From 302bcde43faa806e6b080443cc4acfe49865c1c4 Mon Sep 17 00:00:00 2001 From: James Date: Tue, 21 May 2024 16:37:03 -0700 Subject: [PATCH] mailing lists are working Signed-off-by: James --- docker-compose.yml | 56 ++++--- mail/entrypoint.sh | 79 ++++++++-- mail/etc/aliases | 168 --------------------- mail/etc/aliases.db | Bin 12288 -> 0 bytes mail/etc/postfix/README | 24 ++- mail/etc/postfix/main.cf | 10 +- mail/etc/postfix/post-install | 0 mail/etc/postfix/postfix-script | 0 mail/etc/postfix/recipient_restrictions | 1 - mail/etc/postfix/recipient_restrictions.db | Bin 12288 -> 12288 bytes mail/etc/postfix/sender_access | 13 -- mail/etc/postfix/sender_access.db | Bin 12288 -> 0 bytes mail/etc/postfix/sender_checks | 12 ++ mail/etc/postfix/sender_checks.db | Bin 12288 -> 12288 bytes mail/etc/postfix/sender_restrictions.db | Bin 12288 -> 12288 bytes mail/etc/postfix/transport | 37 ----- mail/etc/postfix/transport.db | Bin 12288 -> 0 bytes 17 files changed, 130 insertions(+), 270 deletions(-) delete mode 100644 mail/etc/aliases delete mode 100644 mail/etc/aliases.db mode change 100755 => 100644 mail/etc/postfix/post-install mode change 100755 => 100644 mail/etc/postfix/postfix-script delete mode 100644 mail/etc/postfix/sender_access delete mode 100644 mail/etc/postfix/sender_access.db delete mode 100644 mail/etc/postfix/transport delete mode 100644 mail/etc/postfix/transport.db diff --git a/docker-compose.yml b/docker-compose.yml index 85cb9e4..efc3bb8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,15 +9,17 @@ services: dockerfile: Dockerfile.web restart: always volumes: + # Dynamic data + - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live + - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive + - /home/jketreno/docker/webserver/data/log:/var/log:rw + # Static data - /home/jketreno/docker/webserver/web/etc/nginx/sites-enabled:/etc/nginx/sites-enabled:ro - /home/jketreno/docker/webserver/web/etc/nginx/sites-available:/etc/nginx/sites-available:ro - /home/jketreno/docker/webserver/web/etc/apache2:/etc/apache2:ro - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/options-ssl-apache.conf:/etc/letsencrypt/options-ssl-apache.conf:ro - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/options-ssl-nginx.conf:/etc/letsencrypt/options-ssl-nginx.conf:ro - - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live:ro - - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive:ro - /home/jketreno/docker/webserver/web/entrypoint.sh:/entrypoint.sh:ro - - /home/jketreno/docker/webserver/data/log:/var/log:rw - /home/jketreno/docker/webserver/www:/var/www:ro - /home/jketreno/docker/webserver/data/mailman/web/data/static:/opt/mailman/static:ro ports: @@ -41,35 +43,35 @@ services: - 465:465 # postfix smtps - 587:587 # postfix submission volumes: + # Dynamic data - /home:/home:rw # User home directories for Maildir access - - /home/jketreno/docker/webserver/data/mailman/core/var/data/postfix_lmtp:/opt/mailman/postfix_lmtp:ro # Used for LMTP to ketrenet-mailman-core - - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live:ro - - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive:ro + - /home/jketreno/docker/webserver/data/mailman/core/var/data/postfix_lmtp:/opt/mailman/postfix_lmtp # Used for LMTP to ketrenet-mailman-core (rw so it is dynamically updated) + - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live + - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive + - /home/jketreno/docker/webserver/data/mail/var/lib/milter-greylist:/var/lib/milter-greylist + - /home/jketreno/docker/webserver/data/log:/var/log:rw + - /home/jketreno/docker/webserver/data/mail/var/mail:/var/mail:rw + - /home/jketreno/docker/webserver/data/mail/var/spool/mail:/var/spool/mail:rw + - /home/jketreno/docker/webserver/data/mail/var/lib/clamav:/var/lib/clamav:rw + - /home/jketreno/docker/webserver/keys/mail/etc/spamassassin/sa-update-keys/:/etc/spamassassin/sa-update-keys:rw + - /home/jketreno/docker/webserver/mail/etc/postfix:/etc/postfix:rw + - /home/jketreno/docker/webserver/keys/mail/etc/opendkim:/etc/opendkim-private:rw + # Static data - /home/jketreno/docker/webserver/mail/etc/mailname:/etc/mailname:ro - - /home/jketreno/docker/webserver/mail/etc/aliases.db:/etc/aliases.db:rw - - /home/jketreno/docker/webserver/mail/etc/aliases:/etc/aliases:rw - /home/jketreno/docker/webserver/mail/etc/dovecot:/etc/dovecot:ro - /home/jketreno/docker/webserver/mail/etc/amavis:/etc/amavis:ro - /home/jketreno/docker/webserver/mail/etc/clamav:/etc/clamav:ro - /home/jketreno/docker/webserver/mail/etc/hostname:/etc/hostname:ro - /home/jketreno/docker/webserver/mail/etc/opendkim.conf:/etc/opendkim.conf:ro - /home/jketreno/docker/webserver/mail/etc/opendkim:/etc/opendkim:ro - - /home/jketreno/docker/webserver/mail/etc/postfix:/etc/postfix:rw - /home/jketreno/docker/webserver/mail/etc/milter-greylist:/etc/milter-greylist:ro - - /home/jketreno/docker/webserver/data/mail/var/lib/milter-greylist:/var/lib/milter-greylist:rw - /home/jketreno/docker/webserver/mail/etc/default/milter-greylist:/etc/default/milter-greylist:ro - /home/jketreno/docker/webserver/mail/entrypoint.sh:/entrypoint.sh:ro - - /home/jketreno/docker/webserver/data/log:/var/log:rw - - /home/jketreno/docker/webserver/data/mail/var/mail:/var/mail:rw - - /home/jketreno/docker/webserver/data/mail/var/spool/mail:/var/spool/mail:rw - - /home/jketreno/docker/webserver/www:/var/www:ro - - /home/jketreno/docker/webserver/data/mail/var/lib/clamav:/var/lib/clamav:rw - /home/jketreno/docker/webserver/mail/etc/rsyslog.conf:/etc/rsyslog.conf:ro + - /home/jketreno/docker/webserver/www:/var/www:ro # Keys - /home/jketreno/docker/webserver/keys/mail/etc/dkimkeys:/etc/dkimkeys:ro - - /home/jketreno/docker/webserver/keys/mail/etc/spamassassin/sa-update-keys/:/etc/spamassassin/sa-update-keys:rw - /home/jketreno/docker/webserver/keys/mail/etc/dovecot/private:/etc/dovecot-private:ro - - /home/jketreno/docker/webserver/keys/mail/etc/opendkim:/etc/opendkim-private:rw # Authentication of dovecot users via pam # #- /etc/passwd:/etc/systempasswd:ro @@ -95,9 +97,11 @@ services: ports: - 8124:80 volumes: - - /home/jketreno/docker/webserver/roundcube/var/roundcube:/var/roundcube/config:ro + # Dynamic data - /home/jketreno/docker/webserver/data/roundcube/db:/var/roundcube/db:rw - /home/jketreno/docker/webserver/data/roundcube/html:/var/www/html:rw + # Static data + - /home/jketreno/docker/webserver/roundcube/var/roundcube:/var/roundcube/config:ro networks: ketrenet-mailman: @@ -110,13 +114,15 @@ services: dockerfile: Dockerfile.cron restart: always volumes: + # Dynamic data - /home/jketreno/docker/webserver/cron/etc/letsencrypt:/etc/letsencrypt:rw - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/live:/etc/letsencrypt/live:rw - /home/jketreno/docker/webserver/keys/cron/etc/letsencrypt/archive:/etc/letsencrypt/archive:rw - - /home/jketreno/docker/webserver/cron/etc/cron.d:/etc/cron.d:ro - /home/jketreno/docker/webserver/data/log:/var/log:rw - - /home/jketreno/docker/webserver/keys/letsencrypt/:/keys:ro - /home/jketreno/docker/webserver/www:/var/www:rw + # Static data + - /home/jketreno/docker/webserver/cron/etc/cron.d:/etc/cron.d:ro + - /home/jketreno/docker/webserver/keys/letsencrypt/:/keys:ro - /home/jketreno/docker/webserver/cron/entrypoint.sh:/entrypoint.sh:ro ketrenet-dns: @@ -134,12 +140,14 @@ services: - 67:67/udp # dhcp - 68:68/udp # dhcp volumes: + # Dynamic data + - /home/jketreno/docker/webserver/data/log:/var/log:rw + - /home/jketreno/docker/webserver/data/dns/var/lib/:/var/lib:rw + # Static data - /home/jketreno/docker/webserver/keys/dns/ddns.key:/etc/ddns.key:ro - /home/jketreno/docker/webserver/dns/etc/dhcp:/etc/dhcp:ro - /home/jketreno/docker/webserver/dns/etc/bind:/etc/bind:ro - /home/jketreno/docker/webserver/dns/entrypoint.sh:/entrypoint.sh:ro - - /home/jketreno/docker/webserver/data/log:/var/log:rw - - /home/jketreno/docker/webserver/data/dns/var/lib/:/var/lib:rw ketrenet-mailman-core: image: maxking/mailman-core:0.4 # Use a specific version tag (tag latest is not published) @@ -158,7 +166,7 @@ services: - DATABASE_URL=postgresql://mailman:mailmanpass@ketrenet-database/mailmandb - DATABASE_TYPE=postgres - DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase - - HYPERKITTY_URL=http://ketrenet-mailman-web:8000/hyperkitty + - HYPERKITTY_URL=http://ketrenet-mailman-web:8000/mailman/hyperkitty - HYPERKITTY_API_KEY=s0meap1k3y - MAILMAN_ADMIN_USER=jketreno - MAILMAN_ADMIN_EMAIL=james_mailman@ketrenos.com @@ -189,7 +197,7 @@ services: - DATABASE_TYPE=postgres - DATABASE_URL=postgresql://mailman:mailmanpass@ketrenet-database/mailmandb - HYPERKITTY_API_KEY=s0meap1k3y - - HYPERKITTY_URL=http://ketrenet-mailman-web:8000/hyperkitty + - HYPERKITTY_URL=http://ketrenet-mailman-web:8000/mailman/hyperkitty - SECRET_KEY=s7p4rs3kr1t - SERVE_FROM_DOMAIN=ketrenos.com - UWSGI_STATIC_MAP=/mailman/static=/opt/mailman-web-data/static diff --git a/mail/entrypoint.sh b/mail/entrypoint.sh index 1320101..dd4638c 100755 --- a/mail/entrypoint.sh +++ b/mail/entrypoint.sh @@ -101,9 +101,52 @@ else fi fi -if ! postmap /opt/mailman/postfix_lmtp; then - fail "postmap /opt/mailman/postfix_lmtp" -fi +update_keys() { + echo "Key rotation on ${1}" + if [[ "${2}" -ne 0 ]]; then + echo "Restarting postfix and dovecot." + /etc/init.d/dovecot restart + /etc/init.d/postfix restart + fi +} + +update_map() { + echo "Map update ${1}." + postmap "${1}" + if [[ "${2}" -ne 0 ]]; then + echo "Restarting postfix." + /etc/init.d/postfix reload + fi +} + +update_alias() { + echo "Alias update ${1}." + postalias "${1}" + if [[ "${2}" -ne 0 ]]; then + echo "Restarting postfix." + /etc/init.d/postfix reload + fi +} + +declare -a watches=( + "/etc/letsencrypt/archive:update_keys" + "/etc/postfix/sender_checks:update_map" + "/etc/postfix/sender_restrictions:update_map" + "/etc/postfix/recipient_restrictions:update_map" + "/opt/mailman/postfix_lmtp:update_map" + "/etc/postfix/aliases:update_alias" +) + +# +# Update postfix DBs called out in watches +# +for entry in "${watches[@]}"; do + file=${entry%%:*} + fn="${entry##*:}" + if [[ "${fn}" =~ update_ ]]; then + ${fn} "${file}" 0 + fi +done while true; do /usr/sbin/rsyslogd -n @@ -180,16 +223,24 @@ done & #done & # -# Watch for letsencrypt changes and if they occur, restart nginx and apache2 +# Watch for letsencrypt and various config changes, taking appropriate +# actions when the files changed. # -while true; do - inotifywait -e modify /etc/letsencrypt/archive /opt/mailman/postfix_lmtp | while read -r file status; do - if [[ "${file}" == "/opt/mailman/postfix_lmtp" ]]; then - postmap /opt/mailman/postfix_lmtp - /etc/init.d/postfix reload - else - /etc/init.d/dovecot restart - /etc/init.d/postfix restart - fi - done +declare -a watch_files=() +for entry in "${watches[@]}"; do + file=${entry%%:*} + watch_files=("${watch_files[@]}" "${file}") done + +while true; do + inotifywait -e modify "${watch_files[@]}" | + while read -r changed_file status; do + for entry in "${watches[@]}"; do + file=${entry%%:*} + if [[ "${changed_file}" == "${file}" ]]; then + fn="${entry##*:}" + ${fn} "${file}" 1 + fi + done + done +done \ No newline at end of file diff --git a/mail/etc/aliases b/mail/etc/aliases deleted file mode 100644 index cede04a..0000000 --- a/mail/etc/aliases +++ /dev/null @@ -1,168 +0,0 @@ -# General redirections for pseudo accounts. -adm: root -bin: root -daemon: root -exim: root -lp: root -mail: root -named: root -nobody: root -postfix: root -abuse: root -ftp: root -hostmaster: root -news: root -noc: root -security: root -usenet: root -uucp: root -webmaster: root -www: root - -pair: jketreno - -shaznat: jketreno - -root: jketreno - -grandma: agape -sherri: agape -mom: agape - -papa: barry -dad: barry - -mailer-daemon: postmaster - -# Mailing lists -slavod: jketreno -james: jketreno -logics: jketreno -ketrenoj: jketreno -daddy: jketreno -chrisotpher: christopher - -mommy: kathleen -flylady: kathleen -ketrenok: kathleen -yahoo: kathleen -glider: kathleen -midwives: kathleen -ketrenok2000: kathleen -homestead: kathleen -jamesdontread: kathleen - -chris: christopher -chrisk: christopher - -solace: melissa - -elcore: george -gketreno: george -ketrenog: george - - - -## jcubed mailing list -## created: 25-Feb-2003 mailman -jcubed: "|/var/lib/mailman/mail/mailman post jcubed" -jcubed-admin: "|/var/lib/mailman/mail/mailman admin jcubed" -jcubed-request: "|/var/lib/mailman/mail/mailman request jcubed" -jcubed-owner: jcubed-admin - - -## family mailing list -## created: 06-Aug-2002 root -miles-family: "|/var/lib/mailman/mail/mailman post family" -family-admin: "|/var/lib/mailman/mail/mailman admin family" -family-request: "|/var/lib/mailman/mail/mailman request family" -family-owner: family-admin -family: "|/var/lib/mailman/mail/mailman post family" - -## mbs mailing list -mbs-admin: "|/var/lib/mailman/mail/mailman admin mbs" -mbs-bounces: "|/var/lib/mailman/mail/mailman bounces mbs" -mbs-confirm: "|/var/lib/mailman/mail/mailman confirm mbs" -mbs-join: "|/var/lib/mailman/mail/mailman join mbs" -mbs-leave: "|/var/lib/mailman/mail/mailman leave mbs" -mbs-owner: "|/var/lib/mailman/mail/mailman owner mbs" -mbs-request: "|/var/lib/mailman/mail/mailman request mbs" -mbs-subscribe: "|/var/lib/mailman/mail/mailman subscribe mbs" -mbs-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mbs" -mbs: "|/var/lib/mailman/mail/mailman post mbs" - -## vansicklefamily mailing list -## added oct 02 2007 -vansicklefamily-admin: "|/var/lib/mailman/mail/mailman admin vansicklefamily" -vansicklefamily-bounces: "|/var/lib/mailman/mail/mailman bounces vansicklefamily" -vansicklefamily-confirm: "|/var/lib/mailman/mail/mailman confirm vansicklefamily" -vansicklefamily-join: "|/var/lib/mailman/mail/mailman join vansicklefamily" -vansicklefamily-leave: "|/var/lib/mailman/mail/mailman leave vansicklefamily" -vansicklefamily-owner: "|/var/lib/mailman/mail/mailman owner vansicklefamily" -vansicklefamily-request: "|/var/lib/mailman/mail/mailman request vansicklefamily" -vansicklefamily-subscribe: "|/var/lib/mailman/mail/mailman subscribe vansicklefamily" -vansicklefamily-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe vansicklefamily" -vansicklefamily: "|/var/lib/mailman/mail/mailman post vansicklefamily" - -## mosj mailing list -## added Nov 4 2007 -mosj-bounces: "|/var/lib/mailman/mail/mailman bounces mosj" -mosj-admin: "|/var/lib/mailman/mail/mailman admin mosj" -mosj-confirm: "|/var/lib/mailman/mail/mailman confirm mosj" -mosj-join: "|/var/lib/mailman/mail/mailman join mosj" -mosj-leave: "|/var/lib/mailman/mail/mailman leave mosj" -mosj-owner: "|/var/lib/mailman/mail/mailman owner mosj" -mosj-request: "|/var/lib/mailman/mail/mailman request mosj" -mosj-subscribe: "|/var/lib/mailman/mail/mailman subscribe mosj" -mosj-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mosj" -mosj: "|/var/lib/mailman/mail/mailman post mosj" - -## sjmoms mailing list -## added May 8 2009 -sjmoms-bounces: "|/var/lib/mailman/mail/mailman bounces sjmoms" -sjmoms-admin: "|/var/lib/mailman/mail/mailman admin sjmoms" -sjmoms-confirm: "|/var/lib/mailman/mail/mailman confirm sjmoms" -sjmoms-join: "|/var/lib/mailman/mail/mailman join sjmoms" -sjmoms-leave: "|/var/lib/mailman/mail/mailman leave sjmoms" -sjmoms-owner: "|/var/lib/mailman/mail/mailman owner sjmoms" -sjmoms-request: "|/var/lib/mailman/mail/mailman request sjmoms" -sjmoms-subscribe: "|/var/lib/mailman/mail/mailman subscribe sjmoms" -sjmoms-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe sjmoms" -sjmoms: "|/var/lib/mailman/mail/mailman post sjmoms" - - -efax: kathleen -family-bounces: jketreno -film: jketreno -logics_vcd_db: jketreno - -robot: jketreno - -# See man 5 aliases for format -sheri: agape -spinaker: colleen -postmaster: root -clamav: root -## mailman mailing list -mailman: "|/var/lib/mailman/mail/mailman post mailman" -mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" -mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" -mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" -mailman-join: "|/var/lib/mailman/mail/mailman join mailman" -mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" -mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" -mailman-request: "|/var/lib/mailman/mail/mailman request mailman" -mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" -mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman" -## test mailing list -test: "|/var/lib/mailman/mail/mailman post test" -test-admin: "|/var/lib/mailman/mail/mailman admin test" -test-bounces: "|/var/lib/mailman/mail/mailman bounces test" -test-confirm: "|/var/lib/mailman/mail/mailman confirm test" -test-join: "|/var/lib/mailman/mail/mailman join test" -test-leave: "|/var/lib/mailman/mail/mailman leave test" -test-owner: "|/var/lib/mailman/mail/mailman owner test" -test-request: "|/var/lib/mailman/mail/mailman request test" -test-subscribe: "|/var/lib/mailman/mail/mailman subscribe test" -test-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe test" -zacharais: zacharias diff --git a/mail/etc/aliases.db b/mail/etc/aliases.db deleted file mode 100644 index 9d14fa15dfc1163e370ba671f2ed90553e85067a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12288 zcmeHMYlsz99G{8qo%cB+MLsAO3!!Lr%i5H}2kwfSZkmc>qU*VHXYZZ6^SI93dw16t zl8+Wa+9Zog2@Ok#tS|Y&kRBkt2-~b60#iSPhD0DnPwLE_xie?y3UiMi>dRc*JLjA^ zzyF>2o!|MN|Nk$;Fbs?TybroP%Lra$0{-K@2E*LqU&ej!!95n=AD;Kql^Ij~Tb_-E z9dBe8wlTK9xG_HN&rZKn22uu622uu622uu622uu622uu622uu622uw8YX;&u`d(&3 zhEe{8f50p7JUk0e!;|nG_$E9C55rM70-uIk;by2q6>fm5;8M5cjd7oI zr?_35!9B!HzDI8O%odNf}5PNEx7GfZc-B zB64)(GC>pRxH*6-MMKjph8;#l+h$nDwkr%fsO3!LRy2oUr*E58L(VKi&&@KCZkWib zUmKmas^wO5uIlJHt*wSES62rNtsj}XF+81NV}1o9wz;agl@`nfGm}l)gO=vB zV6Z+f*_@%FS}U(zpOz#-E9=paQPtHf4aoon#{= z8;dZG_Xd-ps%`b_j@g6`#v4*|HMQ#Km0^Z04QLfdvqE1+_H&+d^Ie>$DIaWfZCr;l^k=UP+go`$wQqfSJVNn5G&T>+M@N7IEKY+ zXtq4K94=1&!K7{6V(`2EjqeevCBm-4y<bv?CoYB=$z9rr(<^KoVnheW%y2C z@A9sm#Xa3!>;eY=^FChwPyRpuPUc0N|NjZE!=K?r_%-|(egxlx@4~m?>+ldf0Qcbv zz!1*=``}u5FPsXmg7fv<|5>mHYzHpT!Fuo{&i?0vxnMT92TTGGTu{c8Bg&|5>ny^t=D=Zh52n&RX!mYwL{283@@8#F>J^U12 z#QFXiZj>A0c5pS$`)&4E_SNi5*`3+N*^cb*ne&;WnZp^(K>A4; zNEt{O_&*p34u!$N!Q_K9id15WKR(`KBh-;g41WWQbdgN5y;x*Zt*SV-NII7z3Wzj| z`ejKh-D{D^@C8)c@T)v-S+~%Dcb=P?p}Q`Qn_SyKDn7uYV8As{&BhT{(yJ21oTl`Q zxR-3G5r4%q#4!F!dXjo5*7OWic|-iSDYJ(-oH7WE!)Y>!7&eTIT^zSL`nWFc5zAae zTP!p#A@0}17}2tGb`%m?+F%%&TR2RoR0o-u-jp&(1C**Dp;U?>fs|?>p_ED>p)@KW zaAeqzOExAB?1N+p_mX$x_{;(qay7TzPc)LTk@pMpTWa4IA?Z9{gbV#%lHVY-*cN2e z_*`k^*2LZ9H*ff`W;3*UZOX9eRNDln)ozmkS_L;5pwe+1jq7qmDZrywbJ`mjte>!Y zgQREks}AHg2olqQ2Rk}CZZsZc&cVz=>nmPTt2r%?b>lapszJ~X-ahEHxR`ZNTii4a zkufa!*7ZV5-nMX^)T^XKMS_B%=e^*dQAQ{PY>;#MjbQ^tCxbSmW1kXKP;nXIMr8xL RLevn(6%-mpgd8pf{|h;_+qM7z diff --git a/mail/etc/postfix/README b/mail/etc/postfix/README index e97f584..5ffc635 100644 --- a/mail/etc/postfix/README +++ b/mail/etc/postfix/README @@ -1,23 +1,31 @@ To blacklist an alias: -echo "alias@ketrenos.com reject" | sudo tee -a recipient_restrictions +```bash +echo "alias@ketrenos.com reject" | sudo tee -a /etc/postfix/recipient_restrictions sudo postmap hash:/etc/postfix/recipient_restrictions sudo systemctl restart postfix +``` To black list a sender: -echo "name@address.com" | sudo tee -a sender_access -sudo postmap hash:/etc/postfix/sender_access +```bash +echo "name@address.com" | sudo tee -a /etc/postfix/sender_restrictions +sudo postmap hash:/etc/postfix/sender_restrictions sudo systemctl restart postfix +``` To add a sender (eg firsttechfed.com) to the whitelist of sender DNS: -echo "firsttechfed.com OK" | sudo tee -a sender_access -sudo postmap hash:/etc/postfix/sender_access +```bash +echo "firsttechfed.com OK" | sudo tee -a /etc/postfix/sender_checks +sudo postmap hash:/etc/postfix/sender_checks sudo systemctl restart postfix +``` -To add a new list, append entries to /etc/aliases and run: +To add a new alias, append entries to /etc/aliases and run: -echo "alias" | sudo tee -a /etc/aliases -sudo postalias /etc/aliases +```bash +echo "alias: user" | sudo tee -a /etc/postfix/aliases +sudo postalias /etc/postfix/aliases sudo systemctl restart postfix +``` \ No newline at end of file diff --git a/mail/etc/postfix/main.cf b/mail/etc/postfix/main.cf index b8dd084..bcafd01 100644 --- a/mail/etc/postfix/main.cf +++ b/mail/etc/postfix/main.cf @@ -71,8 +71,8 @@ smtpd_tls_mandatory_ciphers = high #smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # Alias maps and database -alias_maps = hash:/etc/aliases -alias_database = hash:/etc/aliases +alias_maps = hash:/etc/postfix/aliases +alias_database = hash:/etc/postfix/aliases # Support multiple recipient delimiters (_ and +) canonical_maps = regexp:/etc/postfix/canonical @@ -85,8 +85,8 @@ recipient_delimiter = _ # Mailman3 support (via ketrenet-mailman-core) unknown_local_recipient_reject_code = 550 owner_request_special = no -transport_maps = hash:/opt/mailman/postfix_lmtp -local_recipient_maps = hash:/opt/mailman/postfix_lmtp +transport_maps = regexp:/opt/mailman/postfix_lmtp +local_recipient_maps = regexp:/opt/mailman/postfix_lmtp # relay_domains is set for more than just mailman ketrenos.com # relay_domains = hash:/opt/mailman/postfix_domains @@ -148,9 +148,9 @@ mailman_destination_recipient_limit = 1 # SMTPD recipient restrictions smtpd_recipient_restrictions = permit_mynetworks, - check_recipient_access hash:/etc/postfix/recipient_restrictions, permit_sasl_authenticated, reject_unauth_destination, + check_recipient_access hash:/etc/postfix/recipient_restrictions, reject_rbl_client zen.spamhaus.org=127.0.0.[2..11], check_sender_access hash:/etc/postfix/sender_checks, check_policy_service unix:private/policy-spf, diff --git a/mail/etc/postfix/post-install b/mail/etc/postfix/post-install old mode 100755 new mode 100644 diff --git a/mail/etc/postfix/postfix-script b/mail/etc/postfix/postfix-script old mode 100755 new mode 100644 diff --git a/mail/etc/postfix/recipient_restrictions b/mail/etc/postfix/recipient_restrictions index 1bf0d42..5bdea51 100644 --- a/mail/etc/postfix/recipient_restrictions +++ b/mail/etc/postfix/recipient_restrictions @@ -51,4 +51,3 @@ tc@ketrenos.com reject tech@ketrenos.com reject webmaster@ketrenos.com reject christopher_allied@ketrenos.com reject -test@ketrenos.com reject diff --git a/mail/etc/postfix/recipient_restrictions.db b/mail/etc/postfix/recipient_restrictions.db index c2c7845c110d4eb1f849483da83f4c0e47633908..ba5e3896f5645199820c75551455fa4ee26a2f18 100644 GIT binary patch delta 56 zcmZojXh@h~!t46df`NsTfkAK8q9~)ufBD53jW$N^=4UozD48rSkj+xVQ^K>c@E!N$ MNEz+T^JNl+0r(0L)&Kwi delta 67 zcmV-J0KETzV1QtdG!ETQA(*Sp6RF_-d1cUI>4W+X58jqp&3_J!r3vb|?2%ZtW{4}t5p zVSVvP`oU8Fe|4Y#zIqh<|KD^*Kj@T>=qr7s544OEfLF9f+Z3bM?*FHE2(bTuL;nu= z+7N&M1Rwwb2tWV=5P$##{$qj5=KX5h{+AwpH3;avnVV2qquH0$%m-r&xwg;mjGeHK zscZ8B-5T3hwv5w&Scbc)n6x-p&&o@li3{9M^HsO+TQ@b$V$2%{0Ak{Bp|508&k838 F>KrORr40Z8 diff --git a/mail/etc/postfix/sender_checks b/mail/etc/postfix/sender_checks index db35281..5bed50f 100644 --- a/mail/etc/postfix/sender_checks +++ b/mail/etc/postfix/sender_checks @@ -1 +1,13 @@ +dhinman@sentinelprinting.com REJECT +*@eurotemp* REJECT +*@*.ezrewards.net REJECT +*.firsttechfed.com OK +*@johnsonrv*.com REJECT +ketrenos.com reject_unverified_sender +linkedin.com reject_unverified_sender +msivitanides@austin.rr.com REJECT +reply@windowflower.com REJECT +*.rivermarkcu.org OK *.shopify.com OK +townnorthsales4@leadcrm.com REJECT +windowflower@windowflower.com REJECT diff --git a/mail/etc/postfix/sender_checks.db b/mail/etc/postfix/sender_checks.db index c9b0844035dbed822f9e38d4882e9bf4bb0a8726..de756cc1b9dd194cfa4124a68dcd1ee5e1cd0211 100644 GIT binary patch literal 12288 zcmeI&!D`h&6b9glNKtA%Zru3*Z5E*m7cK*(E-F}%g1eTGIccUhnYo;qdqaH%=@Yn= zK0%jVxpd*83tjjG7W5sQ@%EP9i_o1Q{R2sc%*la#A&YY+N-34aJ#E#~74@T)t5EW8mqtjn&PonUrImCtX^LIWA7x{pIUd;W$A60uX=z1Rwwb2tWV= z5P$##An=a`mTUA!>LsbQpY(&i(ib|XGdiXBP-OzMyV42MeA8{QH zCU(kV8pHa)v(+pr8*vb}&M)T4%OlrX@2pJo<(a(Tcfvy@+836C%64C=EH4@(J_N4Y zhV`FY(hE!V|IKy&$7(&+|G(&xzSB4QOrPi@eV~)r0eDNhv`Oo9`}%+ShXCvUcl2|> zV?zJ}5P$##AOHafKmY;|_>Tpyi}#yl`(JAKc_X0rW@j~6CaE%Z{655$FsOu13*k{F7%a*>Pg|` GQ2ho4{-5;# delta 103 zcmZojXh@h~!Z($bfq{{OfgwZN?Dy-+$^ZDp7#TN4uIAs^(852lp=L6Rf&dp2!&`m^ r-jDom`6tSWVbQTULg516#D=57jQ-vXj9Pld8Tkd7X_b1(`MC@LlaL^+ diff --git a/mail/etc/postfix/sender_restrictions.db b/mail/etc/postfix/sender_restrictions.db index 01f4376c39fa0e459d59f303a9d078b344c40990..d76fb4aa0d26ddc701435995d0a99e45732ec0cd 100644 GIT binary patch delta 51 rcmZojXh@h~!t3+Wf`NsTfuW$$_mJV_zx?7GBkss!if)cjSiuhfz8euo delta 53 scmZojXh@h~!uMT*fq{{Ofx&kQ=T>XK$^ZDpHb&f$$0EErLSY3z0Je(|a{vGU diff --git a/mail/etc/postfix/transport b/mail/etc/postfix/transport deleted file mode 100644 index 4510023..0000000 --- a/mail/etc/postfix/transport +++ /dev/null @@ -1,37 +0,0 @@ -mailman@ketrenos.com mailman: -mailman-admin@ketrenos.com mailman: -mailman-bounces@ketrenos.com mailman: -mailman-confirm@ketrenos.com mailman: -mailman-join@ketrenos.com mailman: -mailman-leave@ketrenos.com mailman: -mailman-owner@ketrenos.com mailman: -mailman-request@ketrenos.com mailman: -mailman-subscribe@ketrenos.com mailman: -mailman-unsubscribe@ketrenos.com mailman: -test@ketrenos.com mailman: -test-admin@ketrenos.com mailman: -test-bounces@ketrenos.com mailman: -test-confirm@ketrenos.com mailman: -test-join@ketrenos.com mailman: -test-leave@ketrenos.com mailman: -test-owner@ketrenos.com mailman: -test-request@ketrenos.com mailman: -test-subscribe@ketrenos.com mailman: -jcubed@ketrenos.com mailman: -jcubed-admin@ketrenos.com mailman: -jcubed-bounces@ketrenos.com mailman: -jcubed-confirm@ketrenos.com mailman: -jcubed-join@ketrenos.com mailman: -jcubed-leave@ketrenos.com mailman: -jcubed-owner@ketrenos.com mailman: -jcubed-request@ketrenos.com mailman: -jcubed-subscribe@ketrenos.com mailman: -family@ketrenos.com mailman: -family-admin@ketrenos.com mailman: -family-bounces@ketrenos.com mailman: -family-confirm@ketrenos.com mailman: -family-join@ketrenos.com mailman: -family-leave@ketrenos.com mailman: -family-owner@ketrenos.com mailman: -family-request@ketrenos.com mailman: -family-subscribe@ketrenos.com mailman: diff --git a/mail/etc/postfix/transport.db b/mail/etc/postfix/transport.db deleted file mode 100644 index 5e25bd6a52e6b1b9535fe1bf7a1cc3046203389c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12288 zcmeI&F-yZh7zW^rpeX2lQgst&m+0;wx`^O^5R!PsXmin|(LdlKsEgpAC^#q`1f856 zTvVJy1b0^*yi0n}#5Qr!={-mqa&Pb2r_=YPj4@`ZLl0+ah>hrradiyq3&sYrm)!Y% zMZHJO&yQNIb32>TYnXNPoe8zZ{qg2{@qU)Z83GW100bZa0SG_<0uX=z1Rwx`{}w3L z=rwl5+1M*R(G6YFDIL-d)oG2EX_jVakUseff8e)Vr7$1>0SG_<0uX=z1Rwwb2tWV= ze=A@Gj^79zxxlQZh?`5>q8SMp#&cd6u)?GriQS|!6z)qAm9Ntf&YmcbxM3na5toOY zjlh?EBb{$%$B7$zk?;23(ImIRUo7W^vhGJgep~$`>H5F>IsYU(Q1$;CJ<~N^&>0=2 z_5Ug@(lpiRi+}J(e#hIq#ZS0OrlZ(H(ElO8^Z(2SX9z$50uX=z1Rwwb2tWV=5Xc0I z)p~W^t1EuHwCGI}JuBX>-8$uSz9RlPZzr<)BbidXs?}g}<=qC8DsMQLR8`Nx