mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2025-04-01 23:57:05 +00:00
- Added disable greylist functions
- removed bootstrap script, I don't need because cloning repository - Changed default mail-in-a-box homepage
This commit is contained in:
parent
e541686dcb
commit
6b2e165f0d
@ -12,8 +12,9 @@ Upstream current implemented version: *v67* (v67-AiutoPcAmico)
|
||||
- At the moment, OwnCloud is disabled, because it not supports php8.2
|
||||
- Updated php to version 8.2
|
||||
- Changed SMTP server sign
|
||||
- more restrictive Fail2Ban configuration
|
||||
- ask the user if he wants to disable the graylist
|
||||
|
||||
## Future implementation
|
||||
|
||||
- ask the user if he wants to disable the graylist
|
||||
- Changing the default index page more easily
|
||||
|
@ -11,24 +11,24 @@ ignoreip = 127.0.0.1/8 PUBLIC_IP ::1 PUBLIC_IPV6
|
||||
enabled = true
|
||||
filter = dovecotimap
|
||||
logpath = /var/log/mail.log
|
||||
findtime = 30
|
||||
maxretry = 20
|
||||
findtime = 10
|
||||
maxretry = 120
|
||||
|
||||
[miab-management]
|
||||
enabled = true
|
||||
filter = miab-management-daemon
|
||||
port = http,https
|
||||
logpath = /var/log/syslog
|
||||
maxretry = 20
|
||||
findtime = 30
|
||||
maxretry = 10
|
||||
findtime = 120
|
||||
|
||||
[miab-munin]
|
||||
enabled = true
|
||||
port = http,https
|
||||
filter = miab-munin
|
||||
logpath = /var/log/nginx/access.log
|
||||
maxretry = 20
|
||||
findtime = 30
|
||||
maxretry = 3
|
||||
findtime = 120
|
||||
|
||||
#Disabling owncloud, that is not compatible with php 8.2 but I don't need it
|
||||
#[miab-owncloud]
|
||||
@ -44,28 +44,28 @@ enabled = true
|
||||
port = 465
|
||||
filter = miab-postfix-submission
|
||||
logpath = /var/log/mail.log
|
||||
maxretry = 20
|
||||
findtime = 30
|
||||
maxretry = 10
|
||||
findtime = 120
|
||||
|
||||
[miab-postfix587]
|
||||
enabled = true
|
||||
port = 587
|
||||
filter = miab-postfix-submission
|
||||
logpath = /var/log/mail.log
|
||||
maxretry = 20
|
||||
findtime = 30
|
||||
maxretry = 10
|
||||
findtime = 120
|
||||
|
||||
[miab-roundcube]
|
||||
enabled = true
|
||||
port = http,https
|
||||
filter = miab-roundcube
|
||||
logpath = /var/log/roundcubemail/errors.log
|
||||
maxretry = 20
|
||||
findtime = 30
|
||||
maxretry = 5
|
||||
findtime = 120
|
||||
|
||||
[recidive]
|
||||
enabled = true
|
||||
maxretry = 10
|
||||
maxretry = 5
|
||||
action = iptables-allports[name=recidive]
|
||||
# In the recidive section of jail.conf the action contains:
|
||||
#
|
||||
@ -83,5 +83,5 @@ enabled = true
|
||||
|
||||
[sshd]
|
||||
enabled = true
|
||||
maxretry = 7
|
||||
maxretry = 5
|
||||
bantime = 3600
|
||||
|
@ -1,10 +1,37 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>this is a mail-in-a-box</title>
|
||||
<meta name="robots" content="noindex">
|
||||
</head>
|
||||
<body>
|
||||
<h1>this is a mail-in-a-box</h1>
|
||||
<p>take control of your email at <a href="https://mailinabox.email/">https://mailinabox.email/</a></p>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
<head>
|
||||
<title>Welcome!!</title>
|
||||
<meta name="robots" content="noindex">
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<h1>Questo è il mio dominio personale!</h1>
|
||||
<h2>This is my own domain!</h2>
|
||||
<br>
|
||||
<h2>Italiano 🇮🇹</h2>
|
||||
<p>Questo dominio (<i>domain name here</i>) è ad uso esclusivamente personale. Non vi alcun contenuto fruibile
|
||||
pubblicamente.<br>
|
||||
Se avete raggiunto questa pagina attraverso altri domini,si tratta di un errore.<br><br>
|
||||
Alcuni webmaster distratti hanno impostato voci DNS per risolvere i loro nomi di dominio nel mio indirizzo
|
||||
IP.<br>
|
||||
Questa è una contromisura per impedire che altri nomi di dominio risolvano il mio dominio.<br><br>
|
||||
Vi chiedo dunque di abbandonare <u>immediatamente</u> questa pagina!<br>
|
||||
Grazie!
|
||||
</p>
|
||||
<br>
|
||||
<h2>English 🇺🇸</h2>
|
||||
<p>
|
||||
This domain (<i>domain name here</i>) is for personal use only. There is no publicly available content.<br>
|
||||
If you have reached this page through other domains, this is an error.<br><br>
|
||||
|
||||
Some careless webmasters have set up DNS entries to resolve their domain names to my IP address.<br>
|
||||
This is a countermeasure to prevent other domain names from resolving my domain.<br><br>
|
||||
|
||||
I therefore ask you to leave this page <u>immediately</u>!<br>
|
||||
Thank you!
|
||||
</p>
|
||||
|
||||
</body>
|
||||
|
||||
</html>
|
@ -4,7 +4,10 @@
|
||||
# -o pipefail: don't ignore errors in the non-last command in a pipeline
|
||||
set -euo pipefail
|
||||
|
||||
# START AiutoPcAmico modification
|
||||
PHP_VER=8.2
|
||||
greylistDisabled=false
|
||||
# END AiutoPcAmico modification
|
||||
|
||||
function hide_output {
|
||||
# This function hides the output of a command unless the command fails
|
||||
@ -16,7 +19,7 @@ function hide_output {
|
||||
# Execute command, redirecting stderr/stdout to the temporary file. Since we
|
||||
# check the return code ourselves, disable 'set -e' temporarily.
|
||||
set +e
|
||||
"$@" &> $OUTPUT
|
||||
"$@" &>$OUTPUT
|
||||
E=$?
|
||||
set -e
|
||||
|
||||
@ -62,9 +65,9 @@ function get_default_hostname {
|
||||
# Guess the machine's hostname. It should be a fully qualified
|
||||
# domain name suitable for DNS. None of these calls may provide
|
||||
# the right value, but it's the best guess we can make.
|
||||
set -- $(hostname --fqdn 2>/dev/null ||
|
||||
hostname --all-fqdns 2>/dev/null ||
|
||||
hostname 2>/dev/null)
|
||||
set -- $(hostname --fqdn 2>/dev/null ||
|
||||
hostname --all-fqdns 2>/dev/null ||
|
||||
hostname 2>/dev/null)
|
||||
printf '%s\n' "$1" # return this value
|
||||
}
|
||||
|
||||
@ -137,14 +140,14 @@ function get_default_privateip {
|
||||
function ufw_allow {
|
||||
if [ -z "${DISABLE_FIREWALL:-}" ]; then
|
||||
# ufw has completely unhelpful output
|
||||
ufw allow "$1" > /dev/null;
|
||||
ufw allow "$1" >/dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
function ufw_limit {
|
||||
if [ -z "${DISABLE_FIREWALL:-}" ]; then
|
||||
# ufw has completely unhelpful output
|
||||
ufw limit "$1" > /dev/null;
|
||||
ufw limit "$1" >/dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
@ -170,6 +173,20 @@ function input_box {
|
||||
set -e
|
||||
}
|
||||
|
||||
# START AiutoPcAmico modification
|
||||
function input_yesno {
|
||||
# input_yesno "title" "prompt" VARIABLE
|
||||
# Asking to the user a question, when the response can be only true or false
|
||||
# ATTENTION: I am using only result_code, because with --yesno I don't have a response!
|
||||
declare -n result_code=$3_EXITCODE
|
||||
set +e
|
||||
result_temp=$(dialog --stdout --title "$1" --yesno "$2" 0 0)
|
||||
result_code=$?
|
||||
set -e
|
||||
}
|
||||
|
||||
# END AiutoPcAmico modification
|
||||
|
||||
function input_menu {
|
||||
# input_menu "title" "prompt" "tag item tag item" VARIABLE
|
||||
# The user's input will be stored in the variable VARIABLE.
|
||||
@ -192,7 +209,7 @@ function wget_verify {
|
||||
CHECKSUM="$HASH $DEST"
|
||||
rm -f $DEST
|
||||
hide_output wget -O $DEST $URL
|
||||
if ! echo "$CHECKSUM" | sha1sum --check --strict > /dev/null; then
|
||||
if ! echo "$CHECKSUM" | sha1sum --check --strict >/dev/null; then
|
||||
echo "------------------------------------------------------------"
|
||||
echo "Download of $URL did not match expected checksum."
|
||||
echo "Found:"
|
||||
@ -218,7 +235,10 @@ function git_clone {
|
||||
TMPPATH=/tmp/git-clone-$$
|
||||
rm -rf $TMPPATH $TARGETPATH
|
||||
git clone -q $REPO $TMPPATH || exit 1
|
||||
(cd $TMPPATH; git checkout -q $TREEISH;) || exit 1
|
||||
(
|
||||
cd $TMPPATH
|
||||
git checkout -q $TREEISH
|
||||
) || exit 1
|
||||
mv $TMPPATH/$SUBDIR $TARGETPATH
|
||||
rm -rf $TMPPATH
|
||||
}
|
||||
|
@ -301,6 +301,15 @@ ufw_allow smtp
|
||||
ufw_allow smtps
|
||||
ufw_allow submission
|
||||
|
||||
# START AiutoPcAmico modification
|
||||
if [[ "$greylistDisabled" == "true" ]]; then
|
||||
echo "I'm disabling the greylist"
|
||||
echo "/.*/" > "/etc/postgrey/whitelist_clients.local"
|
||||
else
|
||||
echo "I'm leaving the greylist enabled"
|
||||
fi
|
||||
# END AiutoPcAmico modification
|
||||
|
||||
# Restart services
|
||||
|
||||
restart_service postfix
|
||||
|
@ -9,13 +9,13 @@ if [ -z "${NONINTERACTIVE:-}" ]; then
|
||||
if [ ! -f /usr/bin/dialog ] || [ ! -f /usr/bin/python3 ] || [ ! -f /usr/bin/pip3 ]; then
|
||||
echo Installing packages needed for setup...
|
||||
apt-get -q -q update
|
||||
apt_get_quiet install dialog python3 python3-pip || exit 1
|
||||
apt_get_quiet install dialog python3 python3-pip || exit 1
|
||||
fi
|
||||
|
||||
echo "install vintual env for python3"
|
||||
hide_output apt install python3-venv
|
||||
hide_output python3 -m venv mailinabox
|
||||
hide_output source mailinabox/bin/activate
|
||||
hide_output python3 -m venv mailinabox
|
||||
hide_output source mailinabox/bin/activate
|
||||
|
||||
# Installing email_validator is repeated in setup/management.sh, but in setup/management.sh
|
||||
# we install it inside a virtualenv. In this script, we don't have the virtualenv yet
|
||||
@ -41,7 +41,7 @@ if [ -z "${PRIMARY_HOSTNAME:-}" ]; then
|
||||
# This is the first run. Ask the user for his email address so we can
|
||||
# provide the best default for the box's hostname.
|
||||
input_box "Your Email Address" \
|
||||
"What email address are you setting this box up to manage?
|
||||
"What email address are you setting this box up to manage?
|
||||
\n\nThe part after the @-sign must be a domain name or subdomain
|
||||
that you control. You can add other email addresses to this
|
||||
box later (including email addresses on other domain names
|
||||
@ -56,8 +56,7 @@ you really want.
|
||||
# user hit ESC/cancel
|
||||
exit
|
||||
fi
|
||||
while ! python3 management/mailconfig.py validate-email "$EMAIL_ADDR"
|
||||
do
|
||||
while ! python3 management/mailconfig.py validate-email "$EMAIL_ADDR"; do
|
||||
input_box "Your Email Address" \
|
||||
"That's not a valid email address.\n\nWhat email address are you setting this box up to manage?" \
|
||||
$EMAIL_ADDR \
|
||||
@ -74,7 +73,7 @@ you really want.
|
||||
fi
|
||||
|
||||
input_box "Hostname" \
|
||||
"This box needs a name, called a 'hostname'. The name will form a part of the box's web address.
|
||||
"This box needs a name, called a 'hostname'. The name will form a part of the box's web address.
|
||||
\n\nWe recommend that the name be a subdomain of the domain in your email
|
||||
address, so we're suggesting $DEFAULT_PRIMARY_HOSTNAME.
|
||||
\n\nYou can change it, but we recommend you don't.
|
||||
@ -215,3 +214,25 @@ if [ -f /usr/bin/git ] && [ -d .git ]; then
|
||||
echo "Mail-in-a-Box Version: " $(git describe --always)
|
||||
fi
|
||||
echo
|
||||
|
||||
# START AiutoPcAmico modification
|
||||
#ask to the user if he wants to disable greylist
|
||||
input_yesno "Greylist" \
|
||||
"This box implements the postgrey greylist, in order to protect you against spam.
|
||||
\nIs a very useful package, but sometimes you want to disable it (usually you get TOTP after some minutes...).
|
||||
\nMore info at https://postgrey.schweikert.ch
|
||||
\nDo you want to disable it?" RESPONSE
|
||||
|
||||
if [ -z "$RESPONSE" ]; then
|
||||
# user hit ESC/cancel
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$RESPONSE" -eq "0" ]; then
|
||||
echo "After installing postfix, I will disable the greylist function"
|
||||
greylistDisabled=true
|
||||
else
|
||||
echo "Ok, I won't disable the greylist function"
|
||||
greylistDisabled=false
|
||||
fi
|
||||
# END AiutoPcAmico modification
|
||||
|
@ -117,6 +117,7 @@ source setup/dkim.sh
|
||||
source setup/spamassassin.sh
|
||||
source setup/web.sh
|
||||
source setup/webmail.sh
|
||||
# at the moment not installing nextcloud, because is not compatible with php8.2
|
||||
#source setup/nextcloud.sh
|
||||
source setup/zpush.sh
|
||||
source setup/management.sh
|
||||
|
Loading…
Reference in New Issue
Block a user