Browse Source

Merge pull request #15 from Schueni1/master

Added relaxed option for DKIM.
pull/17/head
Luke Smith 5 years ago
committed by GitHub
parent
commit
eb15bba5f3
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 8 deletions
  1. +23
    -8
      emailwiz.sh

+ 23
- 8
emailwiz.sh View File

@@ -16,9 +16,9 @@
# On installation of Postfix, select "Internet Site" and put in TLD (without before it mail.) # On installation of Postfix, select "Internet Site" and put in TLD (without before it mail.)


echo "Installing programs..." echo "Installing programs..."
apt install postfix dovecot-imapd opendkim spamassassin spamc
apt install postfix dovecot-imapd dovecot-sieve opendkim spamassassin spamc
# Install another requirement for opendikm only if the above command didn't get it already # Install another requirement for opendikm only if the above command didn't get it already
[ -e $(which opendkim-genkey) ] || apt install opendkim-tools
[ which opendkim-genkey > /dev/null 2>&1 ] || apt install opendkim-tools
domain="$(cat /etc/mailname)" domain="$(cat /etc/mailname)"
subdom="mail" subdom="mail"
maildomain="$subdom.$domain" maildomain="$subdom.$domain"
@@ -96,7 +96,7 @@ ssl = required
ssl_cert = </etc/letsencrypt/live/$maildomain/fullchain.pem ssl_cert = </etc/letsencrypt/live/$maildomain/fullchain.pem
ssl_key = </etc/letsencrypt/live/$maildomain/privkey.pem ssl_key = </etc/letsencrypt/live/$maildomain/privkey.pem
# Plaintext login. This is safe and easy thanks to SSL. # Plaintext login. This is safe and easy thanks to SSL.
auth_mechanisms = plain
auth_mechanisms = plain login cram-md5


protocols = \$protocols imap protocols = \$protocols imap


@@ -104,7 +104,12 @@ protocols = \$protocols imap
userdb { userdb {
driver = passwd driver = passwd
} }
# Use plain old PAM to find user passwords
# Use file with cram-md5 hashed passwords to find user passwords
passdb {
driver = passwd-file
args = scheme=cram-md5 /etc/cram-md5.pwd
}
#Fallback: Use plain old PAM to find user passwords
passdb { passdb {
driver = pam driver = pam
} }
@@ -170,6 +175,7 @@ if header :contains \"X-Spam-Flag\" \"YES\"
fileinto \"Junk\"; fileinto \"Junk\";
}" > /var/lib/dovecot/sieve/default.sieve }" > /var/lib/dovecot/sieve/default.sieve


cut -d: -f1 /etc/passwd | grep ^vmail > /dev/null 2&>1 || useradd vmail
chown -R vmail:vmail /var/lib/dovecot chown -R vmail:vmail /var/lib/dovecot
sievec /var/lib/dovecot/sieve/default.sieve sievec /var/lib/dovecot/sieve/default.sieve


@@ -211,15 +217,24 @@ grep ^KeyTable /etc/opendkim.conf >/dev/null || echo "KeyTable file:/etc/postfix
SigningTable refile:/etc/postfix/dkim/signingtable SigningTable refile:/etc/postfix/dkim/signingtable
InternalHosts refile:/etc/postfix/dkim/trustedhosts" >> /etc/opendkim.conf InternalHosts refile:/etc/postfix/dkim/trustedhosts" >> /etc/opendkim.conf


sed -i '/^#Canonicalization/s/simple/relaxed\/simple/' /etc/opendkim.conf
sed -i '/^#Canonicalization/s/^#//' /etc/opendkim.conf

sed -e '/Socket/s/^#*/#/' -i /etc/opendkim.conf
sed -i '/\local:\/var\/run\/opendkim\/opendkim.sock/a \Socket\t\t\tinet:12301@localhost' /etc/opendkim.conf

# OpenDKIM daemon settings, removing previously activated socket. # OpenDKIM daemon settings, removing previously activated socket.
sed -i "/^SOCKET/d" /etc/default/opendkim && echo "SOCKET=\"inet:8891@localhost\"" >> /etc/default/opendkim
sed -i "/^SOCKET/d" /etc/default/opendkim && echo "SOCKET=\"inet:12301@localhost\"" >> /etc/default/opendkim


# Here we add to postconf the needed settings for working with OpenDKIM # Here we add to postconf the needed settings for working with OpenDKIM
echo "Configuring Postfix with OpenDKIM settings..." echo "Configuring Postfix with OpenDKIM settings..."
postconf -e "smtpd_sasl_security_options = noanonymous, noplaintext"
postconf -e "smtpd_sasl_tls_security_options = noanonymous"
postconf -e "myhostname = $maildomain"
postconf -e "milter_default_action = accept" postconf -e "milter_default_action = accept"
postconf -e "milter_protocol = 2"
postconf -e "smtpd_milters = inet:localhost:8891"
postconf -e "non_smtpd_milters = inet:localhost:8891"
postconf -e "milter_protocol = 6"
postconf -e "smtpd_milters = inet:localhost:12301"
postconf -e "non_smtpd_milters = inet:localhost:12301"
postconf -e "mailbox_command = /usr/lib/dovecot/deliver" postconf -e "mailbox_command = /usr/lib/dovecot/deliver"


echo "Restarting Dovecot..." echo "Restarting Dovecot..."


Loading…
Cancel
Save