Commit 6fe4103f authored by Jan-Claas Dirks's avatar Jan-Claas Dirks
parents 6c2436ec 9f557ddc
......@@ -94,16 +94,24 @@ $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
$log_level = 0; # (defaults to 0)
$inet_socket_port = [10024,10026];
$forward_method = 'smtp:[127.0.0.1]:10025';
$notify_method = 'smtp:[127.0.0.1]:10027';
# *:* = send to IP/HOST:incoming Port + 1
$forward_method = 'smtp:*:*';
$notify_method = 'smtp:*:*';
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = {
originating => 1,
smtpd_discard_ehlo_keywords => ['8BITMIME'],
forward_method => 'smtp:[127.0.0.1]:10027',
};
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12
192.168.0.0/16);
# IP-Addresses for internal networks => load policy MYNETS
# - requires -o smtp_send_xforward_command=yes in postfix master.cf
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [::1] [FE80::]/10 [FEC0::]/10);
# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port
@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 );
$signed_header_fields{'received'} = 0; # turn off signing of Received
$enable_dkim_verification = 1;
$enable_dkim_signing = 1;
......
......@@ -175,6 +175,19 @@ class installer_base {
return $force;
}
public function reconfigure_app($service, $reconfigure_services_answer) {
$reconfigure = false;
if ($reconfigure_services_answer != 'selected') {
$reconfigure = true;
} else {
if(strtolower($this->simple_query("Reconfigure $service", array('y', 'n'), 'y') ) == 'y') {
$reconfigure = true;
} else {
swriteln("Skip reconfigure $service\n");
}
}
return $reconfigure;
}
/** Create the database for ISPConfig */
......
......@@ -76,19 +76,24 @@ $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
$log_level = 0; # (defaults to 0)
$inet_socket_port = [10024,10026];
$forward_method = 'smtp:[127.0.0.1]:10025';
$notify_method = 'smtp:[127.0.0.1]:10027';
# *:* = send to IP/HOST:incoming Port + 1
$forward_method = 'smtp:*:*';
$notify_method = 'smtp:*:*';
$interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = {
originating => 1,
smtpd_discard_ehlo_keywords => ['8BITMIME'],
forward_method => 'smtp:[127.0.0.1]:10027',
};
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12
192.168.0.0/16);
# DKIM
# IP-Addresses for internal networks => load policy MYNETS
# - requires -o smtp_send_xforward_command=yes in postfix master.cf
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [::1] [FE80::]/10 [FEC0::]/10);
# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port
@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 );
# DKIM
$enable_dkim_verification = 1;
$enable_dkim_signing = 1; # load DKIM signing code
$signed_header_fields{'received'} = 0; # turn off signing of Received
......
......@@ -300,30 +300,35 @@ if($reconfigure_master_database_rights_answer == 'yes') {
//}
//** Shall the services be reconfigured during update
$reconfigure_services_answer = $inst->simple_query('Reconfigure Services?', array('yes', 'no'), 'yes','reconfigure_services');
$reconfigure_services_answer = $inst->simple_query('Reconfigure Services?', array('yes', 'no', 'selected'), 'yes','reconfigure_services');
if($reconfigure_services_answer == 'yes') {
if($reconfigure_services_answer == 'yes' || $reconfigure_services_answer == 'selected') {
if($conf['services']['mail']) {
//** Configure postfix
swriteln('Configuring Postfix');
$inst->configure_postfix('dont-create-certs');
if($inst->reconfigure_app('Postfix', $reconfigure_services_answer)) {
swriteln('Configuring Postfix');
$inst->configure_postfix('dont-create-certs');
}
//** Configure mailman
if($conf['mailman']['installed'] == true) {
if($conf['mailman']['installed'] == true && $inst->reconfigure_app('Mailman', $reconfigure_services_answer)) {
swriteln('Configuring Mailman');
$inst->configure_mailman('update');
}
//* Configure Jailkit
swriteln('Configuring Jailkit');
$inst->configure_jailkit();
if($inst->reconfigure_app('Jailkit', $reconfigure_services_answer)) {
swriteln('Configuring Jailkit');
$inst->configure_jailkit();
}
if($conf['dovecot']['installed'] == true) {
if($conf['dovecot']['installed'] == true && $inst->reconfigure_app('Dovecot', $reconfigure_services_answer)) {
//* Configure dovecot
swriteln('Configuring Dovecot');
$inst->configure_dovecot();
} else {
} elseif ($conf['courier']['installed'] == true && $inst->reconfigure_app('Courier', $reconfigure_services_answer)) {
//** Configure saslauthd
swriteln('Configuring SASL');
$inst->configure_saslauthd();
......@@ -338,27 +343,25 @@ if($reconfigure_services_answer == 'yes') {
}
//** Configure Spamasassin
swriteln('Configuring Spamassassin');
$inst->configure_spamassassin();
if($inst->reconfigure_app('Spamassassin', $reconfigure_services_answer)) {
swriteln('Configuring Spamassassin');
$inst->configure_spamassassin();
}
//** Configure Amavis
if($conf['amavis']['installed'] == true) {
if($conf['amavis']['installed'] == true && $inst->reconfigure_app('Amavisd', $reconfigure_services_answer)) {
swriteln('Configuring Amavisd');
$inst->configure_amavis();
}
//** Configure Getmail
swriteln('Configuring Getmail');
$inst->configure_getmail();
}
if($conf['services']['web'] && $conf['pureftpd']['installed'] == true) {
//** Configure Pureftpd
swriteln('Configuring Pureftpd');
$inst->configure_pureftpd();
if ($inst->reconfigure_app('Getmail', $reconfigure_services_answer)) {
swriteln('Configuring Getmail');
$inst->configure_getmail();
}
}
if($conf['services']['dns']) {
if($conf['services']['dns'] && $inst->reconfigure_app('DNS', $reconfigure_services_answer)) {
//* Configure DNS
if($conf['powerdns']['installed'] == true) {
swriteln('Configuring PowerDNS');
......@@ -373,37 +376,40 @@ if($reconfigure_services_answer == 'yes') {
}
if($conf['services']['web']) {
if($conf['webserver']['server_type'] == 'apache'){
//** Configure Apache
swriteln('Configuring Apache');
$inst->configure_apache();
//** Configure vlogger
swriteln('Configuring vlogger');
$inst->configure_vlogger();
} else {
//** Configure nginx
swriteln('Configuring nginx');
$inst->configure_nginx();
if($conf['pureftpd']['installed'] == true && $inst->reconfigure_app('Pureftpd', $reconfigure_services_answer)) {
//** Configure Pureftpd
swriteln('Configuring Pureftpd');
$inst->configure_pureftpd();
}
//** Configure apps vhost
swriteln('Configuring Apps vhost');
$inst->configure_apps_vhost();
}
if($inst->reconfigure_app('Web-Server', $reconfigure_services_answer)) {
if($conf['webserver']['server_type'] == 'apache'){
//** Configure Apache
swriteln('Configuring Apache');
$inst->configure_apache();
//** Configure vlogger
swriteln('Configuring vlogger');
$inst->configure_vlogger();
} else {
//** Configure nginx
swriteln('Configuring nginx');
$inst->configure_nginx();
}
//** Configure apps vhost
swriteln('Configuring Apps vhost');
$inst->configure_apps_vhost();
}
}
if($conf['services']['xmpp']) {
if($conf['services']['xmpp'] && $inst->reconfigure_app('XMPP', $reconfigure_services_answer)) {
//** Configure Metronome XMPP
$inst->configure_xmpp('dont-create-certs');
}
//* Configure DBServer
swriteln('Configuring Database');
$inst->configure_dbserver();
if($conf['services']['firewall']) {
if($conf['services']['firewall'] && $inst->reconfigure_app('Firewall', $reconfigure_services_answer)) {
if($conf['ufw']['installed'] == true) {
//* Configure Ubuntu Firewall
$conf['services']['firewall'] = true;
......@@ -416,6 +422,10 @@ if($reconfigure_services_answer == 'yes') {
}
}
//* Configure DBServer
swriteln('Configuring Database');
$inst->configure_dbserver();
/*
if($conf['squid']['installed'] == true) {
swriteln('Configuring Squid');
......
......@@ -210,7 +210,7 @@ class page_action extends tform_actions {
$sql = "SELECT domain, dkim_private, dkim_public, dkim_selector FROM mail_domain WHERE domain_id = ?";
$rec = $app->db->queryOneRecord($sql, $app->functions->intval($_GET['id']));
$dns_key = str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$rec['dkim_public']);
$dns_record = '.' . $rec['dkim_selector'] . '_domainkey._' . $rec['domain'] . '. 3600 TXT v=DKIM1; t=s; p=' . $dns_key;
$dns_record = $rec['dkim_selector'] . '._domainkey.' . $rec['domain'] . '. 3600 TXT v=DKIM1; t=s; p=' . $dns_key;
$app->tpl->setVar('dkim_selector', $rec['dkim_selector']);
$app->tpl->setVar('dkim_private', $rec['dkim_private']);
$app->tpl->setVar('dkim_public', $rec['dkim_public']);
......
......@@ -702,7 +702,7 @@ class monitor_tools {
$mailSubject = '';
$inHeader = true;
for($l = 0; $l < count($lines); $l++) {
if($lines[$l] == '') {
if(trim($lines[$l]) == '') {
$inHeader = false;
continue;
}
......
......@@ -122,8 +122,8 @@ class mail_plugin_dkim {
$mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail');
if ( isset($mail_config['dkim_path']) &&
!empty($mail_config['dkim_path']) &&
isset($data['new']['dkim_private']) &&
!empty($data['new']['dkim_private']) &&
// isset($data['new']['dkim_private']) &&
// !empty($data['new']['dkim_private']) &&
$mail_config['dkim_path'] != '/'
) {
if (!is_dir($mail_config['dkim_path'])) {
......@@ -199,6 +199,10 @@ class mail_plugin_dkim {
function write_dkim_key($key_file, $key_value, $key_domain) {
global $app, $mailconfig;
$success=false;
if ($key_file == '' || $key_value == '' || $key_domain == '') {
$app->log('DKIM internal error for domain '.$key_domain, LOGLEVEL_ERROR);
return $success;
}
if ( $app->system->file_put_contents($key_file.'.private', $key_value) ) {
$app->log('Saved DKIM Private-key to '.$key_file.'.private', LOGLEVEL_DEBUG);
$success=true;
......@@ -211,7 +215,7 @@ class mail_plugin_dkim {
$app->log('Saved DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
else $app->log('Unable to save DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
} else {
$app->log('Unable to save DKIM Privte-key to '.$key_file.'.private', LOGLEVEL_ERROR);
$app->log('Unable to save DKIM Private-key to '.$key_file.'.private', LOGLEVEL_ERROR);
}
return $success;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment