- Added disable greylist functions

- removed bootstrap script, I don't need because cloning repository - Changed default mail-in-a-box homepage
2025-04-03 00:07:05 +00:00 · 2023-12-29 09:41:44 +01:00 · 2023-12-29 09:41:44 +01:00 · 6b2e165f0d
commit 6b2e165f0d
parent e541686dcb
8 changed files with 118 additions and 39 deletions
--- a/README.md
+++ b/README.md
@ -12,8 +12,9 @@ Upstream current implemented version: *v67* (v67-AiutoPcAmico)
 - At the moment, OwnCloud is disabled, because it not supports php8.2
 - Updated php to version 8.2
 - Changed SMTP server sign
 - more restrictive Fail2Ban configuration
 - ask the user if he wants to disable the graylist
 ## Future implementation
 - ask the user if he wants to disable the graylist
 - Changing the default index page more easily
--- a/conf/fail2ban/jails.conf
+++ b/conf/fail2ban/jails.conf
@ -11,24 +11,24 @@ ignoreip = 127.0.0.1/8 PUBLIC_IP ::1 PUBLIC_IPV6
 enabled = true
 filter  = dovecotimap
 logpath = /var/log/mail.log
-findtime = 30
+findtime = 10
-maxretry = 20
+maxretry = 120
 [miab-management]
 enabled = true
 filter = miab-management-daemon
 port = http,https
 logpath = /var/log/syslog
-maxretry = 20
+maxretry = 10
-findtime = 30
+findtime = 120
 [miab-munin]
 enabled  = true
 port     = http,https
 filter   = miab-munin
 logpath  = /var/log/nginx/access.log
-maxretry = 20
+maxretry = 3
-findtime = 30
+findtime = 120
 #Disabling owncloud, that is not compatible with php 8.2 but I don't need it
 #[miab-owncloud]
@ -44,28 +44,28 @@ enabled  = true
 port     = 465
 filter   = miab-postfix-submission
 logpath  = /var/log/mail.log
-maxretry = 20
+maxretry = 10
-findtime = 30
+findtime = 120
 [miab-postfix587]
 enabled  = true
 port     = 587
 filter   = miab-postfix-submission
 logpath  = /var/log/mail.log
-maxretry = 20
+maxretry = 10
-findtime = 30
+findtime = 120
 [miab-roundcube]
 enabled  = true
 port     = http,https
 filter   = miab-roundcube
 logpath  = /var/log/roundcubemail/errors.log
-maxretry = 20
+maxretry = 5
-findtime = 30
+findtime = 120
 [recidive]
 enabled  = true
-maxretry = 10
+maxretry = 5
 action   = iptables-allports[name=recidive]
 # In the recidive section of jail.conf the action contains:
 #
@ -83,5 +83,5 @@ enabled  = true
 [sshd]
 enabled = true
-maxretry = 7
+maxretry = 5
 bantime = 3600
--- a/conf/www_default.html
+++ b/conf/www_default.html
@ -1,10 +1,37 @@
 <html>
 <head>
-		<title>this is a mail-in-a-box</title>
+	<title>Welcome!!</title>
 	<meta name="robots" content="noindex">
 </head>
 <body>
-		<h1>this is a mail-in-a-box</h1>
+	<h1>Questo &egrave il mio dominio personale!</h1>
-		<p>take control of your email at <a href="https://mailinabox.email/">https://mailinabox.email/</a></p>
+	<h2>This is my own domain!</h2>
 	<br>
 	<h2>Italiano &#127470;&#127481;</h2>
 	<p>Questo dominio (<i>domain name here</i>) &egrave ad uso esclusivamente personale. Non vi alcun contenuto fruibile
 		pubblicamente.<br>
 		Se avete raggiunto questa pagina attraverso altri domini,si tratta di un errore.<br><br>
 		Alcuni webmaster distratti hanno impostato voci DNS per risolvere i loro nomi di dominio nel mio indirizzo
 		IP.<br>
 		Questa &egrave una contromisura per impedire che altri nomi di dominio risolvano il mio dominio.<br><br>
 		Vi chiedo dunque di abbandonare <u>immediatamente</u> questa pagina!<br>
 		Grazie!
 	</p>
 	<br>
 	<h2>English &#127482;&#127480;</h2>
 	<p>
 		This domain (<i>domain name here</i>) is for personal use only. There is no publicly available content.<br>
 		If you have reached this page through other domains, this is an error.<br><br>
 		Some careless webmasters have set up DNS entries to resolve their domain names to my IP address.<br>
 		This is a countermeasure to prevent other domain names from resolving my domain.<br><br>
 		I therefore ask you to leave this page <u>immediately</u>!<br>
 		Thank you!
 	</p>
 </body>
 </html>
--- a/setup/bootstrap.sh
+++ b/setup/bootstrap.sh
--- a/setup/functions.sh
+++ b/setup/functions.sh
@ -4,7 +4,10 @@
 # -o pipefail: don't ignore errors in the non-last command in a pipeline
 set -euo pipefail
 # START AiutoPcAmico modification
 PHP_VER=8.2
 greylistDisabled=false
 # END AiutoPcAmico modification
 function hide_output {
 	# This function hides the output of a command unless the command fails
@ -137,14 +140,14 @@ function get_default_privateip {
 function ufw_allow {
 	if [ -z "${DISABLE_FIREWALL:-}" ]; then
 		# ufw has completely unhelpful output
-		ufw allow "$1" > /dev/null;
+		ufw allow "$1" >/dev/null
 	fi
 }
 function ufw_limit {
 	if [ -z "${DISABLE_FIREWALL:-}" ]; then
 		# ufw has completely unhelpful output
-		ufw limit "$1" > /dev/null;
+		ufw limit "$1" >/dev/null
 	fi
 }
@ -170,6 +173,20 @@ function input_box {
 	set -e
 }
 # START AiutoPcAmico modification
 function input_yesno {
 	# input_yesno "title" "prompt" VARIABLE
 	# Asking to the user a question, when the response can be only true or false
 	# ATTENTION: I am using only result_code, because with --yesno I don't have a response!
 	declare -n result_code=$3_EXITCODE
 	set +e
 	result_temp=$(dialog --stdout --title "$1" --yesno "$2" 0 0)
 	result_code=$?
 	set -e
 }
 # END AiutoPcAmico modification
 function input_menu {
 	# input_menu "title" "prompt" "tag item tag item" VARIABLE
 	# The user's input will be stored in the variable VARIABLE.
@ -218,7 +235,10 @@ function git_clone {
 	TMPPATH=/tmp/git-clone-$$
 	rm -rf $TMPPATH $TARGETPATH
 	git clone -q $REPO $TMPPATH || exit 1
-	(cd $TMPPATH; git checkout -q $TREEISH;) || exit 1
+	(
 		cd $TMPPATH
 		git checkout -q $TREEISH
 	) || exit 1
 	mv $TMPPATH/$SUBDIR $TARGETPATH
 	rm -rf $TMPPATH
 }
--- a/setup/mail-postfix.sh
+++ b/setup/mail-postfix.sh
@ -301,6 +301,15 @@ ufw_allow smtp
 ufw_allow smtps
 ufw_allow submission
 # START AiutoPcAmico modification
 if [[ "$greylistDisabled" == "true" ]]; then
        echo "I'm disabling the greylist"
        echo "/.*/" > "/etc/postgrey/whitelist_clients.local"
 else
        echo "I'm leaving the greylist enabled"
 fi
 # END AiutoPcAmico modification
 # Restart services
 restart_service postfix
--- a/setup/questions.sh
+++ b/setup/questions.sh
@ -56,8 +56,7 @@ you really want.
 			# user hit ESC/cancel
 			exit
 		fi
-		while ! python3 management/mailconfig.py validate-email "$EMAIL_ADDR"
+		while ! python3 management/mailconfig.py validate-email "$EMAIL_ADDR"; do
 		do
 			input_box "Your Email Address" \
 				"That's not a valid email address.\n\nWhat email address are you setting this box up to manage?" \
 				$EMAIL_ADDR \
@ -215,3 +214,25 @@ if [ -f /usr/bin/git ] && [ -d .git ]; then
 	echo "Mail-in-a-Box Version: " $(git describe --always)
 fi
 echo
 # START AiutoPcAmico modification
 #ask to the user if he wants to disable greylist
 input_yesno "Greylist" \
 	"This box implements the postgrey greylist, in order to protect you against spam.
 \nIs a very useful package, but sometimes you want to disable it (usually you get TOTP after some minutes...).
 \nMore info at https://postgrey.schweikert.ch
 \nDo you want to disable it?" RESPONSE
 if [ -z "$RESPONSE" ]; then
 	# user hit ESC/cancel
 	exit
 fi
 if [ "$RESPONSE" -eq "0" ]; then
 	echo "After installing postfix, I will disable the greylist function"
 	greylistDisabled=true
 else
 	echo "Ok, I won't disable the greylist function"
 	greylistDisabled=false
 fi
 # END AiutoPcAmico modification
--- a/setup/start.sh
+++ b/setup/start.sh
@ -117,6 +117,7 @@ source setup/dkim.sh
 source setup/spamassassin.sh
 source setup/web.sh
 source setup/webmail.sh
 # at the moment not installing nextcloud, because is not compatible with php8.2
 #source setup/nextcloud.sh
 source setup/zpush.sh
 source setup/management.sh