From 4a06e93b1e7d61d7dfe99ee7f35bd087cfab2d84 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sat, 31 Aug 2013 18:52:13 +0000 Subject: [PATCH] put all DKIM on the primary hostname since that's the only one guaranteed to be actually hosted (DNS) here; give new users a Spam folder too --- scripts/dns.sh | 4 ++++ scripts/dns_update.sh | 14 +++++++++++++- scripts/start.sh | 1 + tools/mail.py | 1 + 4 files changed, 19 insertions(+), 1 deletion(-) diff --git a/scripts/dns.sh b/scripts/dns.sh index b7fa2a1c..cb2fbbaf 100644 --- a/scripts/dns.sh +++ b/scripts/dns.sh @@ -19,8 +19,12 @@ sudo mkdir -p /var/run/nsd3 mkdir -p "$STORAGE_ROOT/dns"; # Store our desired IP address (to put in the zone files) for later. +# Also store our primary hostname, which we'll use for all DKIM signatures +# in case the user is only delegating MX and we aren't setting DKIM on +# the main DNS. echo $PUBLIC_IP > $STORAGE_ROOT/dns/our_ip +echo $PUBLIC_HOSTNAME > $STORAGE_ROOT/dns/primary_hostname # Create the default zone if it doesn't exist. diff --git a/scripts/dns_update.sh b/scripts/dns_update.sh index 08b2ce89..ee1ee3e2 100755 --- a/scripts/dns_update.sh +++ b/scripts/dns_update.sh @@ -2,6 +2,15 @@ source /etc/mailinabox.conf PUBLIC_IP=`cat $STORAGE_ROOT/dns/our_ip` +PRIMARY_HOSTNAME=`cat $STORAGE_ROOT/dns/primary_hostname` + +# Ensure a zone file exists for every domain name of a mail user. +for mail_user in `tools/mail.py user`; do + domain=`echo $mail_user | sed s/.*@//` + if [ ! -f $STORAGE_ROOT/dns/$domain.txt ]; then + echo "" > $STORAGE_ROOT/dns/$domain.txt; + fi +done # Create the top of nsd.conf. @@ -80,7 +89,10 @@ EOF # OpenDKIM - echo "$zone $zone:mail:$STORAGE_ROOT/mail/dkim/mail.private" >> /etc/opendkim/KeyTable + # For every domain, we sign against the key listed in PRIMARY_HOSTNAME's DNS, + # in case the user is just delegating MX and hasn't set the DKIM info on the + # main DNS record. + echo "$zone $PRIMARY_HOSTNAME:mail:$STORAGE_ROOT/mail/dkim/mail.private" >> /etc/opendkim/KeyTable echo "*@$zone $zone" >> /etc/opendkim/SigningTable done diff --git a/scripts/start.sh b/scripts/start.sh index 2fed598d..f70ccc53 100755 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -38,6 +38,7 @@ fi cat > /etc/mailinabox.conf << EOF; STORAGE_ROOT=$STORAGE_ROOT +PUBLIC_HOSTNAME=$PUBLIC_HOSTNAME EOF . scripts/system.sh diff --git a/tools/mail.py b/tools/mail.py index d977a7aa..e59643e0 100755 --- a/tools/mail.py +++ b/tools/mail.py @@ -51,6 +51,7 @@ elif sys.argv[1] == "user" and sys.argv[2] in ("add", "password"): # Create the user's INBOX and subscribe it. conn.commit() # write it before next step subprocess.check_call(["doveadm", "mailbox", "create", "-u", email, "-s", "INBOX"]) + subprocess.check_call(["doveadm", "mailbox", "create", "-u", email, "-s", "Spam"]) elif sys.argv[2] == "password": c.execute("UPDATE users SET password=? WHERE email=?", (pw, email)) if c.rowcount != 1: