From 20f478fd5e36bb03dd6850d3f5e8a2a459a6dc2b Mon Sep 17 00:00:00 2001
From: Dominik <info@profi-webdesign.com>
Date: Mon, 6 Apr 2015 03:32:59 +0200
Subject: [PATCH] Keep reject-sender-mismatch-setting also when updating Fixed
 missing parts for greylist, rbl in gentoo

---
 install/dist/lib/fedora.lib.php          | 13 +++++++---
 install/dist/lib/gentoo.lib.php          | 31 +++++++++++++++++++++++-
 install/dist/lib/opensuse.lib.php        | 13 +++++++---
 install/lib/installer_base.lib.php       | 10 ++++++--
 install/tpl/debian_postfix.conf.master   |  2 +-
 install/tpl/fedora_postfix.conf.master   |  2 +-
 install/tpl/gentoo_postfix.conf.master   |  2 +-
 install/tpl/opensuse_postfix.conf.master |  2 +-
 8 files changed, 60 insertions(+), 15 deletions(-)

diff --git a/install/dist/lib/fedora.lib.php b/install/dist/lib/fedora.lib.php
index 371520687a..ecdb00f61e 100644
--- a/install/dist/lib/fedora.lib.php
+++ b/install/dist/lib/fedora.lib.php
@@ -198,23 +198,28 @@ class installer_dist extends installer_base {
 			}
 		}
 		unset($rbl_hosts);
-		unset($server_ini_array);
 		
 		//* If Postgrey is installed, configure it
 		$greylisting = '';
 		if($conf['postgrey']['installed'] == true) {
-			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
 		}
 		
-		//* These postconf commands will be executed on installation and update
+		$reject_sender_login_mismatch = '';
+		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+		}
+		unset($server_ini_array);
+		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
+			'{reject_slm}' => $reject_sender_login_mismatch,
 		);
-
+		
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
 		$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
diff --git a/install/dist/lib/gentoo.lib.php b/install/dist/lib/gentoo.lib.php
index 6e463ec607..affae723a9 100644
--- a/install/dist/lib/gentoo.lib.php
+++ b/install/dist/lib/gentoo.lib.php
@@ -81,11 +81,40 @@ class installer extends installer_base
 		}
 
 		//* These postconf commands will be executed on installation and update
+		$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM `" . $this->db->quote($conf["mysql"]["database"]) . "`.`server` WHERE server_id = ".$conf['server_id']);
+		$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
+		unset($server_ini_rec);
+
+		//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
+		$rbl_list = '';
+		if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
+			$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
+			foreach ($rbl_hosts as $key => $value) {
+				$rbl_list .= ", reject_rbl_client ". $value;
+			}
+		}
+		unset($rbl_hosts);
+
+		//* If Postgrey is installed, configure it
+		$greylisting = '';
+		if($conf['postgrey']['installed'] == true) {
+			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
+		$reject_sender_login_mismatch = '';
+		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+		}
+		unset($server_ini_array);
+		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
-			'{rbl_list}' => $rbl_list);
+			'{rbl_list}' => $rbl_list,
+			'{greylisting}' => $greylisting,
+			'{reject_slm}' => $reject_sender_login_mismatch,
+		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_postfix.conf.master', 'tpl/gentoo_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
diff --git a/install/dist/lib/opensuse.lib.php b/install/dist/lib/opensuse.lib.php
index e772e0b6e3..c60f9db65d 100644
--- a/install/dist/lib/opensuse.lib.php
+++ b/install/dist/lib/opensuse.lib.php
@@ -228,23 +228,28 @@ class installer_dist extends installer_base {
 			}
 		}
 		unset($rbl_hosts);
-		unset($server_ini_array);
 
 		//* If Postgrey is installed, configure it
 		$greylisting = '';
 		if($conf['postgrey']['installed'] == true) {
-			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
 		}
 		
-		//* These postconf commands will be executed on installation and update
+		$reject_sender_login_mismatch = '';
+		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+		}
+		unset($server_ini_array);
+		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
+			'{reject_slm}' => $reject_sender_login_mismatch,
 		);
-
+		
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
 		$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 640732ee9a..cf9b51912e 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -748,13 +748,18 @@ class installer_base {
 			}
 		}
 		unset($rbl_hosts);
-		unset($server_ini_array);
 
 		//* If Postgrey is installed, configure it
 		$greylisting = '';
 		if($conf['postgrey']['installed'] == true) {
-			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
+		$reject_sender_login_mismatch = '';
+		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
 		}
+		unset($server_ini_array);
 		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
@@ -762,6 +767,7 @@ class installer_base {
 			'{vmail_groupid}' => $cf['vmail_groupid'],
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
+			'{reject_slm}' => $reject_sender_login_mismatch,
 		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
diff --git a/install/tpl/debian_postfix.conf.master b/install/tpl/debian_postfix.conf.master
index 221abec038..911b1cabb9 100644
--- a/install/tpl/debian_postfix.conf.master
+++ b/install/tpl/debian_postfix.conf.master
@@ -24,7 +24,7 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
-smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
+smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1
diff --git a/install/tpl/fedora_postfix.conf.master b/install/tpl/fedora_postfix.conf.master
index 3a6c70f4b1..473bbceba8 100644
--- a/install/tpl/fedora_postfix.conf.master
+++ b/install/tpl/fedora_postfix.conf.master
@@ -21,7 +21,7 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
-smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
+smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1
diff --git a/install/tpl/gentoo_postfix.conf.master b/install/tpl/gentoo_postfix.conf.master
index 6625a62d9b..f5730f7e9f 100644
--- a/install/tpl/gentoo_postfix.conf.master
+++ b/install/tpl/gentoo_postfix.conf.master
@@ -20,7 +20,7 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
-smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
+smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1
diff --git a/install/tpl/opensuse_postfix.conf.master b/install/tpl/opensuse_postfix.conf.master
index 10a2cd4642..f018e23210 100644
--- a/install/tpl/opensuse_postfix.conf.master
+++ b/install/tpl/opensuse_postfix.conf.master
@@ -23,7 +23,7 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
-smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
+smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1
-- 
GitLab