Postgrey Filter configurable

75722e70 · Dominik · Dominik · 4452e73b · 75722e70 · 75722e70
Commit 75722e70 authored Jan 30, 2015 by Dominik Committed by Dominik Jan 30, 2015
--- a/install/dist/lib/fedora.lib.php
+++ b/install/dist/lib/fedora.lib.php
@@ -152,6 +152,9 @@ class installer_dist extends installer_base {
 		//* mysql-virtual_relayrecipientmaps.cf
 		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');

+		//* mysql-virtual_policy_greylist.cf
+		$this->process_postfix_config('mysql-virtual_policy_greylist.cf');
+
 		//* postfix-dkim
 		$full_file_name=$config_dir.'/tag_as_originating.re';
 		if(is_file($full_file_name)) {
@@ -193,13 +196,21 @@ class installer_dist extends installer_base {
 		}
 		unset($rbl_hosts);
 		unset($server_ini_array);
-
+		
+		//* If Postgrey is installed, configure it
+		$greylisting = '';
+		if($conf['postgrey']['installed'] == true) {
+			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
 		//* These postconf commands will be executed on installation and update
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
-			'{rbl_list}' => $rbl_list);
+			'{rbl_list}' => $rbl_list,
+			'{greylisting}' => $greylisting,
+		);

 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);

--- a/install/dist/lib/opensuse.lib.php
+++ b/install/dist/lib/opensuse.lib.php
@@ -168,6 +168,9 @@ class installer_dist extends installer_base {
 		//* mysql-virtual_relayrecipientmaps.cf
 		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');

+		//* mysql-virtual_policy_greylist.cf
+		$this->process_postfix_config('mysql-virtual_policy_greylist.cf');
+
 		//* postfix-dkim
 		$full_file_name=$config_dir.'/tag_as_originating.re';
 		if(is_file($full_file_name)) {
@@ -224,12 +227,20 @@ class installer_dist extends installer_base {
 		unset($rbl_hosts);
 		unset($server_ini_array);

+		//* If Postgrey is installed, configure it
+		$greylisting = '';
+		if($conf['postgrey']['installed'] == true) {
+			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
 		//* These postconf commands will be executed on installation and update
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
-			'{rbl_list}' => $rbl_list);
+			'{rbl_list}' => $rbl_list,
+			'{greylisting}' => $greylisting,
+		);

 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);

--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -135,6 +135,7 @@ class installer_base {

 		if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
 		if(is_installed('postfix')) $conf['postfix']['installed'] = true;
+		if(is_installed('postgrey')) $conf['postgrey']['installed'] = true;
 		if(is_installed('mailman')) $conf['mailman']['installed'] = true;
 		if(is_installed('apache') || is_installed('apache2') || is_installed('httpd') || is_installed('httpd2')) $conf['apache']['installed'] = true;
 		if(is_installed('getmail')) $conf['getmail']['installed'] = true;
@@ -704,6 +705,9 @@ class installer_base {
 		//* mysql-virtual_outgoing_bcc.cf
 		$this->process_postfix_config('mysql-virtual_outgoing_bcc.cf');

+                //* mysql-virtual_policy_greylist.cf
+                $this->process_postfix_config('mysql-virtual_policy_greylist.cf');
+
 		//* postfix-dkim
 		$full_file_name=$config_dir.'/tag_as_originating.re';
 		if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
@@ -742,11 +746,19 @@ class installer_base {
 		unset($rbl_hosts);
 		unset($server_ini_array);

+		//* If Postgrey is installed, configure it
+		$greylisting = '';
+		if($conf['postgrey']['installed'] == true) {
+			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
-			'{rbl_list}' => $rbl_list);
+			'{rbl_list}' => $rbl_list,
+			'{greylisting}' => $greylisting,
+		);

 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
@@ -841,6 +853,10 @@ class installer_base {
 		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

 	}
+	
+	public function configure_postgrey() {
+		
+	}

 	public function configure_saslauthd() {
 		global $conf;

--- a/install/sql/incremental/upd_dev_collection.sql
+++ b/install/sql/incremental/upd_dev_collection.sql
@@ -34,3 +34,6 @@ TXT|{DOMAIN}.|v=spf1 mx a ~all|0|3600' WHERE `dns_template`.`template_id` = 1;

 ALTER TABLE `mail_backup` CHANGE `filesize` `filesize` VARCHAR(20) NOT NULL DEFAULT '';
 ALTER TABLE `web_backup` CHANGE `filesize` `filesize` VARCHAR(20) NOT NULL DEFAULT '';
+
+ALTER TABLE `mail_user` ADD `greylisting` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'n' AFTER `postfix`;
+ALTER TABLE `mail_forwarding` ADD `greylisting` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'n' AFTER `active`;
--- a/install/tpl/debian_postfix.conf.master
+++ b/install/tpl/debian_postfix.conf.master
@@ -12,7 +12,9 @@ inet_protocols=all
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
+smtpd_restriction_classes = greylisting
+greylisting = check_policy_service inet:127.0.0.1:10023 
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

--- a/install/tpl/fedora_postfix.conf.master
+++ b/install/tpl/fedora_postfix.conf.master
@@ -9,7 +9,9 @@ sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
+smtpd_restriction_classes = greylisting
+greylisting = check_policy_service inet:127.0.0.1:10023
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

--- a/install/tpl/gentoo_postfix.conf.master
+++ b/install/tpl/gentoo_postfix.conf.master
@@ -8,7 +8,9 @@ virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
+smtpd_restriction_classes = greylisting
+greylisting = check_policy_service inet:127.0.0.1:10023
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

--- a/install/tpl/mysql-virtual_policy_greylist.cf.master
+++ b/install/tpl/mysql-virtual_policy_greylist.cf.master
+user = {mysql_server_ispconfig_user}
+password = {mysql_server_ispconfig_password}
+dbname = {mysql_server_database}
+query = SELECT 'greylisting' FROM mail_user WHERE email='%s' AND greylisting='y' and server_id = {server_id}
+hosts = {mysql_server_ip}
\ No newline at end of file
--- a/install/tpl/opensuse_postfix.conf.master
+++ b/install/tpl/opensuse_postfix.conf.master
@@ -11,7 +11,9 @@ sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
+smtpd_restriction_classes = greylisting
+greylisting = check_policy_service inet:127.0.0.1:10023
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

--- a/interface/web/mail/form/mail_alias.tform.php
+++ b/interface/web/mail/form/mail_alias.tform.php
@@ -124,6 +124,12 @@ $form["tabs"]['alias'] = array (
 			'default' => 'y',
 			'value'  => array(0 => 'n', 1 => 'y')
 		),
+		'greylisting' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'n',
+			'value'  => array(1 => 'y', 0 => 'n')
+		),
 		//#################################
 		// ENDE Datatable fields
 		//#################################

--- a/interface/web/mail/form/mail_forward.tform.php
+++ b/interface/web/mail/form/mail_forward.tform.php
@@ -118,6 +118,12 @@ $form["tabs"]['forward'] = array (
 			'default' => 'y',
 			'value'  => array(0 => 'n', 1 => 'y')
 		),
+		'greylisting' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'n',
+			'value'  => array(1 => 'y', 0 => 'n')
+		),
 		//#################################
 		// ENDE Datatable fields
 		//#################################

--- a/interface/web/mail/form/mail_user.tform.php
+++ b/interface/web/mail/form/mail_user.tform.php
@@ -233,6 +233,12 @@ $form["tabs"]['mailuser'] = array(
 			'default' => 'y',
 			'value'  => array(1 => 'y', 0 => 'n')
 		),
+		'greylisting' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'n',
+			'value'  => array(1 => 'y', 0 => 'n')
+		),
 		/*
 		'access' => array (
 			'datatype'	=> 'VARCHAR',

--- a/interface/web/mail/lib/lang/ar_mail_user.lng
+++ b/interface/web/mail/lib/lang/ar_mail_user.lng
@@ -20,6 +20,7 @@ $wb['server_id_txt'] = 'Aerver_id';
 $wb['password_txt'] = 'Password';
 $wb['maildir_txt'] = 'Maildir';
 $wb['postfix_txt'] = 'Enable Receiving';
+$wb["greylisting_txt"] = 'Enable greylisting';
 $wb['access_txt'] = 'Enable Access';
 $wb['policy_txt'] = 'Spamfilter';
 $wb['no_policy'] = '- not enabled -';

--- a/interface/web/mail/lib/lang/bg_mail_user.lng
+++ b/interface/web/mail/lib/lang/bg_mail_user.lng
@@ -16,6 +16,7 @@ $wb['server_id_txt'] = 'server_id';
 $wb['password_txt'] = 'парола';
 $wb['maildir_txt'] = 'maildir';
 $wb['postfix_txt'] = 'Разреши получаване';
+$wb["greylisting_txt"] = 'Enable greylisting';
 $wb['access_txt'] = 'Разреши достъп';
 $wb['policy_txt'] = 'Спам филтър';
 $wb['no_policy'] = '- забранен -';

--- a/interface/web/mail/lib/lang/br_mail_user.lng
+++ b/interface/web/mail/lib/lang/br_mail_user.lng
@@ -16,6 +16,7 @@ $wb['server_id_txt'] = 'Server_id';
 $wb['password_txt'] = 'Senha';
 $wb['maildir_txt'] = 'Maildir';
 $wb['postfix_txt'] = 'Habilitar Recebimento';
+$wb["greylisting_txt"] = 'Enable greylisting';
 $wb['access_txt'] = 'Habilitar Acesso';
 $wb['policy_txt'] = 'Spamfilter';
 $wb['no_policy'] = '- desativado -';

--- a/interface/web/mail/lib/lang/cz_mail_user.lng
+++ b/interface/web/mail/lib/lang/cz_mail_user.lng
@@ -20,6 +20,7 @@ $wb['server_id_txt'] = 'Server_id';
 $wb['password_txt'] = 'Heslo';
 $wb['maildir_txt'] = 'E-mailový adresář';
 $wb['postfix_txt'] = 'Povolit příjem';
+$wb["greylisting_txt"] = 'Enable greylisting';
 $wb['access_txt'] = 'Povolit přístup';
 $wb['policy_txt'] = 'Spamový filtr';
 $wb['no_policy'] = '- nepovoleno -';

--- a/interface/web/mail/lib/lang/de_mail_user.lng
+++ b/interface/web/mail/lib/lang/de_mail_user.lng
@@ -17,6 +17,7 @@ $wb['server_id_txt'] = 'Server ID';
 $wb['password_txt'] = 'Passwort';
 $wb['maildir_txt'] = 'E-Mail Verzeichnis';
 $wb['postfix_txt'] = 'Aktiviere Empfang';
+$wb["greylisting_txt"] = 'Aktiviere Greylisting';
 $wb['access_txt'] = 'Aktiviere Zugriff';
 $wb['policy_txt'] = 'Spamfilter';
 $wb['no_policy'] = '- nicht aktiviert -';

--- a/interface/web/mail/lib/lang/el_mail_user.lng
+++ b/interface/web/mail/lib/lang/el_mail_user.lng
@@ -20,6 +20,7 @@ $wb['server_id_txt'] = 'Aerver_id';
 $wb['password_txt'] = 'Συνθηματικό';
 $wb['maildir_txt'] = 'Maildir';
 $wb['postfix_txt'] = 'Ενεργοποίηση Λήψης';
+$wb["greylisting_txt"] = 'Enable greylisting';
 $wb['access_txt'] = 'Ενεργοποίηση Πρόσβασης';
 $wb['policy_txt'] = 'Φίλτρο Spam';
 $wb['no_policy'] = '- ανενεργή -';

--- a/interface/web/mail/lib/lang/en_mail_user.lng
+++ b/interface/web/mail/lib/lang/en_mail_user.lng
@@ -22,6 +22,7 @@ $wb["server_id_txt"] = 'Aerver_id';
 $wb["password_txt"] = 'Password';
 $wb["maildir_txt"] = 'Maildir';
 $wb["postfix_txt"] = 'Enable receiving';
+$wb["greylisting_txt"] = 'Enable greylisting';
 $wb["access_txt"] = 'Enable access';
 $wb["policy_txt"] = 'Spamfilter';
 $wb["no_policy"] = '- not enabled -';

--- a/interface/web/mail/lib/lang/es_mail_user.lng
+++ b/interface/web/mail/lib/lang/es_mail_user.lng
@@ -19,6 +19,7 @@ $wb['server_id_txt'] = 'Servidor';
 $wb['password_txt'] = 'Contraseña';
 $wb['maildir_txt'] = 'Directorio del buzón';
 $wb['postfix_txt'] = 'Habilitar la recepción';
+$wb["greylisting_txt"] = 'Enable greylisting';
 $wb['access_txt'] = 'Habilitar el acceso';
 $wb['policy_txt'] = 'Filtro de spam';
 $wb['no_policy'] = '- no habilitado -';