external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2026-03-15 17:37:22 +01:00
Code Issues Releases Wiki Activity

initial work on extended configuration

Browse Source
This commit is contained in:
John Supplee
2019-02-10 23:39:38 +02:00
parent c60e3dc842
commit fc1f211af5
8 changed files with 80 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
setup/mail-postfix.sh
View File

@@ -193,9 +193,13 @@ tools/editconf.py /etc/postfix/main.cf virtual_transport=lmtp:[127.0.0.1]:10025
# so these IPs get mail delivered quickly. But when an IP is not listed in the permit_dnswl_client list (i.e. it is not #NODOC
# whitelisted) then postfix does a DEFER_IF_REJECT, which results in all "unknown user" sorts of messages turning into #NODOC
# "450 4.7.1 Client host rejected: Service unavailable". This is a retry code, so the mail doesn't properly bounce. #NODOC
RECIPIENT_RESTRICTIONS=permit_sasl_authenticated,permit_mynetworks,\"reject_rbl_client zen.spamhaus.org\",reject_unlisted_recipient
if [ $NO_GREYLISTING != "1" ]; then
RECIPIENT_RESTRICTIONS=${RECIPIENT_RESTRICTIONS},\"check_policy_service inet:127.0.0.1:10023\"
fi
tools/editconf.py /etc/postfix/main.cf \
smtpd_sender_restrictions="reject_non_fqdn_sender,reject_unknown_sender_domain,reject_authenticated_sender_login_mismatch,reject_rhsbl_sender dbl.spamhaus.org" \
smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,"reject_rbl_client zen.spamhaus.org",reject_unlisted_recipient,"check_policy_service inet:127.0.0.1:10023"
smtpd_recipient_restrictions=$RECIPIENT_RESTRICTIONS
# Postfix connects to Postgrey on the 127.0.0.1 interface specifically. Ensure that
# Postgrey listens on the same interface (and not IPv6, for instance).

16
setup/start.sh
View File

@@ -42,6 +42,20 @@ else
FIRST_TIME_SETUP=1
fi
if [ -z "${DEFAULT_HTTP_SSL_PORT:-}" ]; then
HTTP_SSL_PORT=443
else
HTTP_SSL_PORT=$DEFAULT_HTTP_SSL_PORT
fi
if [ -z "${DEFAULT_NO_GREYLISTING:-}" ]; then
NO_GREYLISTING=0
elif (($DEFAULT_NO_GREYLISTING > 0)); then
NO_GREYLISTING=1
else
NO_GREYLISTING=0
fi
# Put a start script in a global location. We tell the user to run 'mailinabox'
# in the first dialog prompt, so we should do this before that starts.
cat > /usr/local/bin/mailinabox << EOF;
@@ -93,6 +107,8 @@ PUBLIC_IP=$PUBLIC_IP
PUBLIC_IPV6=$PUBLIC_IPV6
PRIVATE_IP=$PRIVATE_IP
PRIVATE_IPV6=$PRIVATE_IPV6
HTTP_SSL_PORT=$HTTP_SSL_PORT
NO_GREYLISTING=$NO_GREYLISTING
EOF
# Start service configuration.

9
setup/web.sh
View File

@@ -96,6 +96,9 @@ restart_service nginx
restart_service php7.2-fpm
# Open ports.
ufw_allow http
ufw_allow https
if [ $HTTP_SSL_PORT == 443 ]; then
ufw_allow http
ufw_allow https
else
ufw_allow $HTTP_SSL_PORT
fi