Configs near finish
This commit is contained in:
parent
c5a2295ccd
commit
9701eb229a
@ -10,29 +10,33 @@ LOCAL_DELIVERY = mail_spool
|
|||||||
CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%%!/|`#&?]
|
CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%%!/|`#&?]
|
||||||
CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%%!`#&?] : ^.*/\\.\\./
|
CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%%!`#&?] : ^.*/\\.\\./
|
||||||
|
|
||||||
%(dkim_enable)s
|
DKIM_ENABLE = 1
|
||||||
DKIM_SELECTOR = %(dkim_selector)s
|
DKIM_SELECTOR = x
|
||||||
DKIM_PRIVATE_KEY = %(dkim_private_key)s
|
DKIM_PRIVATE_KEY = /etc/exim4/dkim/private.key
|
||||||
DKIM_CANON = relaxed
|
DKIM_CANON = relaxed
|
||||||
DKIM_STRICT = 1
|
DKIM_STRICT = 1
|
||||||
|
|
||||||
%(tls_enable)s
|
TLS_ENABLE = 1
|
||||||
TLS_ADVERTISE_HOSTS = *
|
TLS_ADVERTISE_HOSTS = *
|
||||||
TLS_CERTIFICATE = %(tls_certificate)s
|
TLS_CERTIFICATE = /etc/exim4/tls/mail.crt
|
||||||
TLS_PRIVATEKEY = %(tls_privatekey)s
|
TLS_PRIVATEKEY = /etc/exim4/tls/mail.key
|
||||||
TLS_VERIFY_CERTIFICATES = ${if exists{/etc/ssl/certs/ca-certificates.crt} {/etc/ssl/certs/ca-certificates.crt} {/dev/null}}
|
TLS_VERIFY_CERTIFICATES = ${if exists{/etc/ssl/certs/ca-certificates.crt} {/etc/ssl/certs/ca-certificates.crt} {/dev/null}}
|
||||||
|
|
||||||
COURIERSOCKET = %(courier_authsocket)s
|
COURIERSOCKET = /var/run/courier/authdaemon/socket
|
||||||
|
|
||||||
ACL_SMTP_MAIL = acl_check_mail
|
ACL_SMTP_MAIL = acl_check_mail
|
||||||
ACL_SMTP_RCPT = acl_check_rcpt
|
ACL_SMTP_RCPT = acl_check_rcpt
|
||||||
ACL_SMTP_DATA = acl_check_data
|
ACL_SMTP_DATA = acl_check_data
|
||||||
|
|
||||||
|
# SPAMD_ENABLE = 1
|
||||||
|
# CLAMAV_ENABLE = 1
|
||||||
|
|
||||||
#--CONFIGURATION
|
#--CONFIGURATION
|
||||||
|
|
||||||
hostlist relay_from_hosts = 127.0.0.1
|
hostlist relay_from_hosts = 127.0.0.1
|
||||||
|
|
||||||
%(custom_mta_config)s
|
CHECK_RCPT_VERIFY_SENDER = 1
|
||||||
|
keep_environment =
|
||||||
|
|
||||||
daemon_smtp_ports = SMTP_PORT
|
daemon_smtp_ports = SMTP_PORT
|
||||||
local_interfaces = LOCAL_INTERFACES
|
local_interfaces = LOCAL_INTERFACES
|
||||||
@ -46,7 +50,13 @@ acl_smtp_mail = ACL_SMTP_MAIL
|
|||||||
acl_smtp_rcpt = ACL_SMTP_RCPT
|
acl_smtp_rcpt = ACL_SMTP_RCPT
|
||||||
acl_smtp_data = ACL_SMTP_DATA
|
acl_smtp_data = ACL_SMTP_DATA
|
||||||
|
|
||||||
# spamd_address = 127.0.0.1 783
|
.ifdef SPAMD_ENABLE
|
||||||
|
spamd_address = 127.0.0.1 783
|
||||||
|
.endif
|
||||||
|
|
||||||
|
.ifdef CLAMAV_ENABLE
|
||||||
|
av_scanner = clamd:/var/run/clamav/clamd.ctl
|
||||||
|
.endif
|
||||||
|
|
||||||
local_from_check = false
|
local_from_check = false
|
||||||
local_sender_retain = true
|
local_sender_retain = true
|
||||||
@ -70,8 +80,6 @@ tls_verify_certificates = TLS_VERIFY_CERTIFICATES
|
|||||||
|
|
||||||
begin acl
|
begin acl
|
||||||
|
|
||||||
%(custom_mta_acl)s
|
|
||||||
|
|
||||||
acl_check_mail:
|
acl_check_mail:
|
||||||
.ifdef CHECK_MAIL_HELO_ISSUED
|
.ifdef CHECK_MAIL_HELO_ISSUED
|
||||||
deny
|
deny
|
||||||
@ -186,15 +194,34 @@ acl_check_rcpt:
|
|||||||
|
|
||||||
acl_check_data:
|
acl_check_data:
|
||||||
|
|
||||||
deny
|
accept authenticated = *
|
||||||
message = Message headers fail syntax check
|
|
||||||
|
.ifdef SPAMD_ENABLE
|
||||||
|
warn spam = debian-spamd
|
||||||
|
add_header = X-Spam-Score: $spam_score ($spam_bar)
|
||||||
|
add_header = X-Spam-Report: $spam_report
|
||||||
|
add_header = Subject: ***SPAM (score:$spam_score)*** $h_Subject:
|
||||||
|
control = fakereject
|
||||||
|
.endif
|
||||||
|
|
||||||
|
.ifdef CLAMAV_ENABLE
|
||||||
|
deny malware = *
|
||||||
|
message = This message was detected as possible malware ($malware_name).
|
||||||
|
.endif
|
||||||
|
|
||||||
|
deny message = Message headers fail syntax check
|
||||||
!verify = header_syntax
|
!verify = header_syntax
|
||||||
|
|
||||||
accept
|
accept
|
||||||
|
|
||||||
begin routers
|
begin routers
|
||||||
|
|
||||||
%(custom_mta_routers)s
|
maildir_spam:
|
||||||
|
driver = accept
|
||||||
|
transport = maildir_spam_delivery
|
||||||
|
condition = ${if def:h_X-Spam-Score: {true}}
|
||||||
|
condition = ${if >{$spam_score_int}{1}}
|
||||||
|
condition = ${if match {$h_Subject:}{SPAM}}
|
||||||
|
|
||||||
vforward:
|
vforward:
|
||||||
debug_print = "R: vforward for $local_part@$domain"
|
debug_print = "R: vforward for $local_part@$domain"
|
||||||
@ -202,18 +229,16 @@ vforward:
|
|||||||
allow_defer
|
allow_defer
|
||||||
allow_fail
|
allow_fail
|
||||||
domains = +local_domains
|
domains = +local_domains
|
||||||
file = %(mailforward)s/$local_part@$domain
|
file = /etc/exim.forward/$local_part@$domain
|
||||||
file_transport = address_file
|
file_transport = address_file
|
||||||
pipe_transport = address_pipe
|
pipe_transport = address_pipe
|
||||||
%(custom_mta_local_router)s
|
|
||||||
|
|
||||||
vdomain:
|
vdomain:
|
||||||
debug_print = "R: vdomain for $local_part@$domain"
|
debug_print = "R: vdomain for $local_part@$domain"
|
||||||
driver = accept
|
driver = accept
|
||||||
domains = dsearch;%(maildomains)s
|
domains = dsearch;/etc/exim.domains
|
||||||
local_parts = lsearch;%(maildomains)s/$domain
|
local_parts = lsearch;/etc/exim.domains/$domain
|
||||||
transport = vmail
|
transport = vmail
|
||||||
%(custom_mta_local_router)s
|
|
||||||
|
|
||||||
dnslookup:
|
dnslookup:
|
||||||
debug_print = "R: dnslookup for $local_part@$domain"
|
debug_print = "R: dnslookup for $local_part@$domain"
|
||||||
@ -248,7 +273,6 @@ real_local:
|
|||||||
local_part_prefix = real-
|
local_part_prefix = real-
|
||||||
check_local_user
|
check_local_user
|
||||||
transport = LOCAL_DELIVERY
|
transport = LOCAL_DELIVERY
|
||||||
%(custom_mta_local_router)s
|
|
||||||
|
|
||||||
procmail:
|
procmail:
|
||||||
debug_print = "R: procmail for $local_part@$domain"
|
debug_print = "R: procmail for $local_part@$domain"
|
||||||
@ -283,7 +307,6 @@ local_user:
|
|||||||
local_parts = ! root
|
local_parts = ! root
|
||||||
transport = LOCAL_DELIVERY
|
transport = LOCAL_DELIVERY
|
||||||
cannot_route_message = Unknown user
|
cannot_route_message = Unknown user
|
||||||
%(custom_mta_local_router)s
|
|
||||||
|
|
||||||
mail4root:
|
mail4root:
|
||||||
debug_print = "R: mail4root for $local_part@$domain"
|
debug_print = "R: mail4root for $local_part@$domain"
|
||||||
@ -294,20 +317,28 @@ mail4root:
|
|||||||
local_parts = root
|
local_parts = root
|
||||||
user = mail
|
user = mail
|
||||||
group = mail
|
group = mail
|
||||||
%(custom_mta_local_router)s
|
|
||||||
|
|
||||||
|
|
||||||
begin transports
|
begin transports
|
||||||
|
|
||||||
%(custom_mta_transports)s
|
maildir_spam_delivery:
|
||||||
|
driver = appendfile
|
||||||
|
maildir_format = true
|
||||||
|
directory = /var/vmail/$domain/spam
|
||||||
|
user = mail
|
||||||
|
create_directory
|
||||||
|
delivery_date_add
|
||||||
|
envelope_to_add
|
||||||
|
return_path_add
|
||||||
|
group = mail
|
||||||
|
mode = 0600
|
||||||
|
|
||||||
vmail:
|
vmail:
|
||||||
debug_print = "T: vmail for $local_part@$domain"
|
debug_print = "T: vmail for $local_part@$domain"
|
||||||
driver = appendfile
|
driver = appendfile
|
||||||
user = mail
|
user = mail
|
||||||
maildir_format = true
|
maildir_format = true
|
||||||
directory = %(mailroot)s/$domain/$local_part
|
directory = /var/vmail/$domain/$local_part
|
||||||
create_directory
|
create_directory
|
||||||
delivery_date_add
|
delivery_date_add
|
||||||
envelope_to_add
|
envelope_to_add
|
||||||
|
@ -15,29 +15,52 @@ STD="\e[0m"
|
|||||||
[[ $1 == "help" ]] && usage
|
[[ $1 == "help" ]] && usage
|
||||||
[[ $EUID -ne 0 ]] && echo -e "${RED}This script must be run as root.${STD}" && exit 1
|
[[ $EUID -ne 0 ]] && echo -e "${RED}This script must be run as root.${STD}" && exit 1
|
||||||
|
|
||||||
install_exim_ask_domain() {
|
install_ask_domain() {
|
||||||
echo -e "${GRE}Please enter the mail server's main domain${STD}"
|
echo -e "${GRE}Please enter the mail server's main domain${STD}"
|
||||||
read choice
|
read choice
|
||||||
[[ -n $choice ]] && echo $choice > /etc/mailname
|
[[ -n $choice ]] && echo $choice > /etc/mailname
|
||||||
[[ -z $choice ]] && install_exim_ask_domain
|
[[ -z $choice ]] && install_ask_domain
|
||||||
|
}
|
||||||
|
|
||||||
|
install_tls_dkim() {
|
||||||
|
mkdir -pv /etc/exim4/tls
|
||||||
|
openssl req -x509 -newkey rsa -keyout /etc/exim4/tls/mail.key -out /etc/exim4/tls/mail.crt -days 4096 -nodes
|
||||||
|
mkdir -pv /etc/exim4/dkim
|
||||||
|
openssl genrsa -out /etc/exim4/dkim/private.key 2048
|
||||||
}
|
}
|
||||||
|
|
||||||
install_exim() {
|
install_exim() {
|
||||||
install_exim_ask_domain
|
install_ask_domain
|
||||||
echo -e "${YEL}Two boxes will appear. Hit [Enter] each time to continue.${STD}"
|
echo -e "${YEL}Two boxes will appear. Hit [Enter] each time to continue.${STD}"
|
||||||
echo "Press [Enter] key to continue..."
|
echo "Press [Enter] key to continue..."
|
||||||
aptitude -y install exim4 courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-authlib-userdb
|
aptitude -y install exim4 courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-authlib-userdb ssl-cert
|
||||||
chown -vR daemon: courier/*
|
chown -fvR daemon: courier/*
|
||||||
cp -v courier/* /etc/courier
|
cp -fv courier/* /etc/courier/
|
||||||
chown -vR $USER: courier/*
|
chown -vR $USER: courier/*
|
||||||
|
mkdir -pv /etc/exim.domains
|
||||||
|
mkdir -pv /etc/exim.forward
|
||||||
|
cp -fv exim4/* /etc/exim4/
|
||||||
|
chmod -fv 777 /var/run/courier/authdaemon/socket
|
||||||
|
install_tls_dkim
|
||||||
}
|
}
|
||||||
|
|
||||||
install_spamassassin() {
|
install_spamassassin() {
|
||||||
echo "lol"
|
aptitude -y install exim4-daemon-heavy sa-exim spamassassin
|
||||||
|
cp -fv spamd/sa-learn /etc/cron.daily/sa-learn
|
||||||
|
cp -fv spamd/spamassassin /etc/default/spamassassin
|
||||||
}
|
}
|
||||||
|
|
||||||
install_clamav() {
|
install_clamav() {
|
||||||
echo "lol"
|
aptitude -y install exim4-daemon-heavy clamav clamav-daemon
|
||||||
|
}
|
||||||
|
|
||||||
|
install_restart() {
|
||||||
|
service courier-authdeamon restart
|
||||||
|
service courier-imap restart
|
||||||
|
service courier-pop restart
|
||||||
|
service courier-imap-ssl restart
|
||||||
|
service courier-pop-ssl restart
|
||||||
|
service exim4 restart
|
||||||
}
|
}
|
||||||
|
|
||||||
install_mailserver() {
|
install_mailserver() {
|
||||||
@ -49,10 +72,10 @@ install_mailserver() {
|
|||||||
echo "5. Exit"
|
echo "5. Exit"
|
||||||
read -p "Enter choice [1 - 4] " choice
|
read -p "Enter choice [1 - 4] " choice
|
||||||
case $choice in
|
case $choice in
|
||||||
1) clear && install_exim ;;
|
1) clear && install_exim && install_restart ;;
|
||||||
2) clear && install_exim && install_spamassassin ;;
|
2) clear && install_exim && install_spamassassin && install_restart ;;
|
||||||
3) clear && install_exim && install_clamav ;;
|
3) clear && install_exim && install_clamav && install_restart ;;
|
||||||
4) clear && install_exim && install_spamassassin && install_clamav ;;
|
4) clear && install_exim && install_spamassassin && install_clamav && install_restart ;;
|
||||||
5) exit ;;
|
5) exit ;;
|
||||||
*) clear && echo -e "${RED}Please enter a valid input${STD}" && install_mailserver ;;
|
*) clear && echo -e "${RED}Please enter a valid input${STD}" && install_mailserver ;;
|
||||||
esac
|
esac
|
||||||
|
5
spamd/sa-learn
Normal file
5
spamd/sa-learn
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
date >> /var/log/exim4/sa-learn
|
||||||
|
find /var/vmail -type d -name '.Junk' | xargs -I junk sa-learn --spam junk/{cur,new} >> /var/log/exim4/sa-learn
|
||||||
|
find /var/vmail -type d -name '.Junk' | xargs -I junk find junk/{cur,new} -type f -delete >> /var/log/exim4/sa-learn
|
5
spamd/spamassassin
Normal file
5
spamd/spamassassin
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
ENABLED=1
|
||||||
|
OPTIONS="--create-prefs --max-children 5 --helper-home-dir"
|
||||||
|
PIDFILE="/var/run/spamd.pid"
|
||||||
|
#NICE="--nicelevel 15"
|
||||||
|
CRON=1
|
Loading…
Reference in New Issue
Block a user