1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-01 23:57:05 +00:00

- Added disable greylist functions

- removed bootstrap script, I don't need because cloning repository
- Changed default mail-in-a-box homepage
This commit is contained in:
AiutoPcAmico 2023-12-29 09:41:44 +01:00
parent e541686dcb
commit 6b2e165f0d
8 changed files with 118 additions and 39 deletions

View File

@ -12,8 +12,9 @@ Upstream current implemented version: *v67* (v67-AiutoPcAmico)
- At the moment, OwnCloud is disabled, because it not supports php8.2
- Updated php to version 8.2
- Changed SMTP server sign
- more restrictive Fail2Ban configuration
- ask the user if he wants to disable the graylist
## Future implementation
- ask the user if he wants to disable the graylist
- Changing the default index page more easily

View File

@ -11,24 +11,24 @@ ignoreip = 127.0.0.1/8 PUBLIC_IP ::1 PUBLIC_IPV6
enabled = true
filter = dovecotimap
logpath = /var/log/mail.log
findtime = 30
maxretry = 20
findtime = 10
maxretry = 120
[miab-management]
enabled = true
filter = miab-management-daemon
port = http,https
logpath = /var/log/syslog
maxretry = 20
findtime = 30
maxretry = 10
findtime = 120
[miab-munin]
enabled = true
port = http,https
filter = miab-munin
logpath = /var/log/nginx/access.log
maxretry = 20
findtime = 30
maxretry = 3
findtime = 120
#Disabling owncloud, that is not compatible with php 8.2 but I don't need it
#[miab-owncloud]
@ -44,28 +44,28 @@ enabled = true
port = 465
filter = miab-postfix-submission
logpath = /var/log/mail.log
maxretry = 20
findtime = 30
maxretry = 10
findtime = 120
[miab-postfix587]
enabled = true
port = 587
filter = miab-postfix-submission
logpath = /var/log/mail.log
maxretry = 20
findtime = 30
maxretry = 10
findtime = 120
[miab-roundcube]
enabled = true
port = http,https
filter = miab-roundcube
logpath = /var/log/roundcubemail/errors.log
maxretry = 20
findtime = 30
maxretry = 5
findtime = 120
[recidive]
enabled = true
maxretry = 10
maxretry = 5
action = iptables-allports[name=recidive]
# In the recidive section of jail.conf the action contains:
#
@ -83,5 +83,5 @@ enabled = true
[sshd]
enabled = true
maxretry = 7
maxretry = 5
bantime = 3600

View File

@ -1,10 +1,37 @@
<html>
<head>
<title>this is a mail-in-a-box</title>
<meta name="robots" content="noindex">
</head>
<body>
<h1>this is a mail-in-a-box</h1>
<p>take control of your email at <a href="https://mailinabox.email/">https://mailinabox.email/</a></p>
</body>
</html>
<head>
<title>Welcome!!</title>
<meta name="robots" content="noindex">
</head>
<body>
<h1>Questo &egrave il mio dominio personale!</h1>
<h2>This is my own domain!</h2>
<br>
<h2>Italiano &#127470;&#127481;</h2>
<p>Questo dominio (<i>domain name here</i>) &egrave ad uso esclusivamente personale. Non vi alcun contenuto fruibile
pubblicamente.<br>
Se avete raggiunto questa pagina attraverso altri domini,si tratta di un errore.<br><br>
Alcuni webmaster distratti hanno impostato voci DNS per risolvere i loro nomi di dominio nel mio indirizzo
IP.<br>
Questa &egrave una contromisura per impedire che altri nomi di dominio risolvano il mio dominio.<br><br>
Vi chiedo dunque di abbandonare <u>immediatamente</u> questa pagina!<br>
Grazie!
</p>
<br>
<h2>English &#127482;&#127480;</h2>
<p>
This domain (<i>domain name here</i>) is for personal use only. There is no publicly available content.<br>
If you have reached this page through other domains, this is an error.<br><br>
Some careless webmasters have set up DNS entries to resolve their domain names to my IP address.<br>
This is a countermeasure to prevent other domain names from resolving my domain.<br><br>
I therefore ask you to leave this page <u>immediately</u>!<br>
Thank you!
</p>
</body>
</html>

View File

View File

@ -4,7 +4,10 @@
# -o pipefail: don't ignore errors in the non-last command in a pipeline
set -euo pipefail
# START AiutoPcAmico modification
PHP_VER=8.2
greylistDisabled=false
# END AiutoPcAmico modification
function hide_output {
# This function hides the output of a command unless the command fails
@ -16,7 +19,7 @@ function hide_output {
# Execute command, redirecting stderr/stdout to the temporary file. Since we
# check the return code ourselves, disable 'set -e' temporarily.
set +e
"$@" &> $OUTPUT
"$@" &>$OUTPUT
E=$?
set -e
@ -62,9 +65,9 @@ function get_default_hostname {
# Guess the machine's hostname. It should be a fully qualified
# domain name suitable for DNS. None of these calls may provide
# the right value, but it's the best guess we can make.
set -- $(hostname --fqdn 2>/dev/null ||
hostname --all-fqdns 2>/dev/null ||
hostname 2>/dev/null)
set -- $(hostname --fqdn 2>/dev/null ||
hostname --all-fqdns 2>/dev/null ||
hostname 2>/dev/null)
printf '%s\n' "$1" # return this value
}
@ -137,14 +140,14 @@ function get_default_privateip {
function ufw_allow {
if [ -z "${DISABLE_FIREWALL:-}" ]; then
# ufw has completely unhelpful output
ufw allow "$1" > /dev/null;
ufw allow "$1" >/dev/null
fi
}
function ufw_limit {
if [ -z "${DISABLE_FIREWALL:-}" ]; then
# ufw has completely unhelpful output
ufw limit "$1" > /dev/null;
ufw limit "$1" >/dev/null
fi
}
@ -170,6 +173,20 @@ function input_box {
set -e
}
# START AiutoPcAmico modification
function input_yesno {
# input_yesno "title" "prompt" VARIABLE
# Asking to the user a question, when the response can be only true or false
# ATTENTION: I am using only result_code, because with --yesno I don't have a response!
declare -n result_code=$3_EXITCODE
set +e
result_temp=$(dialog --stdout --title "$1" --yesno "$2" 0 0)
result_code=$?
set -e
}
# END AiutoPcAmico modification
function input_menu {
# input_menu "title" "prompt" "tag item tag item" VARIABLE
# The user's input will be stored in the variable VARIABLE.
@ -192,7 +209,7 @@ function wget_verify {
CHECKSUM="$HASH $DEST"
rm -f $DEST
hide_output wget -O $DEST $URL
if ! echo "$CHECKSUM" | sha1sum --check --strict > /dev/null; then
if ! echo "$CHECKSUM" | sha1sum --check --strict >/dev/null; then
echo "------------------------------------------------------------"
echo "Download of $URL did not match expected checksum."
echo "Found:"
@ -218,7 +235,10 @@ function git_clone {
TMPPATH=/tmp/git-clone-$$
rm -rf $TMPPATH $TARGETPATH
git clone -q $REPO $TMPPATH || exit 1
(cd $TMPPATH; git checkout -q $TREEISH;) || exit 1
(
cd $TMPPATH
git checkout -q $TREEISH
) || exit 1
mv $TMPPATH/$SUBDIR $TARGETPATH
rm -rf $TMPPATH
}

View File

@ -301,6 +301,15 @@ ufw_allow smtp
ufw_allow smtps
ufw_allow submission
# START AiutoPcAmico modification
if [[ "$greylistDisabled" == "true" ]]; then
echo "I'm disabling the greylist"
echo "/.*/" > "/etc/postgrey/whitelist_clients.local"
else
echo "I'm leaving the greylist enabled"
fi
# END AiutoPcAmico modification
# Restart services
restart_service postfix

View File

@ -9,13 +9,13 @@ if [ -z "${NONINTERACTIVE:-}" ]; then
if [ ! -f /usr/bin/dialog ] || [ ! -f /usr/bin/python3 ] || [ ! -f /usr/bin/pip3 ]; then
echo Installing packages needed for setup...
apt-get -q -q update
apt_get_quiet install dialog python3 python3-pip || exit 1
apt_get_quiet install dialog python3 python3-pip || exit 1
fi
echo "install vintual env for python3"
hide_output apt install python3-venv
hide_output python3 -m venv mailinabox
hide_output source mailinabox/bin/activate
hide_output python3 -m venv mailinabox
hide_output source mailinabox/bin/activate
# Installing email_validator is repeated in setup/management.sh, but in setup/management.sh
# we install it inside a virtualenv. In this script, we don't have the virtualenv yet
@ -41,7 +41,7 @@ if [ -z "${PRIMARY_HOSTNAME:-}" ]; then
# This is the first run. Ask the user for his email address so we can
# provide the best default for the box's hostname.
input_box "Your Email Address" \
"What email address are you setting this box up to manage?
"What email address are you setting this box up to manage?
\n\nThe part after the @-sign must be a domain name or subdomain
that you control. You can add other email addresses to this
box later (including email addresses on other domain names
@ -56,8 +56,7 @@ you really want.
# user hit ESC/cancel
exit
fi
while ! python3 management/mailconfig.py validate-email "$EMAIL_ADDR"
do
while ! python3 management/mailconfig.py validate-email "$EMAIL_ADDR"; do
input_box "Your Email Address" \
"That's not a valid email address.\n\nWhat email address are you setting this box up to manage?" \
$EMAIL_ADDR \
@ -74,7 +73,7 @@ you really want.
fi
input_box "Hostname" \
"This box needs a name, called a 'hostname'. The name will form a part of the box's web address.
"This box needs a name, called a 'hostname'. The name will form a part of the box's web address.
\n\nWe recommend that the name be a subdomain of the domain in your email
address, so we're suggesting $DEFAULT_PRIMARY_HOSTNAME.
\n\nYou can change it, but we recommend you don't.
@ -215,3 +214,25 @@ if [ -f /usr/bin/git ] && [ -d .git ]; then
echo "Mail-in-a-Box Version: " $(git describe --always)
fi
echo
# START AiutoPcAmico modification
#ask to the user if he wants to disable greylist
input_yesno "Greylist" \
"This box implements the postgrey greylist, in order to protect you against spam.
\nIs a very useful package, but sometimes you want to disable it (usually you get TOTP after some minutes...).
\nMore info at https://postgrey.schweikert.ch
\nDo you want to disable it?" RESPONSE
if [ -z "$RESPONSE" ]; then
# user hit ESC/cancel
exit
fi
if [ "$RESPONSE" -eq "0" ]; then
echo "After installing postfix, I will disable the greylist function"
greylistDisabled=true
else
echo "Ok, I won't disable the greylist function"
greylistDisabled=false
fi
# END AiutoPcAmico modification

View File

@ -117,6 +117,7 @@ source setup/dkim.sh
source setup/spamassassin.sh
source setup/web.sh
source setup/webmail.sh
# at the moment not installing nextcloud, because is not compatible with php8.2
#source setup/nextcloud.sh
source setup/zpush.sh
source setup/management.sh