Commit 6fe4103f authored by Jan-Claas Dirks's avatar Jan-Claas Dirks
parents 6c2436ec 9f557ddc
...@@ -94,16 +94,24 @@ $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log) ...@@ -94,16 +94,24 @@ $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
$log_level = 0; # (defaults to 0) $log_level = 0; # (defaults to 0)
$inet_socket_port = [10024,10026]; $inet_socket_port = [10024,10026];
$forward_method = 'smtp:[127.0.0.1]:10025';
$notify_method = 'smtp:[127.0.0.1]:10027'; # *:* = send to IP/HOST:incoming Port + 1
$forward_method = 'smtp:*:*';
$notify_method = 'smtp:*:*';
$interface_policy{'10026'} = 'ORIGINATING'; $interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = { $policy_bank{'ORIGINATING'} = {
originating => 1, originating => 1,
smtpd_discard_ehlo_keywords => ['8BITMIME'], smtpd_discard_ehlo_keywords => ['8BITMIME'],
forward_method => 'smtp:[127.0.0.1]:10027',
}; };
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12
192.168.0.0/16); # IP-Addresses for internal networks => load policy MYNETS
# - requires -o smtp_send_xforward_command=yes in postfix master.cf
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [::1] [FE80::]/10 [FEC0::]/10);
# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port
@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 );
$signed_header_fields{'received'} = 0; # turn off signing of Received $signed_header_fields{'received'} = 0; # turn off signing of Received
$enable_dkim_verification = 1; $enable_dkim_verification = 1;
$enable_dkim_signing = 1; $enable_dkim_signing = 1;
......
...@@ -175,6 +175,19 @@ class installer_base { ...@@ -175,6 +175,19 @@ class installer_base {
return $force; return $force;
} }
public function reconfigure_app($service, $reconfigure_services_answer) {
$reconfigure = false;
if ($reconfigure_services_answer != 'selected') {
$reconfigure = true;
} else {
if(strtolower($this->simple_query("Reconfigure $service", array('y', 'n'), 'y') ) == 'y') {
$reconfigure = true;
} else {
swriteln("Skip reconfigure $service\n");
}
}
return $reconfigure;
}
/** Create the database for ISPConfig */ /** Create the database for ISPConfig */
......
...@@ -76,19 +76,24 @@ $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log) ...@@ -76,19 +76,24 @@ $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
$log_level = 0; # (defaults to 0) $log_level = 0; # (defaults to 0)
$inet_socket_port = [10024,10026]; $inet_socket_port = [10024,10026];
$forward_method = 'smtp:[127.0.0.1]:10025';
$notify_method = 'smtp:[127.0.0.1]:10027'; # *:* = send to IP/HOST:incoming Port + 1
$forward_method = 'smtp:*:*';
$notify_method = 'smtp:*:*';
$interface_policy{'10026'} = 'ORIGINATING'; $interface_policy{'10026'} = 'ORIGINATING';
$policy_bank{'ORIGINATING'} = { $policy_bank{'ORIGINATING'} = {
originating => 1, originating => 1,
smtpd_discard_ehlo_keywords => ['8BITMIME'], smtpd_discard_ehlo_keywords => ['8BITMIME'],
forward_method => 'smtp:[127.0.0.1]:10027',
}; };
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12
192.168.0.0/16);
# DKIM # IP-Addresses for internal networks => load policy MYNETS
# - requires -o smtp_send_xforward_command=yes in postfix master.cf
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [::1] [FE80::]/10 [FEC0::]/10);
# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port
@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 );
# DKIM
$enable_dkim_verification = 1; $enable_dkim_verification = 1;
$enable_dkim_signing = 1; # load DKIM signing code $enable_dkim_signing = 1; # load DKIM signing code
$signed_header_fields{'received'} = 0; # turn off signing of Received $signed_header_fields{'received'} = 0; # turn off signing of Received
......
...@@ -300,30 +300,35 @@ if($reconfigure_master_database_rights_answer == 'yes') { ...@@ -300,30 +300,35 @@ if($reconfigure_master_database_rights_answer == 'yes') {
//} //}
//** Shall the services be reconfigured during update //** Shall the services be reconfigured during update
$reconfigure_services_answer = $inst->simple_query('Reconfigure Services?', array('yes', 'no'), 'yes','reconfigure_services'); $reconfigure_services_answer = $inst->simple_query('Reconfigure Services?', array('yes', 'no', 'selected'), 'yes','reconfigure_services');
if($reconfigure_services_answer == 'yes') { if($reconfigure_services_answer == 'yes' || $reconfigure_services_answer == 'selected') {
if($conf['services']['mail']) { if($conf['services']['mail']) {
//** Configure postfix //** Configure postfix
swriteln('Configuring Postfix'); if($inst->reconfigure_app('Postfix', $reconfigure_services_answer)) {
$inst->configure_postfix('dont-create-certs'); swriteln('Configuring Postfix');
$inst->configure_postfix('dont-create-certs');
}
//** Configure mailman //** Configure mailman
if($conf['mailman']['installed'] == true) { if($conf['mailman']['installed'] == true && $inst->reconfigure_app('Mailman', $reconfigure_services_answer)) {
swriteln('Configuring Mailman'); swriteln('Configuring Mailman');
$inst->configure_mailman('update'); $inst->configure_mailman('update');
} }
//* Configure Jailkit //* Configure Jailkit
swriteln('Configuring Jailkit'); if($inst->reconfigure_app('Jailkit', $reconfigure_services_answer)) {
$inst->configure_jailkit(); swriteln('Configuring Jailkit');
$inst->configure_jailkit();
}
if($conf['dovecot']['installed'] == true) { if($conf['dovecot']['installed'] == true && $inst->reconfigure_app('Dovecot', $reconfigure_services_answer)) {
//* Configure dovecot //* Configure dovecot
swriteln('Configuring Dovecot'); swriteln('Configuring Dovecot');
$inst->configure_dovecot(); $inst->configure_dovecot();
} else { } elseif ($conf['courier']['installed'] == true && $inst->reconfigure_app('Courier', $reconfigure_services_answer)) {
//** Configure saslauthd //** Configure saslauthd
swriteln('Configuring SASL'); swriteln('Configuring SASL');
$inst->configure_saslauthd(); $inst->configure_saslauthd();
...@@ -338,27 +343,25 @@ if($reconfigure_services_answer == 'yes') { ...@@ -338,27 +343,25 @@ if($reconfigure_services_answer == 'yes') {
} }
//** Configure Spamasassin //** Configure Spamasassin
swriteln('Configuring Spamassassin'); if($inst->reconfigure_app('Spamassassin', $reconfigure_services_answer)) {
$inst->configure_spamassassin(); swriteln('Configuring Spamassassin');
$inst->configure_spamassassin();
}
//** Configure Amavis //** Configure Amavis
if($conf['amavis']['installed'] == true) { if($conf['amavis']['installed'] == true && $inst->reconfigure_app('Amavisd', $reconfigure_services_answer)) {
swriteln('Configuring Amavisd'); swriteln('Configuring Amavisd');
$inst->configure_amavis(); $inst->configure_amavis();
} }
//** Configure Getmail //** Configure Getmail
swriteln('Configuring Getmail'); if ($inst->reconfigure_app('Getmail', $reconfigure_services_answer)) {
$inst->configure_getmail(); swriteln('Configuring Getmail');
} $inst->configure_getmail();
}
if($conf['services']['web'] && $conf['pureftpd']['installed'] == true) {
//** Configure Pureftpd
swriteln('Configuring Pureftpd');
$inst->configure_pureftpd();
} }
if($conf['services']['dns']) { if($conf['services']['dns'] && $inst->reconfigure_app('DNS', $reconfigure_services_answer)) {
//* Configure DNS //* Configure DNS
if($conf['powerdns']['installed'] == true) { if($conf['powerdns']['installed'] == true) {
swriteln('Configuring PowerDNS'); swriteln('Configuring PowerDNS');
...@@ -373,37 +376,40 @@ if($reconfigure_services_answer == 'yes') { ...@@ -373,37 +376,40 @@ if($reconfigure_services_answer == 'yes') {
} }
if($conf['services']['web']) { if($conf['services']['web']) {
if($conf['webserver']['server_type'] == 'apache'){
//** Configure Apache if($conf['pureftpd']['installed'] == true && $inst->reconfigure_app('Pureftpd', $reconfigure_services_answer)) {
swriteln('Configuring Apache'); //** Configure Pureftpd
$inst->configure_apache(); swriteln('Configuring Pureftpd');
$inst->configure_pureftpd();
//** Configure vlogger
swriteln('Configuring vlogger');
$inst->configure_vlogger();
} else {
//** Configure nginx
swriteln('Configuring nginx');
$inst->configure_nginx();
} }
//** Configure apps vhost if($inst->reconfigure_app('Web-Server', $reconfigure_services_answer)) {
swriteln('Configuring Apps vhost'); if($conf['webserver']['server_type'] == 'apache'){
$inst->configure_apps_vhost(); //** Configure Apache
} swriteln('Configuring Apache');
$inst->configure_apache();
//** Configure vlogger
swriteln('Configuring vlogger');
$inst->configure_vlogger();
} else {
//** Configure nginx
swriteln('Configuring nginx');
$inst->configure_nginx();
}
//** Configure apps vhost
swriteln('Configuring Apps vhost');
$inst->configure_apps_vhost();
}
}
if($conf['services']['xmpp']) { if($conf['services']['xmpp'] && $inst->reconfigure_app('XMPP', $reconfigure_services_answer)) {
//** Configure Metronome XMPP //** Configure Metronome XMPP
$inst->configure_xmpp('dont-create-certs'); $inst->configure_xmpp('dont-create-certs');
} }
if($conf['services']['firewall'] && $inst->reconfigure_app('Firewall', $reconfigure_services_answer)) {
//* Configure DBServer
swriteln('Configuring Database');
$inst->configure_dbserver();
if($conf['services']['firewall']) {
if($conf['ufw']['installed'] == true) { if($conf['ufw']['installed'] == true) {
//* Configure Ubuntu Firewall //* Configure Ubuntu Firewall
$conf['services']['firewall'] = true; $conf['services']['firewall'] = true;
...@@ -416,6 +422,10 @@ if($reconfigure_services_answer == 'yes') { ...@@ -416,6 +422,10 @@ if($reconfigure_services_answer == 'yes') {
} }
} }
//* Configure DBServer
swriteln('Configuring Database');
$inst->configure_dbserver();
/* /*
if($conf['squid']['installed'] == true) { if($conf['squid']['installed'] == true) {
swriteln('Configuring Squid'); swriteln('Configuring Squid');
......
...@@ -210,7 +210,7 @@ class page_action extends tform_actions { ...@@ -210,7 +210,7 @@ class page_action extends tform_actions {
$sql = "SELECT domain, dkim_private, dkim_public, dkim_selector FROM mail_domain WHERE domain_id = ?"; $sql = "SELECT domain, dkim_private, dkim_public, dkim_selector FROM mail_domain WHERE domain_id = ?";
$rec = $app->db->queryOneRecord($sql, $app->functions->intval($_GET['id'])); $rec = $app->db->queryOneRecord($sql, $app->functions->intval($_GET['id']));
$dns_key = str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$rec['dkim_public']); $dns_key = str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$rec['dkim_public']);
$dns_record = '.' . $rec['dkim_selector'] . '_domainkey._' . $rec['domain'] . '. 3600 TXT v=DKIM1; t=s; p=' . $dns_key; $dns_record = $rec['dkim_selector'] . '._domainkey.' . $rec['domain'] . '. 3600 TXT v=DKIM1; t=s; p=' . $dns_key;
$app->tpl->setVar('dkim_selector', $rec['dkim_selector']); $app->tpl->setVar('dkim_selector', $rec['dkim_selector']);
$app->tpl->setVar('dkim_private', $rec['dkim_private']); $app->tpl->setVar('dkim_private', $rec['dkim_private']);
$app->tpl->setVar('dkim_public', $rec['dkim_public']); $app->tpl->setVar('dkim_public', $rec['dkim_public']);
......
...@@ -702,7 +702,7 @@ class monitor_tools { ...@@ -702,7 +702,7 @@ class monitor_tools {
$mailSubject = ''; $mailSubject = '';
$inHeader = true; $inHeader = true;
for($l = 0; $l < count($lines); $l++) { for($l = 0; $l < count($lines); $l++) {
if($lines[$l] == '') { if(trim($lines[$l]) == '') {
$inHeader = false; $inHeader = false;
continue; continue;
} }
......
...@@ -122,8 +122,8 @@ class mail_plugin_dkim { ...@@ -122,8 +122,8 @@ class mail_plugin_dkim {
$mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail'); $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail');
if ( isset($mail_config['dkim_path']) && if ( isset($mail_config['dkim_path']) &&
!empty($mail_config['dkim_path']) && !empty($mail_config['dkim_path']) &&
isset($data['new']['dkim_private']) && // isset($data['new']['dkim_private']) &&
!empty($data['new']['dkim_private']) && // !empty($data['new']['dkim_private']) &&
$mail_config['dkim_path'] != '/' $mail_config['dkim_path'] != '/'
) { ) {
if (!is_dir($mail_config['dkim_path'])) { if (!is_dir($mail_config['dkim_path'])) {
...@@ -199,6 +199,10 @@ class mail_plugin_dkim { ...@@ -199,6 +199,10 @@ class mail_plugin_dkim {
function write_dkim_key($key_file, $key_value, $key_domain) { function write_dkim_key($key_file, $key_value, $key_domain) {
global $app, $mailconfig; global $app, $mailconfig;
$success=false; $success=false;
if ($key_file == '' || $key_value == '' || $key_domain == '') {
$app->log('DKIM internal error for domain '.$key_domain, LOGLEVEL_ERROR);
return $success;
}
if ( $app->system->file_put_contents($key_file.'.private', $key_value) ) { if ( $app->system->file_put_contents($key_file.'.private', $key_value) ) {
$app->log('Saved DKIM Private-key to '.$key_file.'.private', LOGLEVEL_DEBUG); $app->log('Saved DKIM Private-key to '.$key_file.'.private', LOGLEVEL_DEBUG);
$success=true; $success=true;
...@@ -211,7 +215,7 @@ class mail_plugin_dkim { ...@@ -211,7 +215,7 @@ class mail_plugin_dkim {
$app->log('Saved DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG); $app->log('Saved DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
else $app->log('Unable to save DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG); else $app->log('Unable to save DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
} else { } else {
$app->log('Unable to save DKIM Privte-key to '.$key_file.'.private', LOGLEVEL_ERROR); $app->log('Unable to save DKIM Private-key to '.$key_file.'.private', LOGLEVEL_ERROR);
} }
return $success; return $success;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment