Commit Graph

1126 Commits

Author SHA1 Message Date
Georg Lauterbach bf679a5504
changes from tomav#1599 without `start-mailserver.sh`
included all changes from the work on refactoring all scripts, but excluded one big script to make merging easier; replaced mapfile with read
2020-09-05 16:19:12 +02:00
Erik Wramner 14aa0cdcc3
Merge pull request #1596 from mwnx/relayhostmap-from-virtual
Populate relayhost_map from virtual accounts (and other fixes)
2020-09-05 14:01:11 +02:00
Georg Lauterbach 06f0b087c1
major refactoring for setup.sh (#1590) (#1595)
* major refactoring for setup.sh (#1590)

* `set -u` stopped dkim generation from defaulting

* changed to bash and implemented simple error logging

* fixed $VOLUME not being set and refactored README as well due to markdownlint showing (valid) complaints

* setup.sh more consistent with braces, return codes, un-setting of variables and error reports and (importantly) test
2020-09-04 08:42:12 +02:00
mwnx 42352a3259 Update relayhost_map with virtual accounts too
Previously, only postfix-relaymap.cf and postfix-accounts.cf would be
used to populate the relayhost_map file.

Now, also use postfix-virtual.cf when present. To me, there is nothing
absurd about sending mail "From:" a virtual account (or more
specifically its domain) so it makes sense that when a $RELAY_HOST is
defined it should be used for virtual accounts as well.
2020-08-28 15:03:51 +02:00
mwnx 1286a1266b Fix/refactor relayhost_map update when dynamically adding account
check-for-changes.sh did not have a special case to handle lines in
postfix-relaymap.cf consisting of only a domain (indicating that said
domain should never be relayed). This case is handled by
start-mailserver.sh so when such a line existed, things would work well
until a config file update was detected by check-for-changes.sh. After
that, the generated relayhost_map file would be corrupted.

Fixed by factoring a 'populate_relayhost_map' function out of
start-mailserver.sh and into helper_functions.sh and reusing it in
check-for-changes.sh.

Note: There are certainly quite a few more pieces of code that could be
refactored in a similar fashion.

Note2: check-for-changes.sh would previously never update the
relayhost_map file when $ENABLE_LDAP was set to 1. I don't think this
was intended —there is after all no such condition in
start-mailserver.sh— and so this condition no longer applies.
2020-08-28 15:03:51 +02:00
mwnx 2a70f33a4b Fix checksum race condition in check-for-changes.sh
If a change to one of the tracked files happened soon after (<1 second?)
a previously detected change, it could end up going undetected. In
particular, this could cause integration tests to fail (see next
commits).

Fixed by computing the new checksum file _before_ checking for changes.
2020-08-28 14:57:43 +02:00
Erik Wramner f225e14a21
Merge pull request #1576 from vivacarvajalito/master
Add SASLAUTHD_LDAP_FILTER to ldap example
2020-07-24 09:13:49 +02:00
vivacarvajalito 9902baec73
Add SASLAUTHD_LDAP_FILTER to ldap example
Added as an example SASLAUTHD_LDAP_FILTER
2020-07-23 02:14:54 -03:00
Erik Wramner 26cc0c49ca
Merge pull request #1573 from casperklein/patch-2
addalias: check if two arguments are given
2020-07-22 16:13:51 +02:00
Erik Wramner cc34be2684
Merge pull request #1574 from martinwepner/fix/traefik-acme-parser
fix: extractCertsFromAcmeJson fails if "sans" not in Certificates.domain.main
2020-07-21 08:44:26 +02:00
Martin Wepner 821d88e93a add break; remove empty print 2020-07-20 11:28:23 +02:00
Martin Wepner 6bd1fb568e fix: extractCertsFromAcmeJson fails if "sans" not in Certificates.domain.main 2020-07-19 23:57:16 +02:00
Casper 398b1dd554
Merge pull request #2 from casperklein/patch-1
Small change to error message
2020-07-19 21:33:41 +02:00
Casper 2ffb0de1db
Small change to error message 2020-07-19 21:33:06 +02:00
Casper 79f6c88653
Merge pull request #1 from casperklein/patch-3
More detailed error message
2020-07-19 21:26:36 +02:00
Casper 11ab4a84a9
More detailed error message 2020-07-19 21:23:59 +02:00
Casper 7c0998f7fa
Check if second argument is given 2020-07-19 21:21:01 +02:00
Erik Wramner f206ad7ee1
Merge pull request #1553 from MichaelSp/letsencrypt-traefik-acme-json
Letsencrypt traefik v2 acme json
2020-07-16 07:49:04 +02:00
Erik Wramner c708e019ed
Merge pull request #1570 from guardiande/fix-sasl-password
Fix sasl_password generation to allow passwords containing hashes
2020-07-16 07:48:22 +02:00
guardiande 5c5c8eb814
Revert dummy change 2020-07-15 09:39:59 +02:00
Michael Sprauer ffac79bc8e Trigger 2020-07-15 09:23:34 +02:00
guardiande 7189d4c63f
Dummy change to trigger travis 2020-07-15 09:12:14 +02:00
guardiande 76d3f7643a
Fix sasl_password generation to allow passwords containing hashes 2020-07-15 08:26:25 +02:00
Michael Sprauer 119dbd664c revert nonsens changes 2020-07-14 15:23:36 +02:00
Michael Sprauer d61a8cd9c0 letsencrypt & traefik wildcard support
set SSL_DOMAIN=*.example.com to extract a wildcard certificate from traefiks acme.json store
2020-07-13 22:58:17 +02:00
Erik Wramner 1a085d411a
Merge pull request #1557 from ubenmackin/master
Update dovecot-ldap.conf.ext
2020-07-13 08:01:12 +02:00
Ben 96f923b0c2
Update env-mailserver.dist
add environment variable for DOVECOT_AUTH_BIND
2020-07-12 10:37:40 -07:00
Michael Sprauer 3a3cec6a8f trigger reload if cert change
/etc/letsencrypt/live/$HOSTNAME/key.pem  and /etc/letsencrypt/live/$HOSTNAME/fullchain.pem are watched and will trigger a reload if changed
2020-07-07 21:26:53 +02:00
Ben 2ee280dcb3
Update dovecot-ldap.conf.ext
add auth_bind = no so that it can be overridden via the env-mailserver file used by docker compose. This is related to #1526
2020-07-04 11:50:25 -07:00
Michael Sprauer 32c732e276 certificates from acme.json
Will extract certificates from acme.json as written by traefik for usage in dovecot and postfix.
Also watches acme.json for changes. For this to work the file has to be mounted/present at `/etc/letsencrypt/acme.json`
2020-06-30 22:43:22 +02:00
Michael Sprauer 989f691281 fix tests with space in path 2020-06-30 22:34:26 +02:00
Erik Wramner df4e04f033
Merge pull request #1547 from MrFreezeex/master
Fix dovecot variable with whitespace
2020-06-28 11:02:58 +02:00
Erik Wramner 7c55723609
Merge pull request #1551 from GiovanH/typo
Fix typo
2020-06-28 10:53:32 +02:00
Gio d888dbcf7f Fix typo 2020-06-27 23:07:17 -05:00
Arthur Outhenin-Chalandre c7f9fbd439
Fix dovecot variable with whitespace
Signed-off-by: Arthur Outhenin-Chalandre <arthur@cri.epita.fr>
2020-06-27 11:17:25 +02:00
Erik Wramner e150307339
Merge pull request #1537 from casperklein/patch-3
Typo fixed
2020-06-14 20:11:33 +02:00
Erik Wramner 3ce36407b4
Merge pull request #1535 from casperklein/patch-2
Improve container/image name detection
2020-06-14 20:10:51 +02:00
Casper c359521121
Typo fixed 2020-06-14 04:39:34 +02:00
Casper e95bd156a5
Multi-line format 2020-06-14 04:34:25 +02:00
Casper 29406ff34d
Return only one result, if there are multiple matches
Among other things, this is the case, when running tests with multiple containers.
2020-06-12 18:52:32 +02:00
Casper 8c7597f546
Improve container/image name detection
Problem: `setup.sh` fails, if more than one container uses `CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf"]`

Current container/image name detection: List all containers, grep for "supervisor".

New approach: List container, with label `org.label-schema.name="docker-mailserver"`
2020-06-12 01:33:30 +02:00
Erik Wramner 6abcc8ce5f
Merge pull request #1527 from m-a-v/patch-1
hint: keyword _SCORE_ for SA_SPAM_SUBJECT
2020-06-01 14:08:11 +02:00
Sascha Scandella 858facb790
hint: keyword _SCORE_ for SA_SPAM_SUBJECT 2020-05-31 22:06:31 +02:00
Erik Wramner b99bce1c2e Nonsense commit to trigger rebuild 2020-05-21 08:13:10 +02:00
Erik Wramner c6a535c8cb
Merge pull request #1514 from gmasse/fix-1507
Fix #1507 - Do not try to reload freshclam daemon after log rotation
2020-05-19 11:45:55 +02:00
Germain Masse 452fe3609f Do not try to reload freshclam daemon after log rotation 2020-05-18 10:10:37 +02:00
Erik Wramner f19fb9abc6
Merge pull request #1509 from neuralp/master
Letsencrypt check domain name in addition to host name
2020-05-15 08:38:12 +02:00
Nicholas Pepper 1b659a5574 Modified letsencrypt support to add domain name checking in addition to
hostname checking.  Added necessary tests and renamed original manual
ssl test to a name that supports adding the other SSL tests.
2020-05-15 04:52:26 +00:00
Erik Wramner f0defda2a1
Merge pull request #1506 from youtous/fix-postfix-information-banner
Show only host name in Postfix information banner
2020-05-11 09:14:35 +02:00
youtous 04059cd618
MAIL-8818 - Postfix information leakage
To prevent announcing software or version to malicious people or scripts, it is advised to hide such information.


This information is provided as part of the Lynis community project. It is related to Lynis control MAIL-8818 and should be considered as-is and without guarantees.

https://cisofy.com/lynis/controls/MAIL-8818/
2020-05-10 16:04:53 +02:00