diff --git a/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master b/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master index 32ee177b75bc62caefcf57c0ec585be98528c81b..c05ce9835bf4bca8156cdfbe25a67dcecc1a4983 100644 --- a/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master +++ b/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master @@ -94,16 +94,24 @@ $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log) $log_level = 0; # (defaults to 0) $inet_socket_port = [10024,10026]; -$forward_method = 'smtp:[127.0.0.1]:10025'; -$notify_method = 'smtp:[127.0.0.1]:10027'; + +# *:* = send to IP/HOST:incoming Port + 1 +$forward_method = 'smtp:*:*'; +$notify_method = 'smtp:*:*'; + $interface_policy{'10026'} = 'ORIGINATING'; $policy_bank{'ORIGINATING'} = { originating => 1, smtpd_discard_ehlo_keywords => ['8BITMIME'], - forward_method => 'smtp:[127.0.0.1]:10027', }; -@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 -192.168.0.0/16); + +# IP-Addresses for internal networks => load policy MYNETS +# - requires -o smtp_send_xforward_command=yes in postfix master.cf +@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [::1] [FE80::]/10 [FEC0::]/10); + +# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port +@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 ); + $signed_header_fields{'received'} = 0; # turn off signing of Received $enable_dkim_verification = 1; $enable_dkim_signing = 1; diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php index 3ad7bc9e03ba00548db55d8b12080f1b2b82c440..c333a5ef1fa02d1e940973e1c26c39f1121e393a 100644 --- a/install/lib/installer_base.lib.php +++ b/install/lib/installer_base.lib.php @@ -175,6 +175,19 @@ class installer_base { return $force; } + public function reconfigure_app($service, $reconfigure_services_answer) { + $reconfigure = false; + if ($reconfigure_services_answer != 'selected') { + $reconfigure = true; + } else { + if(strtolower($this->simple_query("Reconfigure $service", array('y', 'n'), 'y') ) == 'y') { + $reconfigure = true; + } else { + swriteln("Skip reconfigure $service\n"); + } + } + return $reconfigure; + } /** Create the database for ISPConfig */ diff --git a/install/tpl/amavisd_user_config.master b/install/tpl/amavisd_user_config.master index 2e5a73d5dc44111b4d95b2f85f5cf56f834d1716..c729a7c92686a2e5d63552b0fba2074ae31ab07b 100644 --- a/install/tpl/amavisd_user_config.master +++ b/install/tpl/amavisd_user_config.master @@ -76,19 +76,24 @@ $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log) $log_level = 0; # (defaults to 0) $inet_socket_port = [10024,10026]; -$forward_method = 'smtp:[127.0.0.1]:10025'; -$notify_method = 'smtp:[127.0.0.1]:10027'; + +# *:* = send to IP/HOST:incoming Port + 1 +$forward_method = 'smtp:*:*'; +$notify_method = 'smtp:*:*'; $interface_policy{'10026'} = 'ORIGINATING'; $policy_bank{'ORIGINATING'} = { originating => 1, smtpd_discard_ehlo_keywords => ['8BITMIME'], - forward_method => 'smtp:[127.0.0.1]:10027', }; -@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 -192.168.0.0/16); -# DKIM +# IP-Addresses for internal networks => load policy MYNETS +# - requires -o smtp_send_xforward_command=yes in postfix master.cf +@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [::1] [FE80::]/10 [FEC0::]/10); +# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port +@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 ); + +# DKIM $enable_dkim_verification = 1; $enable_dkim_signing = 1; # load DKIM signing code $signed_header_fields{'received'} = 0; # turn off signing of Received diff --git a/install/update.php b/install/update.php index 1fec2cccb106ab41a00fb2b47da1bf272665c5b0..970a107fb254d6a937d4d64835b40f161a43dd61 100644 --- a/install/update.php +++ b/install/update.php @@ -300,30 +300,35 @@ if($reconfigure_master_database_rights_answer == 'yes') { //} //** Shall the services be reconfigured during update -$reconfigure_services_answer = $inst->simple_query('Reconfigure Services?', array('yes', 'no'), 'yes','reconfigure_services'); +$reconfigure_services_answer = $inst->simple_query('Reconfigure Services?', array('yes', 'no', 'selected'), 'yes','reconfigure_services'); -if($reconfigure_services_answer == 'yes') { +if($reconfigure_services_answer == 'yes' || $reconfigure_services_answer == 'selected') { if($conf['services']['mail']) { + //** Configure postfix - swriteln('Configuring Postfix'); - $inst->configure_postfix('dont-create-certs'); + if($inst->reconfigure_app('Postfix', $reconfigure_services_answer)) { + swriteln('Configuring Postfix'); + $inst->configure_postfix('dont-create-certs'); + } //** Configure mailman - if($conf['mailman']['installed'] == true) { + if($conf['mailman']['installed'] == true && $inst->reconfigure_app('Mailman', $reconfigure_services_answer)) { swriteln('Configuring Mailman'); $inst->configure_mailman('update'); } //* Configure Jailkit - swriteln('Configuring Jailkit'); - $inst->configure_jailkit(); + if($inst->reconfigure_app('Jailkit', $reconfigure_services_answer)) { + swriteln('Configuring Jailkit'); + $inst->configure_jailkit(); + } - if($conf['dovecot']['installed'] == true) { + if($conf['dovecot']['installed'] == true && $inst->reconfigure_app('Dovecot', $reconfigure_services_answer)) { //* Configure dovecot swriteln('Configuring Dovecot'); $inst->configure_dovecot(); - } else { + } elseif ($conf['courier']['installed'] == true && $inst->reconfigure_app('Courier', $reconfigure_services_answer)) { //** Configure saslauthd swriteln('Configuring SASL'); $inst->configure_saslauthd(); @@ -338,27 +343,25 @@ if($reconfigure_services_answer == 'yes') { } //** Configure Spamasassin - swriteln('Configuring Spamassassin'); - $inst->configure_spamassassin(); + if($inst->reconfigure_app('Spamassassin', $reconfigure_services_answer)) { + swriteln('Configuring Spamassassin'); + $inst->configure_spamassassin(); + } //** Configure Amavis - if($conf['amavis']['installed'] == true) { + if($conf['amavis']['installed'] == true && $inst->reconfigure_app('Amavisd', $reconfigure_services_answer)) { swriteln('Configuring Amavisd'); $inst->configure_amavis(); } //** Configure Getmail - swriteln('Configuring Getmail'); - $inst->configure_getmail(); - } - - if($conf['services']['web'] && $conf['pureftpd']['installed'] == true) { - //** Configure Pureftpd - swriteln('Configuring Pureftpd'); - $inst->configure_pureftpd(); + if ($inst->reconfigure_app('Getmail', $reconfigure_services_answer)) { + swriteln('Configuring Getmail'); + $inst->configure_getmail(); + } } - if($conf['services']['dns']) { + if($conf['services']['dns'] && $inst->reconfigure_app('DNS', $reconfigure_services_answer)) { //* Configure DNS if($conf['powerdns']['installed'] == true) { swriteln('Configuring PowerDNS'); @@ -373,37 +376,40 @@ if($reconfigure_services_answer == 'yes') { } if($conf['services']['web']) { - if($conf['webserver']['server_type'] == 'apache'){ - //** Configure Apache - swriteln('Configuring Apache'); - $inst->configure_apache(); - - //** Configure vlogger - swriteln('Configuring vlogger'); - $inst->configure_vlogger(); - } else { - //** Configure nginx - swriteln('Configuring nginx'); - $inst->configure_nginx(); + + if($conf['pureftpd']['installed'] == true && $inst->reconfigure_app('Pureftpd', $reconfigure_services_answer)) { + //** Configure Pureftpd + swriteln('Configuring Pureftpd'); + $inst->configure_pureftpd(); } - //** Configure apps vhost - swriteln('Configuring Apps vhost'); - $inst->configure_apps_vhost(); - } + if($inst->reconfigure_app('Web-Server', $reconfigure_services_answer)) { + if($conf['webserver']['server_type'] == 'apache'){ + //** Configure Apache + swriteln('Configuring Apache'); + $inst->configure_apache(); + + //** Configure vlogger + swriteln('Configuring vlogger'); + $inst->configure_vlogger(); + } else { + //** Configure nginx + swriteln('Configuring nginx'); + $inst->configure_nginx(); + } + + //** Configure apps vhost + swriteln('Configuring Apps vhost'); + $inst->configure_apps_vhost(); + } + } - if($conf['services']['xmpp']) { + if($conf['services']['xmpp'] && $inst->reconfigure_app('XMPP', $reconfigure_services_answer)) { //** Configure Metronome XMPP $inst->configure_xmpp('dont-create-certs'); } - - //* Configure DBServer - swriteln('Configuring Database'); - $inst->configure_dbserver(); - - - if($conf['services']['firewall']) { + if($conf['services']['firewall'] && $inst->reconfigure_app('Firewall', $reconfigure_services_answer)) { if($conf['ufw']['installed'] == true) { //* Configure Ubuntu Firewall $conf['services']['firewall'] = true; @@ -416,6 +422,10 @@ if($reconfigure_services_answer == 'yes') { } } + //* Configure DBServer + swriteln('Configuring Database'); + $inst->configure_dbserver(); + /* if($conf['squid']['installed'] == true) { swriteln('Configuring Squid'); diff --git a/interface/web/mail/mail_domain_edit.php b/interface/web/mail/mail_domain_edit.php index 3c474aa7de97f3a827bf46374dae733a8845adef..d87b921c8476ae7a2fbe4de75fd89b878f65f19e 100644 --- a/interface/web/mail/mail_domain_edit.php +++ b/interface/web/mail/mail_domain_edit.php @@ -210,7 +210,7 @@ class page_action extends tform_actions { $sql = "SELECT domain, dkim_private, dkim_public, dkim_selector FROM mail_domain WHERE domain_id = ?"; $rec = $app->db->queryOneRecord($sql, $app->functions->intval($_GET['id'])); $dns_key = str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$rec['dkim_public']); - $dns_record = '.' . $rec['dkim_selector'] . '_domainkey._' . $rec['domain'] . '. 3600 TXT v=DKIM1; t=s; p=' . $dns_key; + $dns_record = $rec['dkim_selector'] . '._domainkey.' . $rec['domain'] . '. 3600 TXT v=DKIM1; t=s; p=' . $dns_key; $app->tpl->setVar('dkim_selector', $rec['dkim_selector']); $app->tpl->setVar('dkim_private', $rec['dkim_private']); $app->tpl->setVar('dkim_public', $rec['dkim_public']); diff --git a/server/lib/classes/monitor_tools.inc.php b/server/lib/classes/monitor_tools.inc.php index ce3d4bbc744c9a8349be901f12e6c4dac0b7a3b2..9b706ce76ff5b964b76659dffc1e9d6ee49679c5 100644 --- a/server/lib/classes/monitor_tools.inc.php +++ b/server/lib/classes/monitor_tools.inc.php @@ -702,7 +702,7 @@ class monitor_tools { $mailSubject = ''; $inHeader = true; for($l = 0; $l < count($lines); $l++) { - if($lines[$l] == '') { + if(trim($lines[$l]) == '') { $inHeader = false; continue; } diff --git a/server/plugins-available/mail_plugin_dkim.inc.php b/server/plugins-available/mail_plugin_dkim.inc.php index 7ded684ea2e69f415a361a344584e798b311202e..0e0208a472b5f812d7cac187bd7ef5d33e0398be 100755 --- a/server/plugins-available/mail_plugin_dkim.inc.php +++ b/server/plugins-available/mail_plugin_dkim.inc.php @@ -122,8 +122,8 @@ class mail_plugin_dkim { $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail'); if ( isset($mail_config['dkim_path']) && !empty($mail_config['dkim_path']) && - isset($data['new']['dkim_private']) && - !empty($data['new']['dkim_private']) && +// isset($data['new']['dkim_private']) && +// !empty($data['new']['dkim_private']) && $mail_config['dkim_path'] != '/' ) { if (!is_dir($mail_config['dkim_path'])) { @@ -199,6 +199,10 @@ class mail_plugin_dkim { function write_dkim_key($key_file, $key_value, $key_domain) { global $app, $mailconfig; $success=false; + if ($key_file == '' || $key_value == '' || $key_domain == '') { + $app->log('DKIM internal error for domain '.$key_domain, LOGLEVEL_ERROR); + return $success; + } if ( $app->system->file_put_contents($key_file.'.private', $key_value) ) { $app->log('Saved DKIM Private-key to '.$key_file.'.private', LOGLEVEL_DEBUG); $success=true; @@ -211,7 +215,7 @@ class mail_plugin_dkim { $app->log('Saved DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG); else $app->log('Unable to save DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG); } else { - $app->log('Unable to save DKIM Privte-key to '.$key_file.'.private', LOGLEVEL_ERROR); + $app->log('Unable to save DKIM Private-key to '.$key_file.'.private', LOGLEVEL_ERROR); } return $success; }