Commit 42e4c6e3 authored by Florian Schaal's avatar Florian Schaal
parents 5d45b769 88c307b0
<?php
$autoinstall['language'] = 'en'; // de, en (default)
$autoinstall['install_mode'] = 'standard'; // standard (default), expert
$autoinstall['hostname'] = 'server1.example.com'; // default
$autoinstall['mysql_hostname'] = 'localhost'; // default: localhost
$autoinstall['mysql_root_user'] = 'root'; // default: root
$autoinstall['mysql_root_password'] = 'howtoforge';
$autoinstall['mysql_database'] = 'dbispconfig'; // default: dbispcongig
$autoinstall['mysql_charset'] = 'utf8'; // default: utf8
$autoinstall['http_server'] = 'nginx'; // apache (default), nginx
$autoinstall['ispconfig_port'] = '8080'; // default: 8080
$autoinstall['ispconfig_use_ssl'] = 'y'; // y (default), n
/* SSL Settings */
$autoinstall['ssl_cert_country'] = 'AU';
$autoinstall['ssl_cert_state'] = 'Some-State';
$autoinstall['ssl_cert_locality'] = 'Chicago';
$autoinstall['ssl_cert_organisation'] = 'Internet Widgits Pty Ltd';
$autoinstall['ssl_cert_organisation_unit'] = 'IT department';
$autoinstall['ssl_cert_common_name'] = $autoinstall['hostname'];
/* optional expert mode settings, needed only for expert mode */
$autoinstall['mysql_ispconfig_user'] = 'ispconfig'; // default: ispconfig
$autoinstall['mysql_ispconfig_password'] = md5(uniqid(rand()));
$autoinstall['join_multiserver_setup'] = 'n'; // y, n (default)
$autoinstall['mysql_master_hostname'] = 'master.example.com';
$autoinstall['mysql_master_root_user'] = 'root';
$autoinstall['mysql_master_root_password'] = 'howtoforge';
$autoinstall['mysql_master_database'] = 'dbispconfig'; // default: dbispconfig
$autoinstall['configure_mail'] = 'y'; // y (default), n
$autoinstall['configure_jailkit'] = 'y'; // y (default), n
$autoinstall['configure_ftp'] = 'y'; // y (default), n
$autoinstall['configure_dns'] = 'y'; // y (default), n
$autoinstall['configure_apache'] = 'y'; // y (default), n
$autoinstall['configure_nginx'] = 'y'; // y (default), n
$autoinstall['configure_firewall'] = 'y'; // y (default), n
$autoinstall['install_ispconfig_web_interface'] = 'y'; // y (default), n
/* optional update settings, needed only for updates */
$autoupdate['do_backup'] = 'yes'; // yes (default), no
$autoupdate['mysql_root_password'] = 'howtoforge';
$autoupdate['mysql_master_hostname'] = 'master.example.com';
$autoupdate['mysql_master_root_user'] = 'root';
$autoupdate['mysql_master_root_password'] = 'howtoforge';
$autoupdate['mysql_master_database'] = 'dbispconfig'; // default: dbispconfig
$autoupdate['reconfigure_permissions_in_master_database'] = 'no'; // no (default), yes
$autoupdate['reconfigure_services'] = 'yes'; // yes (default), no
$autoupdate['ispconfig_port'] = '8080'; // default: 8080
$autoupdate['create_new_ispconfig_ssl_cert'] = 'no'; // no (default), yes
$autoupdate['reconfigure_crontab'] = 'yes'; // yes (default), no
<?php
$autoinstall['language'] = 'en'; // de, en (default)
$autoinstall['install_mode'] = 'standard'; // standard (default), expert
$autoinstall['hostname'] = 'server1.example.com'; // default
$autoinstall['mysql_hostname'] = 'localhost'; // default: localhost
$autoinstall['mysql_root_user'] = 'root'; // default: root
$autoinstall['mysql_root_password'] = 'howtoforge';
$autoinstall['mysql_database'] = 'dbispconfig'; // default: dbispcongig
$autoinstall['mysql_charset'] = 'utf8'; // default: utf8
$autoinstall['http_server'] = 'nginx'; // apache (default), nginx
$autoinstall['ispconfig_port'] = '8080'; // default: 8080
$autoinstall['ispconfig_use_ssl'] = 'y'; // y (default), n
/* SSL Settings */
$autoinstall['ssl_cert_country'] = 'AU';
$autoinstall['ssl_cert_state'] = 'Some-State';
$autoinstall['ssl_cert_locality'] = 'Chicago';
$autoinstall['ssl_cert_organisation'] = 'Internet Widgits Pty Ltd';
$autoinstall['ssl_cert_organisation_unit'] = 'IT department';
$autoinstall['ssl_cert_common_name'] = $autoinstall['hostname'];
/* optional expert mode settings, needed only for expert mode */
$autoinstall['mysql_ispconfig_user'] = 'ispconfig'; // default: ispconfig
$autoinstall['mysql_ispconfig_password'] = md5(uniqid(rand()));
$autoinstall['join_multiserver_setup'] = 'n'; // y, n (default)
$autoinstall['mysql_master_hostname'] = 'master.example.com';
$autoinstall['mysql_master_root_user'] = 'root';
$autoinstall['mysql_master_root_password'] = 'howtoforge';
$autoinstall['mysql_master_database'] = 'dbispconfig'; // default: dbispconfig
$autoinstall['configure_mail'] = 'y'; // y (default), n
$autoinstall['configure_jailkit'] = 'y'; // y (default), n
$autoinstall['configure_ftp'] = 'y'; // y (default), n
$autoinstall['configure_dns'] = 'y'; // y (default), n
$autoinstall['configure_apache'] = 'y'; // y (default), n
$autoinstall['configure_nginx'] = 'y'; // y (default), n
$autoinstall['configure_firewall'] = 'y'; // y (default), n
$autoinstall['install_ispconfig_web_interface'] = 'y'; // y (default), n
/* optional update settings, needed only for updates */
$autoupdate['do_backup'] = 'yes'; // yes (default), no
$autoupdate['mysql_root_password'] = 'howtoforge';
$autoupdate['mysql_master_hostname'] = 'master.example.com';
$autoupdate['mysql_master_root_user'] = 'root';
$autoupdate['mysql_master_root_password'] = 'howtoforge';
$autoupdate['mysql_master_database'] = 'dbispconfig'; // default: dbispconfig
$autoupdate['reconfigure_permissions_in_master_database'] = 'no'; // no (default), yes
$autoupdate['reconfigure_services'] = 'yes'; // yes (default), no
$autoupdate['ispconfig_port'] = '8080'; // default: 8080
$autoupdate['create_new_ispconfig_ssl_cert'] = 'no'; // no (default), yes
$autoupdate['reconfigure_crontab'] = 'yes'; // yes (default), no
?>
\ No newline at end of file
[install]
language=en
install_mode=standard
hostname=server1.example.com
mysql_hostname=localhost
mysql_root_user=root
mysql_root_password=ispconfig
mysql_database=dbispconfig
mysql_charset=utf8
http_server=apache
ispconfig_port=8080
ispconfig_use_ssl=y
[ssl_cert]
ssl_cert_country=AU
ssl_cert_state=Some-State
ssl_cert_locality=Chicago
ssl_cert_organisation=Internet Widgits Pty Ltd
ssl_cert_organisation_unit=IT department
ssl_cert_common_name=server1.example.com
[expert]
mysql_ispconfig_user=ispconfig
mysql_ispconfig_password=afStEratXBsgatRtsa42CadwhQ
join_multiserver_setup=n
mysql_master_hostname=master.example.com
mysql_master_root_user=root
mysql_master_root_password=ispconfig
mysql_master_database=dbispconfig
configure_mail=y
configure_jailkit=y
configure_ftp=y
configure_dns=y
configure_apache=y
configure_nginx=y
configure_firewall=y
install_ispconfig_web_interface=y
[update]
do_backup=yes
mysql_root_password=ispconfig
mysql_master_hostname=master.example.com
mysql_master_root_user=root
mysql_master_root_password=ispconfig
mysql_master_database=dbispconfig
reconfigure_permissions_in_master_database=no
reconfigure_services=yes
ispconfig_port=8080
create_new_ispconfig_ssl_cert=no
[install]
language=en
install_mode=standard
hostname=server1.example.com
mysql_hostname=localhost
mysql_root_user=root
mysql_root_password=ispconfig
mysql_database=dbispconfig
mysql_charset=utf8
http_server=apache
ispconfig_port=8080
ispconfig_use_ssl=y
[ssl_cert]
ssl_cert_country=AU
ssl_cert_state=Some-State
ssl_cert_locality=Chicago
ssl_cert_organisation=Internet Widgits Pty Ltd
ssl_cert_organisation_unit=IT department
ssl_cert_common_name=server1.example.com
[expert]
mysql_ispconfig_user=ispconfig
mysql_ispconfig_password=afStEratXBsgatRtsa42CadwhQ
join_multiserver_setup=n
mysql_master_hostname=master.example.com
mysql_master_root_user=root
mysql_master_root_password=ispconfig
mysql_master_database=dbispconfig
configure_mail=y
configure_jailkit=y
configure_ftp=y
configure_dns=y
configure_apache=y
configure_nginx=y
configure_firewall=y
install_ispconfig_web_interface=y
[update]
do_backup=yes
mysql_root_password=ispconfig
mysql_master_hostname=master.example.com
mysql_master_root_user=root
mysql_master_root_password=ispconfig
mysql_master_database=dbispconfig
reconfigure_permissions_in_master_database=no
reconfigure_services=yes
ispconfig_port=8080
create_new_ispconfig_ssl_cert=no
reconfigure_crontab=yes
\ No newline at end of file
# blacklist_helo - after permit_sasl, used to stop common spammers/misconfigurations
#
# This file can be used to block hostnames used in smtp HELO command which are known bad.
# Occasionally you will run into legitimate mail servers which are misconfigured and end
# up blocked here, so this is not enabled by default, but it is useful if you are prepared
# to address those cases. .local is particularly problematic, and commented out by default.
#
# Note that any server hitting this check is misconfigured, all of the names below are bogus
# and not allowed per RFC 2821.
#
# If your own users are blocked by this, they are not authenticating to your server when
# sending (this check is after permit_sasl, which permits authenticated senders).
#
# Instructions:
#
# Copy this file to /usr/local/ispconfig/server/conf-custom/install/blacklist_helo.master,
# as well as /etc/postfix/blacklist_helo, so your changes are not overwritten with ispconfig
# updates.
# probably just put REJECT lines in here,
# as OK lines will bypass a lot of other checks you may want done
# (use DUNNO instead of OK)
#
# common for spammers (check https://data.iana.org/TLD/tlds-alpha-by-domain.txt and remove valid tld's occasionally)
/.*\.administrator$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.admin$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.adsl$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.arpa$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.bac$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.coma$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.dhcp$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.dlink$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.dns$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.domain$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.dynamic$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.dyndns\.org$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.dyn$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.firewall$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.gateway$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.home$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.internal$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.intern$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.janak$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.kornet$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.lab$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.lan$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.localdomain$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.localhost$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
# .local is used by spammers a lot, but too many otherwise legit servers hit it
# (instead of REJECT, should send to greylisting)
#/.*\.local$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.loc$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.lokal$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.mail$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.nat$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.netzwerk$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.pc$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.privat$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.private$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.router$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.setup$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.119$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.beeline$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.cici$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.gt_3g$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.gt-3g$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.hananet$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.skbroadband$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
/.*\.tbroad$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
......@@ -775,7 +775,11 @@ class installer extends installer_base
//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{cgi_socket}', $cgi_socket, $content);
// SSL in apps vhost is off by default. Might change later.
$content = str_replace('{ssl_on}', 'off', $content);
$content = str_replace('{ssl_comment}', '#', $content);
wf($vhost_conf_dir.'/apps.vhost', $content);
// PHP-FPM
......
......@@ -188,7 +188,7 @@ do {
} while (!$check);
// Check if the mysql functions are loaded in PHP
if(!function_exists('mysql_connect')) die('No PHP MySQL functions available. Please ensure that the PHP MySQL module is loaded.');
if(!function_exists('mysqli_connect')) die('No PHP MySQLi functions available. Please ensure that the PHP MySQL module is loaded.');
//** Get MySQL root credentials
$finished = false;
......@@ -208,7 +208,7 @@ do {
}
//* Initialize the MySQL server connection
if(@mysql_connect($tmp_mysql_server_host . ':' . (int)$tmp_mysql_server_port, $tmp_mysql_server_admin_user, $tmp_mysql_server_admin_password)) {
if(@mysqli_connect($tmp_mysql_server_host, $tmp_mysql_server_admin_user, $tmp_mysql_server_admin_password, $tmp_mysql_server_database, (int)$tmp_mysql_server_port)) {
$conf['mysql']['host'] = $tmp_mysql_server_host;
$conf['mysql']['port'] = $tmp_mysql_server_port;
$conf['mysql']['admin_user'] = $tmp_mysql_server_admin_user;
......@@ -217,7 +217,7 @@ do {
$conf['mysql']['charset'] = $tmp_mysql_server_charset;
$finished = true;
} else {
swriteln($inst->lng('Unable to connect to the specified MySQL server').' '.mysql_error());
swriteln($inst->lng('Unable to connect to the specified MySQL server').' '.mysqli_connect_error());
}
} while ($finished == false);
unset($finished);
......@@ -553,7 +553,7 @@ if($install_mode == 'standard') {
$tmp_mysql_server_database = $inst->free_query('MySQL master server database name', $conf['mysql']['master_database'],'mysql_master_database');
//* Initialize the MySQL server connection
if(@mysql_connect($tmp_mysql_server_host . ':' . (int)$tmp_mysql_server_port, $tmp_mysql_server_admin_user, $tmp_mysql_server_admin_password)) {
if(@mysqli_connect($tmp_mysql_server_host, $tmp_mysql_server_admin_user, $tmp_mysql_server_admin_password, $tmp_mysql_server_database, (int)$tmp_mysql_server_port)) {
$conf['mysql']['master_host'] = $tmp_mysql_server_host;
$conf['mysql']['master_port'] = $tmp_mysql_server_port;
$conf['mysql']['master_admin_user'] = $tmp_mysql_server_admin_user;
......@@ -561,7 +561,7 @@ if($install_mode == 'standard') {
$conf['mysql']['master_database'] = $tmp_mysql_server_database;
$finished = true;
} else {
swriteln($inst->lng('Unable to connect to mysql server').' '.mysql_error());
swriteln($inst->lng('Unable to connect to mysql server').' '.mysqli_connect_error());
}
} while ($finished == false);
unset($finished);
......
......@@ -896,6 +896,8 @@ class installer_base {
}
unset($server_ini_array);
$tmp = str_replace('.','\.',$conf['hostname']);
$postconf_placeholders = array('{config_dir}' => $config_dir,
'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
'{vmail_userid}' => $cf['vmail_userid'],
......@@ -903,6 +905,7 @@ class installer_base {
'{rbl_list}' => $rbl_list,
'{greylisting}' => $greylisting,
'{reject_slm}' => $reject_sender_login_mismatch,
'{myhostname}' => $tmp,
);
$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
......@@ -933,6 +936,27 @@ class installer_base {
if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
//* Create auxillary postfix conf files
$configfile = 'helo_access';
if(is_file($config_dir.'/'.$configfile)) {
copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
chmod($config_dir.'/'.$configfile.'~', 0400);
}
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = strtr($content, $postconf_placeholders);
# todo: look up this server's ip addrs and loop through each
# todo: look up domains hosted on this server and loop through each
wf($config_dir.'/'.$configfile, $content);
$configfile = 'blacklist_helo';
if(is_file($config_dir.'/'.$configfile)) {
copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
chmod($config_dir.'/'.$configfile.'~', 0400);
}
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = strtr($content, $postconf_placeholders);
wf($config_dir.'/'.$configfile, $content);
//* Make a backup copy of the main.cf file
copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
......@@ -2052,6 +2076,10 @@ Email Address []:
}
$content = str_replace('{use_tcp}', $use_tcp, $content);
$content = str_replace('{use_socket}', $use_socket, $content);
// SSL in apps vhost is off by default. Might change later.
$content = str_replace('{ssl_on}', 'off', $content);
$content = str_replace('{ssl_comment}', '#', $content);
wf($vhost_conf_dir.'/apps.vhost', $content);
......
......@@ -776,7 +776,7 @@ class db_result {
*
* @access private
*/
public function db_result($iResId, $iConnection) {
public function __construct($iResId, $iConnection) {
$this->_iResId = $iResId;
$this->_iConnection = $iConnection;
}
......@@ -902,7 +902,7 @@ class fakedb_result {
*
* @access private
*/
public function fakedb_result($aData) {
public function __construct($aData) {
$this->aResultData = $aData;
$this->aLimitedData = $aData;
reset($this->aLimitedData);
......
# blacklist_helo - after permit_sasl, used to stop common spammers/misconfigurations
#
# This file can be used to block hostnames used in smtp HELO command which are known bad.
# Occasionally you will run into legitimate mail servers which are misconfigured and end
# up blocked here, so this is not enabled by default, but it is useful if you are prepared
# to address those cases.
#
# See docs/extras/blacklist_helo.master from ispconfig source for a more complete example list.
#
# If you make changes here, also copy them to /usr/local/ispconfig/server/conf-custom/install/blacklist_helo.master,
# so your changes are not overwritten with ispconfig updates.
#/.*\.administrator$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
#/.*\.admin$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
#/.*\.adsl$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
#/.*\.arpa$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
#/.*\.dhcp$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
#/.*\.dns$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
#/.*\.domain$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
#/.*\.dynamic$/ REJECT HELO hostname is using a top level domain that does not exist. See RFC 2821 section 3.6.
......@@ -24,6 +24,8 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, warn_if_reject reject_unknown_helo_hostname, permit
smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
......@@ -41,3 +43,8 @@ smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
allow_percent_hack = no
swap_bangpath = no
smtpd_reject_unlisted_sender = yes
......@@ -21,6 +21,8 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, warn_if_reject reject_unknown_helo_hostname, permit
smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
......@@ -38,3 +40,8 @@ smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
allow_percent_hack = no
swap_bangpath = no
smtpd_reject_unlisted_sender = yes
......@@ -20,6 +20,8 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, warn_if_reject reject_unknown_helo_hostname, permit
smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
......@@ -37,3 +39,8 @@ smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
allow_percent_hack = no
swap_bangpath = no
smtpd_reject_unlisted_sender = yes
# helo_access - before permit_sasl
# be sure to list your own hostname(s), domain(s) and IP address(es) here
# Reject others identifying with this machine's hostnames and IP addresses
/^{myhostname}$/ REJECT
#/^((smtp|mx|mail)\.domain1\.com$/ REJECT
#/^mail\.domain2\.com$/ REJECT
# TODO: this server's ip addr loop here
#/^\[?1\.2\.3\.4\]?$/ REJECT
#/^\[?12\.34\.56\.78\]?$/ REJECT
#/^\[?123\.234\.123\.234\]?$/ REJECT
# Reject others identifying as domains we host
# TODO: this server's hosted mail domains loop here
#/^domain1\.com$/ REJECT
#/^domain2\.com$/ REJECT
#/^domain3\.net$/ REJECT
user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
table = mail_user
select_field = sender_cc
where_field = email
additional_conditions = and postfix = 'y' and disabledeliver = 'n' and disables$
user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
table = mail_user
select_field = sender_cc
where_field = email
additional_conditions = and postfix = 'y' and disabledeliver = 'n' and disables$
hosts = 127.0.0.1
\ No newline at end of file
user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
table = mail_user
select_field = sender_cc
where_field = email
additional_conditions = and postfix = 'y' and disabledeliver = 'n' and disablesmtp = 'n'
user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
table = mail_user
select_field = sender_cc
where_field = email
additional_conditions = and postfix = 'y' and disabledeliver = 'n' and disablesmtp = 'n'
hosts = 127.0.0.1
\ No newline at end of file
......@@ -23,6 +23,8 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, warn_if_reject reject_unknown_helo_hostname, permit
smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
......@@ -40,3 +42,8 @@ smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
allow_percent_hack = no
swap_bangpath = no
smtpd_reject_unlisted_sender = yes
......@@ -65,16 +65,16 @@ if($do_uninstall == 'yes') {
//exec("/etc/init.d/mysqld stop");
//exec("rm -rf /var/lib/mysql/".$conf["db_database"]);
//exec("/etc/init.d/mysqld start");
$link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
$link = mysqli_connect($clientdb_host, $clientdb_user, $clientdb_password);
if (!$link) {
echo "Unable to connect to the database'.mysql_error($link)";
} else {
$result=mysql_query("DROP DATABASE ".$conf['db_database']."';", $link);
if (!$result) echo "Unable to remove the ispconfig-database ".$conf['db_database']." ".mysql_error($link)."\n";
$result=mysql_query("DROP USER '".$conf['db_user'] ."';");
if (!$result) echo "Unable to remove the ispconfig-database-user ".$conf['db_user']." ".mysql_error($link)."\n";
$result=mysqli_query($link,"DROP DATABASE ".$conf['db_database']."';");
if (!$result) echo "Unable to remove the ispconfig-database ".$conf['db_database']." ".mysqli_error($link)."\n";
$result=mysqli_query($link, "DROP USER '".$conf['db_user'] ."';");
if (!$result) echo "Unable to remove the ispconfig-database-user ".$conf['db_user']." ".mysqli_error($link)."\n";
}
mysql_close($link);