Commit c7397a27 authored by Marius Cramer's avatar Marius Cramer
Browse files

Merge branch 'greylist_filter' into 'master'

Greylist filter for mailadresses

Postgrey must be installed in advance (can be added to install instructions?!?)
When Updating ispconfig main.cf has to be changed to!!

See merge request !162
parents accfcafd 5b70bc43
......@@ -152,6 +152,9 @@ class installer_dist extends installer_base {
//* mysql-virtual_relayrecipientmaps.cf
$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
//* mysql-virtual_policy_greylist.cf
$this->process_postfix_config('mysql-virtual_policy_greylist.cf');
//* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re';
if(is_file($full_file_name)) {
......@@ -193,13 +196,21 @@ class installer_dist extends installer_base {
}
unset($rbl_hosts);
unset($server_ini_array);
//* If Postgrey is installed, configure it
$greylisting = '';
if($conf['postgrey']['installed'] == true) {
$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
}
//* These postconf commands will be executed on installation and update
$postconf_placeholders = array('{config_dir}' => $config_dir,
'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
'{vmail_userid}' => $cf['vmail_userid'],
'{vmail_groupid}' => $cf['vmail_groupid'],
'{rbl_list}' => $rbl_list);
'{rbl_list}' => $rbl_list,
'{greylisting}' => $greylisting,
);
$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');
$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
......
......@@ -168,6 +168,9 @@ class installer_dist extends installer_base {
//* mysql-virtual_relayrecipientmaps.cf
$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
//* mysql-virtual_policy_greylist.cf
$this->process_postfix_config('mysql-virtual_policy_greylist.cf');
//* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re';
if(is_file($full_file_name)) {
......@@ -224,12 +227,20 @@ class installer_dist extends installer_base {
unset($rbl_hosts);
unset($server_ini_array);
//* If Postgrey is installed, configure it
$greylisting = '';
if($conf['postgrey']['installed'] == true) {
$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
}
//* These postconf commands will be executed on installation and update
$postconf_placeholders = array('{config_dir}' => $config_dir,
'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
'{vmail_userid}' => $cf['vmail_userid'],
'{vmail_groupid}' => $cf['vmail_groupid'],
'{rbl_list}' => $rbl_list);
'{rbl_list}' => $rbl_list,
'{greylisting}' => $greylisting,
);
$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
......
......@@ -135,6 +135,7 @@ class installer_base {
if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
if(is_installed('postfix')) $conf['postfix']['installed'] = true;
if(is_installed('postgrey')) $conf['postgrey']['installed'] = true;
if(is_installed('mailman')) $conf['mailman']['installed'] = true;
if(is_installed('apache') || is_installed('apache2') || is_installed('httpd') || is_installed('httpd2')) $conf['apache']['installed'] = true;
if(is_installed('getmail')) $conf['getmail']['installed'] = true;
......@@ -704,6 +705,9 @@ class installer_base {
//* mysql-virtual_outgoing_bcc.cf
$this->process_postfix_config('mysql-virtual_outgoing_bcc.cf');
//* mysql-virtual_policy_greylist.cf
$this->process_postfix_config('mysql-virtual_policy_greylist.cf');
//* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re';
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
......@@ -742,11 +746,19 @@ class installer_base {
unset($rbl_hosts);
unset($server_ini_array);
//* If Postgrey is installed, configure it
$greylisting = '';
if($conf['postgrey']['installed'] == true) {
$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
}
$postconf_placeholders = array('{config_dir}' => $config_dir,
'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
'{vmail_userid}' => $cf['vmail_userid'],
'{vmail_groupid}' => $cf['vmail_groupid'],
'{rbl_list}' => $rbl_list);
'{rbl_list}' => $rbl_list,
'{greylisting}' => $greylisting,
);
$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
......@@ -841,7 +853,7 @@ class installer_base {
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_saslauthd() {
global $conf;
......
......@@ -34,3 +34,6 @@ TXT|{DOMAIN}.|v=spf1 mx a ~all|0|3600' WHERE `dns_template`.`template_id` = 1;
ALTER TABLE `mail_backup` CHANGE `filesize` `filesize` VARCHAR(20) NOT NULL DEFAULT '';
ALTER TABLE `web_backup` CHANGE `filesize` `filesize` VARCHAR(20) NOT NULL DEFAULT '';
ALTER TABLE `mail_user` ADD `greylisting` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'n' AFTER `postfix`;
ALTER TABLE `mail_forwarding` ADD `greylisting` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'n' AFTER `active`;
......@@ -12,7 +12,9 @@ inet_protocols=all
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
......
......@@ -9,7 +9,9 @@ sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
......
......@@ -8,7 +8,9 @@ virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
......
user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
query = SELECT 'greylisting' FROM (SELECT greylisting, source AS email FROM mail_forwarding WHERE server_id = {server_id} UNION SELECT greylisting, email FROM mail_user WHERE server_id = {server_id}) addresses WHERE addresses.email='%s' AND addresses.greylisting='y'
hosts = {mysql_server_ip}
\ No newline at end of file
......@@ -11,7 +11,9 @@ sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
......
......@@ -124,6 +124,12 @@ $form["tabs"]['alias'] = array (
'default' => 'y',
'value' => array(0 => 'n', 1 => 'y')
),
'greylisting' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'n',
'value' => array(1 => 'y', 0 => 'n')
),
//#################################
// ENDE Datatable fields
//#################################
......
......@@ -118,6 +118,12 @@ $form["tabs"]['forward'] = array (
'default' => 'y',
'value' => array(0 => 'n', 1 => 'y')
),
'greylisting' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'n',
'value' => array(1 => 'y', 0 => 'n')
),
//#################################
// ENDE Datatable fields
//#################################
......
......@@ -233,6 +233,12 @@ $form["tabs"]['mailuser'] = array(
'default' => 'y',
'value' => array(1 => 'y', 0 => 'n')
),
'greylisting' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'n',
'value' => array(1 => 'y', 0 => 'n')
),
/*
'access' => array (
'datatype' => 'VARCHAR',
......
......@@ -11,4 +11,5 @@ $wb['duplicate_mailbox_txt'] = 'There is already a mailbox with this email addre
$wb['domain_txt'] = 'Domain';
$wb['duplicate_email_alias_txt'] = 'This email alias does already exist.';
$wb['source_txt'] = 'Alias';
$wb['greylisting_txt'] = 'Enable greylisting';
?>
......@@ -6,4 +6,5 @@ $wb['limit_mailforward_txt'] = 'The max. number of email forwarders for your acc
$wb['duplicate_mailbox_txt'] = 'There is already a mailbox with this email address';
$wb['domain_txt'] = 'Domain';
$wb['source_txt'] = 'Source Email';
$wb['greylisting_txt'] = 'Enable greylisting';
?>
......@@ -20,6 +20,7 @@ $wb['server_id_txt'] = 'Aerver_id';
$wb['password_txt'] = 'Password';
$wb['maildir_txt'] = 'Maildir';
$wb['postfix_txt'] = 'Enable Receiving';
$wb['greylisting_txt'] = 'Enable greylisting';
$wb['access_txt'] = 'Enable Access';
$wb['policy_txt'] = 'Spamfilter';
$wb['no_policy'] = '- not enabled -';
......
......@@ -11,4 +11,5 @@ $wb['duplicate_mailbox_txt'] = 'There is already a mailbox with this email addre
$wb['domain_txt'] = 'Domain';
$wb['duplicate_email_alias_txt'] = 'This email alias does already exist.';
$wb['source_txt'] = 'Alias';
$wb['greylisting_txt'] = 'Enable greylisting';
?>
......@@ -6,4 +6,5 @@ $wb['limit_mailforward_txt'] = 'Максималният брой за имей
$wb['duplicate_mailbox_txt'] = 'Вече съществува пощенска кутия с такъв адрес.';
$wb['domain_txt'] = 'Домейн';
$wb['source_txt'] = 'Source Email';
$wb['greylisting_txt'] = 'Enable greylisting';
?>
......@@ -16,6 +16,7 @@ $wb['server_id_txt'] = 'server_id';
$wb['password_txt'] = 'парола';
$wb['maildir_txt'] = 'maildir';
$wb['postfix_txt'] = 'Разреши получаване';
$wb['greylisting_txt'] = 'Enable greylisting';
$wb['access_txt'] = 'Разреши достъп';
$wb['policy_txt'] = 'Спам филтър';
$wb['no_policy'] = '- забранен -';
......
......@@ -11,4 +11,5 @@ $wb['duplicate_mailbox_txt'] = 'Já existe uma caixa de correio com este endere
$wb['domain_txt'] = 'Domínio';
$wb['duplicate_email_alias_txt'] = 'This email alias does already exist.';
$wb['source_txt'] = 'Alias';
$wb['greylisting_txt'] = 'Enable greylisting';
?>
......@@ -6,4 +6,5 @@ $wb['limit_mailforward_txt'] = 'O número máximo de encaminhamentos para sua co
$wb['duplicate_mailbox_txt'] = 'Já existe uma caixa de correio com este endereço.';
$wb['domain_txt'] = 'Domínio';
$wb['source_txt'] = 'Source Email';
$wb['greylisting_txt'] = 'Enable greylisting';
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment