0 +1,68 @@
 #!/bin/bash
 # clamsmtpd virus scanning
 # ----------------------
 source setup/functions.sh # load our functions
 source /etc/mailinabox.conf # load global vars
 echo "Installing clamsmtpd (ClamAV e-mail virus scanning)..."
 # Install clamav-daemon & clamsmtpd with additional scanning formats
 apt_install sqlite clamav-daemon clamav clamsmtp unzip p7zip zip arj bzip2 cabextract cpio file gzip lhasa nomarch pax rar unrar unzip zip zoo
 # Config /etc/clamsmtpd.conf
 # Config edits do the following:
 # Default port of 10025 is already in use by <>, using unused port 10028 to pass back from clamsmtpd to postfix.
 # Default port of 10026 for listening from postfix is already in use by <>, using unused port 10027 instead.
 # Add X-AV-Checked Header
 # Adds script to notify destination user only (since sender may be spoofed) that mail was dropped due to virus detection)
 tools/editconf.py /etc/clamsmtpd.conf -s \
                OutAddress:=127.0.0.1:10028 \
                Listen:=127.0.0.1:10027 \
                Header:="X-AV-Checked: ClamAV" \
                VirusAction:="/usr/local/lib/clamsmtpd/email_virus_notify.sh"
 # Configure postfix main.cf
 tools/editconf.py /etc/postfix/main.cf \
 content_filter=scan:127.0.0.1:10027 #\
 #not sure if the below is needed/wanted, RFC - http://www.postfix.org/postconf.5.html#receive_override_options
 #receive_override_options=no_address_mappings
 # Configure postfix master.cf
 tools/editconf.py /etc/postfix/master.cf -s -w \
        "scan=unix  -       -       n       -       16      smtp
          -o smtp_send_xforward_command=yes" \
        "127.0.0.1:10028=inet  n -       n       -       16      smtpd
          -o content_filter=
          -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
          -o smtpd_helo_restrictions=
          -o smtpd_client_restrictions=
          -o smtpd_sender_restrictions=
          -o smtpd_recipient_restrictions=permit_mynetworks,reject
          -o mynetworks_style=host
          -o smtpd_authorized_xforward_hosts=127.0.0.0/8"
 # Config Notification Script
 # Inspiration from https://h4des.org/blog/index.php?/archives/308-clamsmtp-informing-recipients-abount-email-virus-infection.html
 mkdir -p /usr/local/lib/clamsmtpd
 chown clamsmtp:clamsmtp /usr/local/lib/clamsmtpd
 cp tools/email_virus_notify.sh /usr/local/lib/clamsmtpd/email_virus_notify.sh
 chown clamsmtp:clamsmtp /usr/local/lib/clamsmtpd/email_virus_notify.sh
 chmod 700 /usr/local/lib/clamsmtpd/email_virus_notify.sh
 # Force virus def updates
 echo "Updating ClamAV Definitions"
 echo ""
 /usr/bin/freshclam
 # restart postfix, start clamsmtpd, clamav-daemon, clamav-freshclam
 adduser clamsmtp clamav > /dev/null
 restart_service postfix
 restart_service clamsmtp
 restart_service clamav-daemon
 restart_service clamav-freshclam
--- a/setup/start.sh
+++ b/setup/start.sh
@ -104,6 +104,7 @@ source setup/mail-dovecot.sh
 source setup/mail-users.sh
 source setup/dkim.sh
 source setup/spamassassin.sh
 source setup/clamsmtpd.sh
 source setup/web.sh
 source setup/webmail.sh
 source setup/owncloud.sh
--- a/tools/email_virus_notify.sh
+++ b/tools/email_virus_notify.sh
@ -0,0 +1,46 @@
 #!/bin/bash
 #
 # This script will notify users that email was dropped by clamsmtpd.
 #
 # Original inspiration from this script: https://h4des.org/blog/index.php?/archives/308-clamsmtp-informing-recipients-abount-email-virus-infection.html
 source /etc/mailinabox.conf # load global vars
 # For all variables passed when running this script please see "man clamsmtpd.conf"
 #pull list of all emails served by this mailserver
 dest_email=$(/usr/bin/sqlite3 /home/user-data/mail/users.sqlite "select distinct source from aliases union all select distinct email from users;")
 # check every single recipient
 for i in $RECIPIENTS; do
 # check every single email/alias
 for j in $dest_email; do
 #check if email address contains hosted domain name
 # $i contains email address
 # $j contains hosted email
 if [[ "$i" == "$j" ]]
 then
 {
 echo "Subject: Email Virus Scan Notification"
 echo ""
 echo "Hello $i,"
 echo ""
 echo "This is the email system of $PRIMARY_HOSTNAME."
 echo ""
 echo "The email from $SENDER to you was infected with a virus ($VIRUS)."
 echo "The email was blocked and this notification was sent instead."
 echo ""
 echo "If you encounter further problems please contact your System Administrator."
 echo ""
 echo "Regards,"
 echo "The email server at $PRIMARY_HOSTNAME"
 #sending email to recipient that is hosted on this system
 } | sendmail -f "postmaster@$PRIMARY_HOSTNAME" "$i"
 #continue with next recipient
 fi
 done
 done