Debian 12 bookworm compat
This commit is contained in:
Matthew Saunders Brown
parent
66ffd65399
commit
e4e5c41bbc
|
|
@ -3,17 +3,17 @@
|
|||
if error_message then finish endif
|
||||
|
||||
# check for and delete type = MANUAL. don't need to insert anything???
|
||||
if "${lookup mysql{SELECT COUNT(*) FROM vm_greylisting WHERE sender = \"$local_part@$domain\" AND recipient = '$sender_address' AND type = 'MANUAL'}}" is 0 then
|
||||
if "${lookup mysql{INSERT INTO vm_greylisting SET sender = \"$local_part@$domain\", recipient = '$sender_address', create_time = NOW()}}" is not 0 then
|
||||
if "${lookup mysql{DELETE FROM vm_greylisting WHERE sender = \"$local_part@$domain\" AND recipient = '$sender_address' AND type = 'AUTO'}}" is not 0 then
|
||||
if "${lookup mysql{SELECT COUNT(*) FROM vm_greylisting WHERE sender = \"${quote_mysql:$local_part}@${quote_mysql:$domain}\" AND recipient = '${quote_mysql:$sender_address}' AND type = 'MANUAL'}}" is 0 then
|
||||
if "${lookup mysql{INSERT INTO vm_greylisting SET sender = \"${quote_mysql:$local_part}@${quote_mysql:$domain}\", recipient = '${quote_mysql:$sender_address}', create_time = NOW()}}" is not 0 then
|
||||
if "${lookup mysql{DELETE FROM vm_greylisting WHERE sender = \"${quote_mysql:$local_part}@${quote_mysql:$domain}\" AND recipient = '${quote_mysql:$sender_address}' AND type = 'AUTO'}}" is not 0 then
|
||||
# done updated greylisting
|
||||
endif
|
||||
endif
|
||||
endif
|
||||
|
||||
if "${lookup mysql{SELECT COUNT(*) FROM sa_userpref WHERE username = '$sender_address' AND preference = 'whitelist_from' AND value = \"$local_part@$domain\"}}" is 0 then
|
||||
if "${lookup mysql{INSERT INTO sa_userpref SET username = '$sender_address', preference = 'whitelist_from', value = \"$local_part@$domain\"}}" is not 0 then
|
||||
if "${lookup mysql{DELETE FROM sa_userpref WHERE username = '$sender_address' AND preference != 'whitelist_from' AND value = \"$local_part@$domain\"}}" is not 0 then
|
||||
if "${lookup mysql{SELECT COUNT(*) FROM sa_userpref WHERE username = '${quote_mysql:$sender_address}' AND preference = 'whitelist_from' AND value = \"${quote_mysql:$local_part}@${quote_mysql:$domain}\"}}" is 0 then
|
||||
if "${lookup mysql{INSERT INTO sa_userpref SET username = '${quote_mysql:$sender_address}', preference = 'whitelist_from', value = \"${quote_mysql:$local_part}@${quote_mysql:$domain}\"}}" is not 0 then
|
||||
if "${lookup mysql{DELETE FROM sa_userpref WHERE username = '${quote_mysql:$sender_address}' AND preference != 'whitelist_from' AND value = \"${quote_mysql:$local_part}@${quote_mysql:$domain}\"}}" is not 0 then
|
||||
# done updated sa_userpref
|
||||
endif
|
||||
endif
|
||||
|
|
|
|||
1203
etc/exim4/exim4-bookworm.conf
Normal file
1203
etc/exim4/exim4-bookworm.conf
Normal file
File diff suppressed because it is too large
Load Diff
|
|
@ -72,7 +72,7 @@ log_selector = +all
|
|||
# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
|
||||
# are all colon-separated lists:
|
||||
|
||||
domainlist local_domains = ${lookup mysql{SELECT domain FROM vm_domains WHERE domain='$domain' AND status = '1'}}
|
||||
domainlist local_domains = ${lookup mysql{SELECT domain FROM vm_domains WHERE domain='${quote_mysql:$domain}' AND status = '1'}}
|
||||
domainlist relay_to_domains = /etc/exim4/relay_domains
|
||||
hostlist relay_from_hosts = 127.0.0.1
|
||||
hostlist skip_greylisting_hosts = /etc/exim4/skip_greylisting_hosts
|
||||
|
|
@ -275,7 +275,7 @@ greylist_acl:
|
|||
condition = ${lookup mysql{GREYLIST_OK_BOUNCE}}
|
||||
|
||||
deny
|
||||
add_header = X-DNS-Greylist: mail from $sender_address to $local_part@$domain accepted by greylisting
|
||||
add_header = :at_start_rfc:X-DNS-Greylist: mail from $sender_address to $local_part@$domain accepted by greylisting
|
||||
condition = ${lookup mysql{GREYLIST_RESENDERS_UPDATE}}
|
||||
|
||||
# This access control list is used at the start of an incoming
|
||||
|
|
@ -323,27 +323,27 @@ acl_check_dkim:
|
|||
accept
|
||||
dkim_status = fail
|
||||
logwrite = DKIM test failed: $dkim_verify_reason
|
||||
add_header = X-DKIM-Status: fail: $dkim_verify_reason
|
||||
add_header = :at_start_rfc:X-DKIM-Status: fail: $dkim_verify_reason
|
||||
set acl_m_junk = yes
|
||||
|
||||
# DKIM invalid
|
||||
accept
|
||||
dkim_status = invalid
|
||||
logwrite = DKIM test invalid: $dkim_verify_reason
|
||||
add_header = X-DKIM-Status: invalid: $dkim_verify_reason
|
||||
add_header = :at_start_rfc:X-DKIM-Status: invalid: $dkim_verify_reason
|
||||
set acl_m_junk = yes
|
||||
|
||||
# DKIM none
|
||||
accept
|
||||
dkim_status = none
|
||||
logwrite = DKIM test none
|
||||
add_header = X-DKIM-Status: none
|
||||
add_header = :at_start_rfc:X-DKIM-Status: none
|
||||
|
||||
# DKIM pass
|
||||
accept
|
||||
dkim_status = pass
|
||||
logwrite = DKIM test passed
|
||||
add_header = X-DKIM-Status: passed: (address=$sender_address domain=$dkim_cur_signer), signature is good.
|
||||
add_header = :at_start_rfc:X-DKIM-Status: passed: (address=$sender_address domain=$dkim_cur_signer), signature is good.
|
||||
|
||||
# Accept the message.
|
||||
accept
|
||||
|
|
@ -524,7 +524,7 @@ acl_rcpt_to:
|
|||
accept
|
||||
condition = WHITELISTED
|
||||
logwrite = From: $sender_address To: $local_part@$domain is whitelisted in sa_userpref
|
||||
add_header = X-Whitelist-Flag: YES
|
||||
add_header = :at_start_rfc:X-Whitelist-Flag: YES
|
||||
set acl_m_whitelist = yes
|
||||
|
||||
######################################################################
|
||||
|
|
@ -546,9 +546,9 @@ acl_rcpt_to:
|
|||
## domains = +local_domains
|
||||
## dnslists = swl.spamhaus.org : list.dnswl.org&0.0.0.2
|
||||
## logwrite = $sender_host_address is whitelisted in $dnslist_domain ${if def:dnslist_text {($dnslist_text)}}, adding X-DNS-Whitelist header
|
||||
## add_header = X-DNS-Whitelist: $sender_host_address is listed in $dnslist_domain ${if def:dnslist_text {($dnslist_text)}}
|
||||
## add_header = :at_start_rfc:X-DNS-Whitelist: $sender_host_address is listed in $dnslist_domain ${if def:dnslist_text {($dnslist_text)}}
|
||||
|
||||
# add SPF header
|
||||
# Check SPF. Failures are marked as Junk and accepted - this skips further checks (e.g. DNSBL) and filters messages to the Junk folder
|
||||
accept
|
||||
!senders = :
|
||||
condition = ${run{/usr/bin/spfquery --scope mfrom \
|
||||
|
|
@ -599,7 +599,7 @@ acl_rcpt_to:
|
|||
!condition = ${if eq {$header_X-Whitelist-Flag:}{YES}}
|
||||
dnslists = zen.spamhaus.org
|
||||
logwrite = Warning: $sender_host_address is listed in DNSBL $dnslist_domain ${if def:dnslist_text {($dnslist_text)}}
|
||||
add_header = X-DNS-Blacklist: $sender_host_address is listed in $dnslist_domain ${if def:dnslist_text {($dnslist_text)}}
|
||||
add_header = :at_start_rfc:X-DNS-Blacklist: $sender_host_address is listed in $dnslist_domain ${if def:dnslist_text {($dnslist_text)}}
|
||||
set acl_m_junk = yes
|
||||
|
||||
# greylisting
|
||||
|
|
@ -622,7 +622,7 @@ acl_rcpt_to:
|
|||
accept
|
||||
condition = ${lookup mysql{SELECT id FROM GREYLIST_RESENDERS_TABLE WHERE hostname = '${quote_mysql:$acl_m_sender}'}{yes}{no}}
|
||||
condition = ${lookup mysql{UPDATE GREYLIST_RESENDERS_TABLE SET count=count+1, timestamp = NOW() WHERE hostname = '${quote_mysql:$acl_m_sender}'}{yes}{yes}}
|
||||
add_header = X-DNS-Greylist: known resender
|
||||
add_header = :at_start_rfc:X-DNS-Greylist: known resender
|
||||
logwrite = skipping greylisting for $acl_m_sender due to match in GREYLIST_RESENDERS_TABLE
|
||||
|
||||
# run greylisting acl
|
||||
|
|
@ -685,7 +685,7 @@ acl_data:
|
|||
!hosts = +relay_from_hosts
|
||||
!senders = : postmaster@*
|
||||
!verify = header_syntax
|
||||
add_header = X-RFC2822-Error: Your message does not conform to RFC2822 standard
|
||||
add_header = :at_start_rfc:X-RFC2822-Error: Your message does not conform to RFC2822 standard
|
||||
set acl_m_junk = yes
|
||||
|
||||
# Warn unless there is a verifiable sender address in at least
|
||||
|
|
@ -693,7 +693,7 @@ acl_data:
|
|||
warn
|
||||
!verify = header_sender
|
||||
log_message = No valid sender in message header
|
||||
add_header = X-Sender-Verify-Failed: No valid sender in message header
|
||||
add_header = :at_start_rfc:X-Sender-Verify-Failed: No valid sender in message header
|
||||
|
||||
# Deny if the message contains a virus. Before enabling this check, you
|
||||
# must install a virus scanner and set the av_scanner option above.
|
||||
|
|
@ -701,7 +701,7 @@ acl_data:
|
|||
#accept
|
||||
# malware = */defer_ok
|
||||
# log_message = This message contains a virus ($malware_name).
|
||||
# add_header = X-Virus-Warning: This message contains a virus ($malware_name).
|
||||
# add_header = :at_start_rfc:X-Virus-Warning: This message contains a virus ($malware_name).
|
||||
# set acl_m_junk = yes
|
||||
|
||||
# Accept the message.
|
||||
|
|
@ -723,7 +723,7 @@ autowhitelist_filter:
|
|||
driver = redirect
|
||||
domains = ! +local_domains
|
||||
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
|
||||
condition = ${lookup mysql{SELECT vm_mboxes.id FROM vm_mboxes WHERE vm_mboxes.mbox="$sender_address_local_part" AND vm_mboxes.domain="$sender_address_domain" }}
|
||||
condition = ${lookup mysql{SELECT vm_mboxes.id FROM vm_mboxes WHERE vm_mboxes.mbox="${quote_mysql:$sender_address_local_part}" AND vm_mboxes.domain="${quote_mysql:$sender_address_domain}" }}
|
||||
check_local_user = false
|
||||
user = Debian-exim
|
||||
file = /etc/exim4/autowhitelist.filter
|
||||
|
|
@ -749,7 +749,7 @@ srs_forward:
|
|||
driver = redirect
|
||||
senders = ! : ! *@+local_domains
|
||||
domains = ! +local_domains : ! +relay_to_domains
|
||||
condition = ${lookup mysql{SELECT vm_domains.id FROM vm_domains WHERE vm_domains.domain='${original_domain}' AND vm_domains.status = '1'}}
|
||||
condition = ${lookup mysql{SELECT vm_domains.id FROM vm_domains WHERE vm_domains.domain='${quote_mysql:$original_domain}' AND vm_domains.status = '1'}}
|
||||
address_data = ${run{/usr/bin/srs --secretfile=/etc/exim4/srsd.secret --hashlength=24 --forward --address=$sender_address_local_part@$sender_address_domain --alias=$original_domain}{$value}{:defer: SRS failure}}
|
||||
## srsd is broken on ubuntu 22.04. using above "run" command instead
|
||||
# address_data = ${readsocket{/run/srsd/srsd.sock}\
|
||||
|
|
@ -779,14 +779,6 @@ dnslookup:
|
|||
|
||||
# The remaining routers handle addresses in the local domain(s).
|
||||
|
||||
virtual_alias:
|
||||
driver = redirect
|
||||
domains = +local_domains
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
## condition = ${if !eq {$received_protocol}{spam-scanned}}
|
||||
data = ${lookup mysql{SELECT CONCAT(vm_aliases.mbox,'@','${domain}') FROM vm_mboxes, vm_aliases WHERE vm_mboxes.mbox=vm_aliases.mbox AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_aliases.alias='${local_part}' AND vm_aliases.domain='${domain}'}}
|
||||
|
||||
junk_filter:
|
||||
driver = accept
|
||||
domains = +local_domains
|
||||
|
|
@ -795,7 +787,7 @@ junk_filter:
|
|||
condition = ${if !eq {$received_protocol}{spam-scanned}}
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter > '0'}}
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter > '0'}}
|
||||
headers_add = X-Junk-Flag: YES
|
||||
transport = junk_delivery
|
||||
|
||||
|
|
@ -807,16 +799,38 @@ spam_filter:
|
|||
## condition = ${if !eq {$header_X-Whitelist-Flag:}{YES}}
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter = '2'}}
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter = '2'}}
|
||||
transport = junk_delivery
|
||||
|
||||
mailman3_router:
|
||||
driver = accept
|
||||
domains = +local_domains
|
||||
condition = ${if !eq {$received_protocol}{spam-scanned}}
|
||||
require_files = /var/lib/mailman3/lists/${local_part}.${domain}
|
||||
local_part_suffix_optional
|
||||
local_part_suffix = \
|
||||
-bounces : -bounces+* : \
|
||||
-confirm : -confirm+* : \
|
||||
-join : -leave : \
|
||||
-owner : -request : \
|
||||
-subscribe : -unsubscribe
|
||||
transport = mailman3_transport
|
||||
|
||||
virtual_alias:
|
||||
driver = redirect
|
||||
domains = +local_domains
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
condition = ${if !eq {$received_protocol}{spam-scanned}}
|
||||
data = ${lookup mysql{SELECT CONCAT(vm_aliases.mbox,'@','${quote_mysql:$domain}') FROM vm_mboxes, vm_aliases WHERE vm_mboxes.mbox=vm_aliases.mbox AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_aliases.alias='${quote_mysql:$local_part}' AND vm_aliases.domain='${quote_mysql:$domain}'}}
|
||||
|
||||
virtual_vacation:
|
||||
driver = accept
|
||||
domains = +local_domains
|
||||
# currently configured to *not* autorespond to + aliases
|
||||
#local_part_suffix = +*
|
||||
#local_part_suffix_optional = true
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes, vm_autoresponders WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_autoresponders.mbox='${local_part}' AND vm_autoresponders.domain='${domain}' AND vm_autoresponders.mode='Vacation' AND vm_autoresponders.status='1'}}
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes, vm_autoresponders WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_autoresponders.mbox='${quote_mysql:$local_part}' AND vm_autoresponders.domain='${quote_mysql:$domain}' AND vm_autoresponders.mode='Vacation' AND vm_autoresponders.status='1'}}
|
||||
# add options for start & end date fields to above query
|
||||
# do not reply to errors or lists or spam-scanned messages, require vacation message in db
|
||||
condition = ${if !match {$h_precedence:} {(?i)junk|bulk|list}}
|
||||
|
|
@ -841,7 +855,7 @@ virtual_autoresponder:
|
|||
# currently configured to *not* autorespond to + aliases
|
||||
#local_part_suffix = +*
|
||||
#local_part_suffix_optional = true
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes, vm_autoresponders WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_autoresponders.mbox='${local_part}' AND vm_autoresponders.domain='${domain}' AND vm_autoresponders.mode='Autoresponder' AND vm_autoresponders.status='1'}}
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes, vm_autoresponders WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_autoresponders.mbox='${quote_mysql:$local_part}' AND vm_autoresponders.domain='${quote_mysql:$domain}' AND vm_autoresponders.mode='Autoresponder' AND vm_autoresponders.status='1'}}
|
||||
# add options for start & end date fields to above query
|
||||
# do not reply to errors or lists or spam-scanned messages, require autoresponder message in db
|
||||
condition = ${if !match {$h_precedence:} {(?i)junk|bulk|list}}
|
||||
|
|
@ -866,7 +880,7 @@ virtual_forward_and_drop:
|
|||
condition = ${if !eq {$received_protocol}{spam-scanned}}
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
data = ${lookup mysql{SELECT vm_forwards.forward_to FROM vm_mboxes, vm_forwards WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_forwards.mbox='${local_part}' AND vm_forwards.domain='${domain}' AND vm_forwards.save_local='0'}}
|
||||
data = ${lookup mysql{SELECT vm_forwards.forward_to FROM vm_mboxes, vm_forwards WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_forwards.mbox='${quote_mysql:$local_part}' AND vm_forwards.domain='${quote_mysql:$domain}' AND vm_forwards.save_local='0'}}
|
||||
|
||||
virtual_forward_and_keep:
|
||||
driver = redirect
|
||||
|
|
@ -874,7 +888,7 @@ virtual_forward_and_keep:
|
|||
condition = ${if !eq {$received_protocol}{spam-scanned}}
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
data = ${lookup mysql{SELECT CONCAT('${local_part}@${domain}\n', vm_forwards.forward_to) FROM vm_mboxes, vm_forwards WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_forwards.mbox='${local_part}' AND vm_forwards.domain='${domain}' AND vm_forwards.save_local='1'}}
|
||||
data = ${lookup mysql{SELECT CONCAT('${quote_mysql:$local_part}@${quote_mysql:$domain}\n', vm_forwards.forward_to) FROM vm_mboxes, vm_forwards WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_forwards.mbox='${quote_mysql:$local_part}' AND vm_forwards.domain='${quote_mysql:$domain}' AND vm_forwards.save_local='1'}}
|
||||
|
||||
spamcheck_router:
|
||||
driver = accept
|
||||
|
|
@ -887,16 +901,18 @@ spamcheck_router:
|
|||
condition = ${if < {$message_size}{512k}}
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter = '2'}}
|
||||
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter = '2'}}
|
||||
headers_remove = X-Spam-Checker-Version:X-Spam-Flag:X-Spam-Level:X-Spam-Status:X-Spam-Score:X-Spam-Report
|
||||
transport = spamcheck
|
||||
|
||||
# add mailman3 spamcheck?
|
||||
|
||||
user_filter:
|
||||
driver = redirect
|
||||
domains = +local_domains
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
data = ${lookup mysql{SELECT vm_filters.filter FROM vm_mboxes, vm_filters WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_filters.mbox='${local_part}' AND vm_filters.domain='${domain}'}}
|
||||
data = ${lookup mysql{SELECT vm_filters.filter FROM vm_mboxes, vm_filters WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_filters.mbox='${quote_mysql:$local_part}' AND vm_filters.domain='${quote_mysql:$domain}'}}
|
||||
user = vmail
|
||||
no_verify
|
||||
no_expn
|
||||
|
|
@ -913,7 +929,7 @@ lmtp_localuser:
|
|||
domains = +local_domains
|
||||
local_part_suffix = +*
|
||||
local_part_suffix_optional = true
|
||||
condition = ${lookup mysql{SELECT vm_mboxes.id FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0'}}
|
||||
condition = ${lookup mysql{SELECT vm_mboxes.id FROM vm_mboxes WHERE vm_mboxes.mbox='${quote_mysql:$local_part}' AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0'}}
|
||||
transport = dovecot_lmtp
|
||||
cannot_route_message = Unknown user
|
||||
|
||||
|
|
@ -922,7 +938,7 @@ virtual_alias_catchall:
|
|||
driver = redirect
|
||||
domains = +local_domains
|
||||
## condition = ${if !eq {$received_protocol}{spam-scanned}}
|
||||
data = ${lookup mysql{SELECT CONCAT(vm_aliases.mbox,'@','${domain}') FROM vm_mboxes, vm_aliases WHERE vm_mboxes.mbox=vm_aliases.mbox AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_aliases.alias='catchall' AND vm_aliases.domain='${domain}'}}
|
||||
data = ${lookup mysql{SELECT CONCAT(vm_aliases.mbox,'@','${quote_mysql:$domain}') FROM vm_mboxes, vm_aliases WHERE vm_mboxes.mbox=vm_aliases.mbox AND vm_mboxes.domain='${quote_mysql:$domain}' AND vm_mboxes.status > '0' AND vm_aliases.alias='catchall' AND vm_aliases.domain='${quote_mysql:$domain}'}}
|
||||
|
||||
# This router handles aliasing using a linearly searched alias file with the
|
||||
# name SYSTEM_ALIASES_FILE. When this configuration is installed automatically,
|
||||
|
|
@ -1062,8 +1078,8 @@ vacation_transport:
|
|||
return_path = ${local_part}@${domain}
|
||||
to = ${sender_address}
|
||||
from = ${local_part}@${domain}
|
||||
subject = ${lookup mysql{SELECT vm_autoresponders.subject FROM vm_autoresponders WHERE vm_autoresponders.mbox='${local_part}' AND vm_autoresponders.domain='${domain}' AND vm_autoresponders.status='1' AND vm_autoresponders.mode='Vacation'}{$value}{"Auto Reply"}}
|
||||
text = ${lookup mysql{SELECT vm_autoresponders.body FROM vm_autoresponders WHERE vm_autoresponders.mbox='${local_part}' AND vm_autoresponders.domain='${domain}' AND vm_autoresponders.status='1' AND vm_autoresponders.mode='Vacation'}{$value}fail}
|
||||
subject = ${lookup mysql{SELECT vm_autoresponders.subject FROM vm_autoresponders WHERE vm_autoresponders.mbox='${quote_mysql:$local_part}' AND vm_autoresponders.domain='${quote_mysql:$domain}' AND vm_autoresponders.status='1' AND vm_autoresponders.mode='Vacation'}{$value}{"Auto Reply"}}
|
||||
text = ${lookup mysql{SELECT vm_autoresponders.body FROM vm_autoresponders WHERE vm_autoresponders.mbox='${quote_mysql:$local_part}' AND vm_autoresponders.domain='${quote_mysql:$domain}' AND vm_autoresponders.status='1' AND vm_autoresponders.mode='Vacation'}{$value}fail}
|
||||
user = vmail
|
||||
|
||||
## for autoresponder
|
||||
|
|
@ -1073,8 +1089,8 @@ autoresponder_transport:
|
|||
return_path = ${local_part}@${domain}
|
||||
to = ${sender_address}
|
||||
from = ${local_part}@${domain}
|
||||
subject = ${lookup mysql{SELECT vm_autoresponders.subject FROM vm_autoresponders WHERE vm_autoresponders.mbox='${local_part}' AND vm_autoresponders.domain='${domain}' AND vm_autoresponders.status='1' AND vm_autoresponders.mode='Autoresponder'}{$value}{"Auto Reply"}}
|
||||
text = ${lookup mysql{SELECT vm_autoresponders.body FROM vm_autoresponders WHERE vm_autoresponders.mbox='${local_part}' AND vm_autoresponders.domain='${domain}' AND vm_autoresponders.status='1' AND vm_autoresponders.mode='Autoresponder'}{$value}fail}
|
||||
subject = ${lookup mysql{SELECT vm_autoresponders.subject FROM vm_autoresponders WHERE vm_autoresponders.mbox='${quote_mysql:$local_part}' AND vm_autoresponders.domain='${quote_mysql:$domain}' AND vm_autoresponders.status='1' AND vm_autoresponders.mode='Autoresponder'}{$value}{"Auto Reply"}}
|
||||
text = ${lookup mysql{SELECT vm_autoresponders.body FROM vm_autoresponders WHERE vm_autoresponders.mbox='${quote_mysql:$local_part}' AND vm_autoresponders.domain='${quote_mysql:$domain}' AND vm_autoresponders.status='1' AND vm_autoresponders.mode='Autoresponder'}{$value}fail}
|
||||
user = vmail
|
||||
|
||||
#maildir_delivery:
|
||||
|
|
@ -1103,7 +1119,7 @@ spamcheck:
|
|||
driver = pipe
|
||||
command = /usr/sbin/exim -oMr spam-scanned -bS
|
||||
use_bsmtp = true
|
||||
transport_filter = /usr/bin/spamc -f -u $local_part@$domain
|
||||
transport_filter = /usr/bin/spamc -f -u $local_part_data@$domain_data
|
||||
home_directory = "/tmp"
|
||||
current_directory = "/tmp"
|
||||
# must use a privileged user to set $received_protocol on the way back in!
|
||||
|
|
@ -1115,6 +1131,28 @@ spamcheck:
|
|||
message_prefix =
|
||||
message_suffix =
|
||||
|
||||
mailman3_transport:
|
||||
driver = smtp
|
||||
protocol = lmtp
|
||||
allow_localhost
|
||||
hosts = localhost
|
||||
#hosts_override
|
||||
port = 8024
|
||||
rcpt_include_affixes = true
|
||||
|
||||
#mailman_transport:
|
||||
# driver = pipe
|
||||
# command = MAILMAN_WRAP \
|
||||
# '${if def:local_part_suffix \
|
||||
# {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
|
||||
# {post}}' \
|
||||
# $local_part
|
||||
# current_directory = MAILMAN_HOME
|
||||
# home_directory = MAILMAN_HOME
|
||||
# user = MAILMAN_UID
|
||||
# group = MAILMAN_GID
|
||||
|
||||
|
||||
# clamav
|
||||
#clamav_scan
|
||||
# driver = pipe
|
||||
46
install.sh
46
install.sh
|
|
@ -5,13 +5,11 @@ if [ "${EUID}" -ne 0 ]; then
|
|||
exit
|
||||
fi
|
||||
|
||||
# check for Ubuntu 20.04
|
||||
if ! grep -q "Ubuntu 22.04" /etc/issue; then
|
||||
echo "This installer is only tested on Ubuntu 22.04. If you are on a"
|
||||
echo "different version of Ubuntu or a Debian/Debian based distro"
|
||||
echo "and want to try running this installer open this script and"
|
||||
echo "comment out the exit command below this line and re-run."
|
||||
exit
|
||||
# check for Ubuntu 22.04 (jammy) or Debian 12 (bookworm)
|
||||
os_codename=`lsb_release -cs`
|
||||
if [ $os_codename != jammy ] && [ $os_codename != bookworm ]; then
|
||||
echo "This installer only runs on Ubuntu 22.04 (jammy) or Debian 12 (Bookworm), bailing out."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# check if install is already in place
|
||||
|
|
@ -93,13 +91,19 @@ sed -i "s|userpref|sa_userpref|g" /usr/share/doc/spamassassin/sql/userpref_mysql
|
|||
sed -i "s|username varchar(100)|username varchar(255)|g" /usr/share/doc/spamassassin/sql/userpref_mysql.sql
|
||||
sed -i "s|TYPE=MyISAM||g" /usr/share/doc/spamassassin/sql/userpref_mysql.sql
|
||||
mysql vmail < /usr/share/doc/spamassassin/sql/userpref_mysql.sql
|
||||
sed -i 's|OPTIONS="--create-prefs --max-children 5 --helper-home-dir"|OPTIONS="-x -q -v -u Debian-exim -m 5"|g' /etc/default/spamassassin
|
||||
sed -i 's|CRON=0|CRON=1|g' /etc/default/spamassassin
|
||||
if [ $os_codename = jammy ]; then
|
||||
sed -i 's|OPTIONS="--create-prefs --max-children 5 --helper-home-dir"|OPTIONS="-x -q -v -u Debian-exim -m 5"|g' /etc/default/spamassassin
|
||||
sed -i 's|CRON=0|CRON=1|g' /etc/default/spamassassin
|
||||
elif [ $os_codename != bookworm ]; then
|
||||
sed -i 's|OPTIONS="--create-prefs --max-children 5 --helper-home-dir"|OPTIONS="-x -q -v -u Debian-exim -m 5"|g' /etc/default/spamd
|
||||
else
|
||||
echo "WARNING: Unexpected OS codename. This should never happen due to previous checks."
|
||||
fi
|
||||
cp etc/spamassassin/*.cf /etc/spamassassin/
|
||||
sed -i "s|user_scores_sql_password password|user_scores_sql_password $VMAILPASS|g" /etc/spamassassin/sql.cf
|
||||
chown root:root /etc/spamassassin/local.cf
|
||||
chmod 644 /etc/spamassassin/local.cf
|
||||
chown debian-spamd:mail /etc/spamassassin/sql.cf
|
||||
chown Debian-exim:mail /etc/spamassassin/sql.cf
|
||||
chmod 640 /etc/spamassassin/sql.cf
|
||||
|
||||
# create local systemd dir, used by srsd & vmail-cron
|
||||
|
|
@ -123,6 +127,13 @@ maildomain=`hostname -d`
|
|||
sed -i 's/size 10M/daily/g' /etc/logrotate.d/exim4-paniclog
|
||||
install --owner=Debian-exim --group=Debian-exim --mode=640 /dev/null /etc/exim4/relay_domains
|
||||
cp etc/exim4/* /etc/exim4/
|
||||
if [ $os_codename = jammy ]; then
|
||||
cp /etc/exim4/exim4-jammy.conf /etc/exim4/exim4.conf
|
||||
elif [ $os_codename != bookworm ]; then
|
||||
cp /etc/exim4/exim4-bookworm.conf /etc/exim4/exim4.conf
|
||||
else
|
||||
echo "WARNING: Unexpected OS codename. This should never happen due to previous checks."
|
||||
fi
|
||||
chmod 640 /etc/exim4/exim4.conf
|
||||
chown Debian-exim:Debian-exim /etc/exim4/autowhitelist.filter
|
||||
chmod 640 /etc/exim4/autowhitelist.filter
|
||||
|
|
@ -140,6 +151,9 @@ chown Debian-exim:Debian-exim /etc/exim4/srsd.secret
|
|||
pwgen -N 1 64 > /etc/exim4/srsd.secret
|
||||
sed -i "s|^QUEUERUNNER.*|QUEUERUNNER='separate'|g" /etc/default/exim4
|
||||
sed -i "s|^QUEUEINTERVAL.*|QUEUEINTERVAL='15m'|g" /etc/default/exim4
|
||||
if [[ ! -f /var/log/exim4/rejectlog ]]; then
|
||||
install --owner=Debian-exim --group=adm --mode=640 /dev/null /var/log/exim4/rejectlog
|
||||
fi
|
||||
|
||||
# dovecot config
|
||||
mkdir /etc/dovecot/sites.d
|
||||
|
|
@ -155,8 +169,15 @@ chmod 750 /usr/local/libexec/vmail-quota-warning.sh
|
|||
chown dovecot:mail /usr/local/libexec/vmail-quota-warning.sh
|
||||
|
||||
# restart services
|
||||
systemctl enable spamassassin
|
||||
systemctl restart spamassassin
|
||||
if [ $os_codename = jammy ]; then
|
||||
systemctl enable spamassassin
|
||||
systemctl restart spamassassin
|
||||
elif [ $os_codename != bookworm ]; then
|
||||
systemctl enable spamd
|
||||
systemctl restart spamd
|
||||
else
|
||||
echo "WARNING: Unexpected OS codename. This should never happen due to previous checks."
|
||||
fi
|
||||
systemctl restart exim4
|
||||
systemctl restart dovecot
|
||||
|
||||
|
|
@ -201,6 +222,7 @@ else
|
|||
echo "fail2ban not installed, skipping fail2ban email configs."
|
||||
fi
|
||||
|
||||
sed -i '/^root/d' /etc/aliases
|
||||
echo "webmaster@$maildomain" > /root/.forward
|
||||
echo
|
||||
echo "System emails are all configured to alias to root@$fqdn,"
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user