install_postfixadmin.sh: remove space..

install_amavis.sh

@@ -110,7 +110,8 @@ detect_os_1 () {
 # --- Some default settings
 # -------------
 
-DEFAULT_SASL_AUTH_ENABLED="no"
+DEFAULT_SASL_AUTH_ENABLED=false
+DEFAULT_IS_SYMPA_LIST_SERVER=false
 
 DEFAULT_QUARANTINE_DIR="/var/QUARANTINE"
 DEFAULT_QUARANTINE_ADMIN='postmaster\@$mydomain'
@@ -187,7 +188,9 @@ if [[ -z "$_HOSTNAME" ]] ; then
    [[ "$_HOSTNAME" = "$_HOSTNAME_SHORT" ]] && _HOSTNAME=""
 fi
 
-[[ -z "$_SASL_AUTH_ENABLED" ]] && _SASL_AUTH_ENABLED="$DEFAULT_SASL_AUTH_ENABLED"
+[[ -z "$_SASL_AUTH_ENABLED" ]] && _SASL_AUTH_ENABLED=${DEFAULT_SASL_AUTH_ENABLED}
+
+[[ -z "${_IS_SYMPA_LIST_SERVER}" ]] && _IS_SYMPA_LIST_SERVER=${DEFAULT_IS_SYMPA_LIST_SERVER}
 
 
 [[ -z "$_QUARANTINE_DIR" ]] && _QUARANTINE_DIR="$DEFAULT_QUARANTINE_DIR"
@@ -375,9 +378,12 @@ SASL_AUTH_ENABLED=
 echo ""
 echo -e "\033[32m--\033[m"
 echo ""
-echo "Should this mail server support Cyrus SASL authentication?"
+echo "Should this mail server support Cyrus SASL authentication? [true/yes/false/no]"
 echo ""
-while [[ "$SASL_AUTH_ENABLED" != "yes" && "$SASL_AUTH_ENABLED" != "no" ]];do
+while [[ "$SASL_AUTH_ENABLED" != "yes" && 
+         "$SASL_AUTH_ENABLED" != "true" && 
+         "$SASL_AUTH_ENABLED" != "no" &&
+         "$SASL_AUTH_ENABLED" != "false" ]];do
 
    if [[ -n "$_SASL_AUTH_ENABLED" ]]; then
       echononl "Support Cyrus SASL authentication [${_SASL_AUTH_ENABLED}]: "
@@ -390,13 +396,62 @@ while [[ "$SASL_AUTH_ENABLED" != "yes" && "$SASL_AUTH_ENABLED" != "no" ]];do
       SASL_AUTH_ENABLED=${SASL_AUTH_ENABLED,,}
    fi
 
-   if [[ "$SASL_AUTH_ENABLED" != "yes" && "$SASL_AUTH_ENABLED" != "no" ]] ; then
+   [[ -z "${SASL_AUTH_ENABLED}" ]] && SASL_AUTH_ENABLED=${_SASL_AUTH_ENABLED}
-      _SASL_AUTH_ENABLED=""
+
+   if [[ "$SASL_AUTH_ENABLED" != "yes" &&
+         "$SASL_AUTH_ENABLED" != "true" &&
+         "$SASL_AUTH_ENABLED" != "false" &&
+         "$SASL_AUTH_ENABLED" != "no" ]] ; then
+      SASL_AUTH_ENABLED=""
       echo -e  "\n\t\033[33m\033[1mWrong entry!\033[m\n Type 'yes' or 'no'"
    fi
 
 done
 
+[[ "$SASL_AUTH_ENABLED" = "yes" ]] && SASL_AUTH_ENABLED=true
+[[ "$SASL_AUTH_ENABLED" = "no" ]] && SASL_AUTH_ENABLED=false
+
+
+if  ! ${SASL_AUTH_ENABLED} ; then
+
+   IS_SYMPA_LIST_SERVER=""
+   echo ""
+   echo -e "\033[32m--\033[m"
+   echo ""
+   echo "Are Sympa List Services provided? - [true/yes/false/no]"
+   echo ""
+   echononl "Sympa List Server? [$_IS_SYMPA_LIST_SERVER]: "
+
+   read IS_SYMPA_LIST_SERVER
+   if [[ -z "${IS_SYMPA_LIST_SERVER}" ]] ; then
+      IS_SYMPA_LIST_SERVER="$_IS_SYMPA_LIST_SERVER"
+   fi
+   IS_SYMPA_LIST_SERVER=${IS_SYMPA_LIST_SERVER,,}
+
+   while [[ "$IS_SYMPA_LIST_SERVER" != "yes" && \
+            "$IS_SYMPA_LIST_SERVER" != "true" && \
+            "$IS_SYMPA_LIST_SERVER" != "no" && \
+            "$IS_SYMPA_LIST_SERVER" != "false" ]]; do
+
+      echo -e "\n\t\033[33m\033[1mWrong value was given!!\033[m\n"
+
+      echononl "Sympa List Server? [$_IS_SYMPA_LIST_SERVER]: "
+      read IS_SYMPA_LIST_SERVER
+      if [[ -z "${IS_SYMPA_LIST_SERVER}" ]] ; then
+         IS_SYMPA_LIST_SERVER=false
+      fi
+      IS_SYMPA_LIST_SERVER=${IS_SYMPA_LIST_SERVER,,}
+
+   done
+
+   if [[ "$IS_SYMPA_LIST_SERVER" = 'yes' || "$IS_SYMPA_LIST_SERVER" = 'true' ]] ; then
+      IS_SYMPA_LIST_SERVER=true
+   else
+      IS_SYMPA_LIST_SERVER=false
+   fi
+else
+   IS_SYMPA_LIST_SERVER=false
+fi
 
 
 echo ""
@@ -854,6 +909,7 @@ echo -e "\tIPv4 address...........................: $IPV4"
 echo -e "\tIPv6 address...........................: $IPV6"
 echo ""
 echo -e "\tSASL AUTH support......................: $SASL_AUTH_ENABLED"
+echo -e "\tSupport sympa mailinglists.............: ${IS_SYMPA_LIST_SERVER}"
 echo ""
 echo -e "\tQuarantine Directory ..................: $QUARANTINE_DIR"
 echo ""
@@ -905,6 +961,7 @@ _IPV4=$IPV4
 _IPV6=$IPV6
 
 _SASL_AUTH_ENABLED=$SASL_AUTH_ENABLED
+_IS_SYMPA_LIST_SERVER=${IS_SYMPA_LIST_SERVER}
 
 _QUARANTINE_DIR=$QUARANTINE_DIR
 _QUARANTINE_ADMIN=$QUARANTINE_ADMIN
@@ -4209,10 +4266,49 @@ use strict;
 # !! smtpd_proxy_filter - see master.cf                           !!
 #
 #
+EOF
+
+if ${SASL_AUTH_ENABLED} ; then
+   cat << EOF >> "${_config_file}"
 \$inet_socket_port = [10024, 10026];
 #\$inet_socket_port = [10024, 10029];
 #\$inet_socket_port = [10024, 10026, 10029];
 
+\$interface_policy{'10026'} = 'ORIGINATING';
+\$policy_bank{'ORIGINATING'} = {
+  originating => 1,  # declare that mail was submitted by our smtp client
+  bypass_spam_checks_maps  => (1),
+  bypass_virus_checks_maps => (0),
+  remove_existing_spam_headers => 1,
+};
+EOF
+
+else
+
+   cat << EOF >> "${_config_file}"
+#\$inet_socket_port = [10024, 10026];
+\$inet_socket_port = [10024, 10029];
+#\$inet_socket_port = [10024, 10026, 10029];
+
+\$interface_policy{'10024'} = 'INBOUND';
+\$interface_policy{'10029'} = 'VIRUSONLY';
+
+# Inbound: Spam + Virus
+\$policy_bank{'INBOUND'} = { };
+
+# Outbound: nur Virus
+\$policy_bank{'VIRUSONLY'} = {
+  bypass_spam_checks_maps   => [1],
+  bypass_header_checks_maps => [1],
+  final_spam_destiny        => D_PASS,
+  originating               => 1,
+};
+EOF
+
+fi
+
+cat << EOF >> "${_config_file}"
+
 # Bypass spam checking fro trusted networks
 #
 #\$interface_policy{'10026'} = 'TRUSTED';
@@ -4434,7 +4530,9 @@ if [[ "$?" -ne 0 ]] ; then
 fi
 
 
-if [[ "${DB_TYPE}" = "PostgreSQL" ]] || [[ "${DB_TYPE}" = "MySQL" ]]; then
+if [[ "${DB_TYPE}" = "PostgreSQL" ]] || \
+   [[ "${DB_TYPE}" = "MySQL" ]] && \
+   ! ${IS_SYMPA_LIST_SERVER}; then
 
    if [[ "$DB_TYPE" = "PostgreSQL" ]]; then
       _db="pgsql"
@@ -4503,10 +4601,6 @@ EOF
 );
 EOF
 
-echo ""
-echo "hallo 9"
-echo ""
-
 else
    cat >> /etc/amavis/conf.d/50-user <<'EOF'
 @local_domains_maps = ( ["."] );
@@ -4522,15 +4616,6 @@ fi
 
 cat >> /etc/amavis/conf.d/50-user <<EOF
 
-## - get rid of "Open Relay" warnings in amavis logfile.
-## -
-\$interface_policy{'10026'} = 'ORIGINATING';
-\$policy_bank{'ORIGINATING'} = {
-    originating => 1,  # declare that mail was submitted by our smtp client
-    bypass_spam_checks_maps  => (1),
-    bypass_virus_checks_maps => (0),
-    remove_existing_spam_headers => 1,
-};
 
 ## - If you get am error like:
 ## -
@@ -5177,7 +5262,7 @@ while IFS='' read -r _line || [[ -n $_line ]] ; do
 smtp      inet  n       -       y       -       -       smtpd
    -o content_filter=amavisfeed:[127.0.0.1]:10024
 EOF
-      if [[ "$SASL_AUTH_ENABLED" = "no" ]] ; then
+      if ! ${SASL_AUTH_ENABLED} ; then
          cat >> $postfix_master_cf << EOF
    -o smtpd_sasl_auth_enable=no
 EOF
@@ -5211,7 +5296,7 @@ EOF
 ${additional_smtp_port}      inet  n       -       y       -       -       smtpd
    -o content_filter=amavisfeed:[127.0.0.1]:10024
 EOF
-      if [[ "$SASL_AUTH_ENABLED" = "no" ]] ; then
+      if ! ${SASL_AUTH_ENABLED} ; then
          cat >> $postfix_master_cf << EOF
    -o smtpd_sasl_auth_enable=no
 EOF

install_postfix_advanced.sh

@@ -171,8 +171,10 @@ fi
 if [[ -z "$_RELAY_HOST" ]]; then
    _IS_RELAY_HOST=$DEFAULT_IS_RELAY_HOST
 else
-   _IS_RELAY_HOST="$_RELAY_HOST"
+   _IS_RELAY_HOST="${_RELAY_HOST,,}"
 fi
+[[ "${_IS_RELAY_HOST}" == "yes" ]] && _IS_RELAY_HOST=true
+[[ "${_IS_RELAY_HOST}" == "no" ]] && _IS_RELAY_HOST=false
 
 if [[ -z "$_LISTEN_ON_ADDITIONAL_RELAY_PORT" ]] ; then
    _LISTEN_ON_ADDITIONAL_RELAY_PORT=${DEFAULT_LISTEN_ON_ADDITIONAL_RELAY_PORT}
@@ -1080,6 +1082,7 @@ else
    cat <<EOF >> "${_file}"
 HELO_reject = SPF_Not_Pass
 EOF
+fi
 
 cat <<EOF >> "${_file}"
 
@@ -2143,9 +2146,24 @@ smtp_tls_security_level=dane
 smtpd_tls_loglevel = 1
 smtp_tls_loglevel = 1
 
+
+# TLS RSA keys path
 smtpd_tls_cert_file = $_TLS_CERT_FILE
 smtpd_tls_key_file = $_TLS_KEY_FILE
 
+EOF
+
+if [[ -f "/etc/postfix/ssl/mailserver-ecdsa.crt" &&
+      -f "/etc/postfix/ssl/mailserver-ecdsa.key" ]] ; then
+   cat <<EOF >> /etc/postfix/main.cf
+# TLS ECDSA keys path
+smtpd_tls_eccert_file = /etc/postfix/ssl/mailserver-ecdsa.crt
+smtpd_tls_eckey_file = /etc/postfix/ssl/mailserver-ecdsa.key
+
+EOF
+fi
+
+cat <<EOF >> /etc/postfix/main.cf
 
 ## - File with DH parameters that the Postfix SMTP server should use with EDH ciphers.
 ## -
@@ -2713,7 +2731,7 @@ EOF
 
 if [[ -n "$(which postfwd)" ]]  ; then
    cat <<EOF >> /etc/postfix/main.cf
-127.0.0.1:10040_time_limit = 3600
+#127.0.0.1:10040_time_limit = 3600
 EOF
 else
    cat <<EOF >> /etc/postfix/main.cf
@@ -2731,7 +2749,7 @@ if [[ -n "$(which policyd-spf)" ]]  ; then
 #  policyd-spf  unix  -       n       n       -       0       spawn
 #     user=policyd-spf argv=/usr/bin/policyd-spf
 #
-policyd-spf_time_limit = 3600
+#policyd-spf_time_limit = 3600
 EOF
 fi
 
@@ -3031,7 +3049,7 @@ else
 EOF
 fi
 
-if ${IS_SYMPA_LIST_SERVER} ; then
+if ${IS_SYMPA_LIST_SERVER} || ${IS_RELAY_HOST}; then
 
    cat <<EOF >> /etc/postfix/main.cf
 
@@ -4129,6 +4147,14 @@ else
    dmarc_pipe_present=false
 fi
 
+if ${LISTEN_ON_ADDITIONAL_RELAY_PORT} ; then
+   if grep -iq -E "^${ADDITIONAL_RELAY_LISTEN_PORT}\s+" $postfix_master_cf > /dev/null 2>&1 ; then
+      additional_relay_port_present=true
+   else
+      additional_relay_port_present=false
+   fi
+fi
+
 _found=false
 echononl "   Create new file \"${postfix_master_cf}\""
 if [[ -f "${postfix_master_cf}.$backup_date" ]]; then
@@ -4158,9 +4184,11 @@ smtps     inet  n       -       y       -       -       smtpd
 EOF
 				fi
          elif $LISTEN_ON_ADDITIONAL_RELAY_PORT ; then
-            cat >> $postfix_master_cf << EOF
+            if ! ${additional_relay_port_present} ; then
+               cat >> $postfix_master_cf << EOF
 ${ADDITIONAL_RELAY_LISTEN_PORT}      inet  n       -       y       -       -       smtpd
 EOF
+            fi
 			fi
 			continue
 		fi

install_postfixadmin.sh

@@ -2208,7 +2208,11 @@ fi
 
 echo -e "\n\n\t\033[37m\033[1mConfigure Postfix Admin\033[m\n"
 
-if [[ $MAJOR_VERSION -gt 3 ]] || [[ $MAJOR_VERSION -eq 3 ]] && [[ $MINOR_VERSION -gt 0 ]]; then
+if [[ $MAJOR_VERSION -gt 3 ]] ; then
+   pfa_conf_file="${WEBSITE_BASEDIR}/postfixadmin-${PF_ADMIN_VERSION}/config.local.php"
+   cp -a "${WEBSITE_BASEDIR}/postfixadmin-${PF_ADMIN_VERSION}/config.inc.php"  "$pfa_conf_file"
+
+elif [[ $MAJOR_VERSION -eq 3 ]] && [[ $MINOR_VERSION -gt 0 ]] ; then
    pfa_conf_file="${WEBSITE_BASEDIR}/postfixadmin-${PF_ADMIN_VERSION}/config.local.php"
    cp -a "${WEBSITE_BASEDIR}/postfixadmin-${PF_ADMIN_VERSION}/config.inc.php"  "$pfa_conf_file"
 else
@@ -2217,7 +2221,6 @@ else
 fi
 
 
-
 # - Use 'Re: $SUBJECT' as the default subject template for vacation
 # - in postfixadmin
 # -