| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
|
2 |
|
| 3 |
###########################################################################################
|
3 |
###########################################################################################
|
| 4 |
## ALCASAR MAIL SERVICE CONFIGURATION
|
4 |
## ALCASAR MAIL SERVICE CONFIGURATION
|
| 5 |
##
|
5 |
##
|
| 6 |
## Script by K@M3L & T3RRY (LaPlateform), joss_p & Rexy
|
6 |
## Script by K@M3L & T3RRY (LaPlateforme.io), joss_p & Rexy
|
| 7 |
## This script configure PostFix
|
7 |
## This script configure PostFix
|
| 8 |
## 0 : no email autoregistration
|
8 |
## 0 : no email autoregistration
|
| 9 |
## 1 : PostFix is the SMTP server
|
9 |
## 1 : PostFix is the SMTP server
|
| 10 |
## 2 : PostFix relay to an other SMTP server
|
10 |
## 2 : PostFix relay to an other SMTP server
|
| 11 |
## 3 : PostFix use an external email address (with Cyrus-SASL)
|
11 |
## 3 : PostFix use an external email address (with Cyrus-SASL)
|
| 12 |
###########################################################################################
|
12 |
###########################################################################################
|
| 13 |
|
13 |
|
| 14 |
######################################################
|
14 |
######################################################
|
| 15 |
## Email configuration examples (mode = 3)
|
15 |
## Email configuration examples (mode = 3)
|
| 16 |
## common parameters : smtp_use_tls = yes, smtp_tls_security_level = encrypt, smtp_sasl_auth_enable = yes
|
16 |
## common parameters : smtp_use_tls = yes, smtp_tls_security_level = encrypt, smtp_sasl_auth_enable = yes
|
| 17 |
## common rules : 'myhostname' parameter should be the domain name of the sasl_email account
|
17 |
## common rules : 'myhostname' parameter should be the domain name of the sasl_email account
|
| 18 |
########## smtp.free.fr:465 (expose mechanisms : PLAIN LOGIN CRAM-MD5 DIGEST-MD5)
|
18 |
########## smtp.free.fr:465 (expose mechanisms : PLAIN LOGIN CRAM-MD5 DIGEST-MD5)
|
| 19 |
## smtp_sasl_security_option = noanonymous, relayhost = [smtp.free.fr]:465, smtp_tls_wrappermode = yes
|
19 |
## smtp_sasl_security_option = noanonymous, relayhost = [smtp.free.fr]:465, smtp_tls_wrappermode = yes
|
| 20 |
########## smtp.free.fr:587 (expose mechanismes
|
20 |
########## smtp.free.fr:587 (expose mechanismes
|
| 21 |
## smtp_sasl_security_option = noanonymous, relayhost = [smtp.free.fr]:587, smtp_tls_wrappermode = no, smtputf8_enable = no
|
21 |
## smtp_sasl_security_option = noanonymous, relayhost = [smtp.free.fr]:587, smtp_tls_wrappermode = no, smtputf8_enable = no
|
| 22 |
########## smtp.orange.fr:465 (expose mechanisms : LOGIN PLAIN)
|
22 |
########## smtp.orange.fr:465 (expose mechanisms : LOGIN PLAIN)
|
| 23 |
## smtp_sasl_security_option = noanonymous, relayhost = [smtp.orange.fr]:465, smtp_tls_wrappermode = yes, smtputf8_enable = no
|
23 |
## smtp_sasl_security_option = noanonymous, relayhost = [smtp.orange.fr]:465, smtp_tls_wrappermode = yes, smtputf8_enable = no
|
| 24 |
########## smtp.sfr.fr:465 (expose mechanisms : LOGIN PLAIN)
|
24 |
########## smtp.sfr.fr:465 (expose mechanisms : LOGIN PLAIN)
|
| 25 |
## smtp_sasl_security_option = noanonymous, relayhost = [smtp.sfr.fr]:465, smtp_tls_wrappermode = yes
|
25 |
## smtp_sasl_security_option = noanonymous, relayhost = [smtp.sfr.fr]:465, smtp_tls_wrappermode = yes
|
| 26 |
########## smtp.laposte.net:465 (expose mechanisms : LOGIN PLAIN)
|
26 |
########## smtp.laposte.net:465 (expose mechanisms : LOGIN PLAIN)
|
| 27 |
## smtp_sasl_security_option = noanonymous, relayhost = [laposte.net]:465, smtp_tls_wrappermode = yes
|
27 |
## smtp_sasl_security_option = noanonymous, relayhost = [laposte.net]:465, smtp_tls_wrappermode = yes
|
| 28 |
########## smtp.bbox.net:465 (expose mechanisms : LOGIN PLAIN)
|
28 |
########## smtp.bbox.net:465 (expose mechanisms : LOGIN PLAIN)
|
| 29 |
## smtp_sasl_security_option = noanonymous, relayhost = [laposte.net]:465, smtp_tls_wrappermode = yes
|
29 |
## smtp_sasl_security_option = noanonymous, relayhost = [laposte.net]:465, smtp_tls_wrappermode = yes
|
| 30 |
########## smtp.gmail.com:587 (expose mechanisms : LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH)
|
30 |
########## smtp.gmail.com:587 (expose mechanisms : LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH)
|
| 31 |
## smtp_sasl_security_option = noanonymous, relayhost = [gmail.com]:587, smtp_tls_wrappermode = no
|
31 |
## smtp_sasl_security_option = noanonymous, relayhost = [gmail.com]:587, smtp_tls_wrappermode = no
|
| 32 |
## In this case (gmail) the password must be an "application password" created via the gmail account manager (security tab)
|
32 |
## In this case (gmail) the password must be an "application password" created via the gmail account manager (security tab)
|
| 33 |
|
33 |
|
| 34 |
# ****** Paths *******
|
34 |
# ****** Paths *******
|
| 35 |
SED="/bin/sed -i"
|
35 |
SED="/bin/sed -i"
|
| 36 |
CONF_FILE="/usr/local/etc/alcasar.conf"
|
36 |
CONF_FILE="/usr/local/etc/alcasar.conf"
|
| 37 |
POSTFIX_CONF_FILE="/etc/postfix/main.cf"
|
37 |
POSTFIX_CONF_FILE="/etc/postfix/main.cf"
|
| 38 |
LOCAL_IPTABLE_FILE="/usr/local/etc/alcasar-iptables-local.sh"
|
38 |
LOCAL_IPTABLE_FILE="/usr/local/etc/alcasar-iptables-local.sh"
|
| 39 |
SASLPATH="/etc/postfix/sasl"
|
39 |
SASLPATH="/etc/postfix/sasl"
|
| 40 |
smtpIP="0.0.0.0/0"
|
40 |
smtpIP="0.0.0.0/0"
|
| 41 |
hostName=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2`
|
41 |
hostName=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2`
|
| 42 |
domainName=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
|
42 |
domainName=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
|
| 43 |
usage="Usage: alcasar-mail_install.sh -h|-0|-1|-2|-3"
|
43 |
usage="Usage: alcasar-mail_install.sh -h|-0|-1|-2|-3"
|
| 44 |
|
44 |
|
| 45 |
nb_args=$#
|
45 |
nb_args=$#
|
| 46 |
if [ $nb_args -eq 0 ]; then # apply alcasar.conf
|
46 |
if [ $nb_args -eq 0 ]; then # apply alcasar.conf
|
| 47 |
mail=`grep ^MAIL= $CONF_FILE|cut -d"=" -f2`
|
47 |
mail=`grep ^MAIL= $CONF_FILE|cut -d"=" -f2`
|
| 48 |
if [ "$mail" = "off" ]; then
|
48 |
if [ "$mail" = "off" ]; then
|
| 49 |
TYPE_MAIL=0
|
49 |
TYPE_MAIL=0
|
| 50 |
else
|
50 |
else
|
| 51 |
TYPE_MAIL=`grep ^MAIL_TYPE= $CONF_FILE|cut -d"=" -f2`
|
51 |
TYPE_MAIL=`grep ^MAIL_TYPE= $CONF_FILE|cut -d"=" -f2`
|
| 52 |
smtpPort=`grep ^MAIL_SMTP_PORT= $CONF_FILE|cut -d"=" -f2`
|
52 |
smtpPort=`grep ^MAIL_SMTP_PORT= $CONF_FILE|cut -d"=" -f2`
|
| 53 |
smtpIP=`grep ^MAIL_SMTP_IP= $CONF_FILE|cut -d"=" -f2`
|
53 |
smtpIP=`grep ^MAIL_SMTP_IP= $CONF_FILE|cut -d"=" -f2`
|
| 54 |
mailAddr=`grep ^MAIL_ADDR= $CONF_FILE|cut -d"=" -f2`
|
54 |
mailAddr=`grep ^MAIL_ADDR= $CONF_FILE|cut -d"=" -f2`
|
| 55 |
[ -e ${SASLPATH}/sasl_passwd ] && mailMdp=`cat $SASLPATH/sasl_passwd|cut -d":" -f3`
|
55 |
[ -e ${SASLPATH}/sasl_passwd ] && mailMdp=`cat $SASLPATH/sasl_passwd|cut -d":" -f3`
|
| 56 |
adminMail=`grep ^MAIL_ADMIN= $CONF_FILE|cut -d"=" -f2`
|
56 |
adminMail=`grep ^MAIL_ADMIN= $CONF_FILE|cut -d"=" -f2`
|
| 57 |
whiteDomain=`grep ^MAIL_WHITEDOMAIN= $CONF_FILE|cut -d"=" -f2`
|
57 |
whiteDomain=`grep ^MAIL_WHITEDOMAIN= $CONF_FILE|cut -d"=" -f2`
|
| 58 |
fi
|
58 |
fi
|
| 59 |
else # apply args
|
59 |
else # apply args
|
| 60 |
if [ "$1" = "-h" ] || [ "$1" = "--h" ]; then
|
60 |
if [ "$1" = "-h" ] || [ "$1" = "--h" ]; then
|
| 61 |
echo $usage
|
61 |
echo $usage
|
| 62 |
exit 0
|
62 |
exit 0
|
| 63 |
fi
|
63 |
fi
|
| 64 |
while getopts ":h:s:p:m:o:a:w:0123" option
|
64 |
while getopts ":h:s:p:m:o:a:w:0123" option
|
| 65 |
do
|
65 |
do
|
| 66 |
case $option in
|
66 |
case $option in
|
| 67 |
0)
|
67 |
0)
|
| 68 |
TYPE_MAIL=0
|
68 |
TYPE_MAIL=0
|
| 69 |
;;
|
69 |
;;
|
| 70 |
1)
|
70 |
1)
|
| 71 |
TYPE_MAIL=1
|
71 |
TYPE_MAIL=1
|
| 72 |
;;
|
72 |
;;
|
| 73 |
2)
|
73 |
2)
|
| 74 |
TYPE_MAIL=2
|
74 |
TYPE_MAIL=2
|
| 75 |
;;
|
75 |
;;
|
| 76 |
3)
|
76 |
3)
|
| 77 |
TYPE_MAIL=3
|
77 |
TYPE_MAIL=3
|
| 78 |
;;
|
78 |
;;
|
| 79 |
p)
|
79 |
p)
|
| 80 |
smtpPort=$OPTARG
|
80 |
smtpPort=$OPTARG
|
| 81 |
;;
|
81 |
;;
|
| 82 |
s)
|
82 |
s)
|
| 83 |
smtpIP=$OPTARG
|
83 |
smtpIP=$OPTARG
|
| 84 |
;;
|
84 |
;;
|
| 85 |
m)
|
85 |
m)
|
| 86 |
mailAddr=$OPTARG
|
86 |
mailAddr=$OPTARG
|
| 87 |
;;
|
87 |
;;
|
| 88 |
o)
|
88 |
o)
|
| 89 |
mailMdp=$OPTARG
|
89 |
mailMdp=$OPTARG
|
| 90 |
;;
|
90 |
;;
|
| 91 |
a)
|
91 |
a)
|
| 92 |
adminMail=$OPTARG
|
92 |
adminMail=$OPTARG
|
| 93 |
;;
|
93 |
;;
|
| 94 |
w)
|
94 |
w)
|
| 95 |
whiteDomain=$OPTARG
|
95 |
whiteDomain=$OPTARG
|
| 96 |
;;
|
96 |
;;
|
| 97 |
:)
|
97 |
:)
|
| 98 |
echo "L'option $OPTARG requiert un argument"
|
98 |
echo "L'option $OPTARG requiert un argument"
|
| 99 |
exit 1
|
99 |
exit 1
|
| 100 |
;;
|
100 |
;;
|
| 101 |
\?)
|
101 |
\?)
|
| 102 |
echo "$OPTARG : option invalide"
|
102 |
echo "$OPTARG : option invalide"
|
| 103 |
exit 1
|
103 |
exit 1
|
| 104 |
;;
|
104 |
;;
|
| 105 |
esac
|
105 |
esac
|
| 106 |
done
|
106 |
done
|
| 107 |
fi
|
107 |
fi
|
| 108 |
if [[ $TYPE_MAIL -eq 0 ]]; then # disable mail service
|
108 |
if [[ $TYPE_MAIL -eq 0 ]]; then # disable mail service
|
| 109 |
$SED "s/^MAIL=.*/MAIL=off/" $CONF_FILE
|
109 |
$SED "s/^MAIL=.*/MAIL=off/" $CONF_FILE
|
| 110 |
$SED "s/^MAIL_TYPE=.*/MAIL_TYPE=/" $CONF_FILE
|
110 |
$SED "s/^MAIL_TYPE=.*/MAIL_TYPE=/" $CONF_FILE
|
| 111 |
$SED "s/^MAIL_SMTP_IP=.*/MAIL_SMTP_IP=/" $CONF_FILE
|
111 |
$SED "s/^MAIL_SMTP_IP=.*/MAIL_SMTP_IP=/" $CONF_FILE
|
| 112 |
$SED "s/^MAIL_SMTP_PORT=.*/MAIL_SMTP_PORT=/" $CONF_FILE
|
112 |
$SED "s/^MAIL_SMTP_PORT=.*/MAIL_SMTP_PORT=/" $CONF_FILE
|
| 113 |
$SED "s/^MAIL_ADDR=.*/MAIL_ADDR=/" $CONF_FILE
|
113 |
$SED "s/^MAIL_ADDR=.*/MAIL_ADDR=/" $CONF_FILE
|
| 114 |
$SED "s/^MAIL_WHITEDOMAIN=.*/MAIL_WHITEDOMAIN=/" $CONF_FILE
|
114 |
$SED "s/^MAIL_WHITEDOMAIN=.*/MAIL_WHITEDOMAIN=/" $CONF_FILE
|
| 115 |
$SED "s/^MAIL_ADMIN=.*/MAIL_ADMIN=/" $CONF_FILE
|
115 |
$SED "s/^MAIL_ADMIN=.*/MAIL_ADMIN=/" $CONF_FILE
|
| 116 |
$SED "/^SMTP_IP=/ s/^/#/" $LOCAL_IPTABLE_FILE
|
116 |
$SED "/^SMTP_IP=/ s/^/#/" $LOCAL_IPTABLE_FILE
|
| 117 |
$SED "/^SMTP_PORT=/ s/^/#/" $LOCAL_IPTABLE_FILE
|
117 |
$SED "/^SMTP_PORT=/ s/^/#/" $LOCAL_IPTABLE_FILE
|
| 118 |
$SED "s/^\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/#\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -d \$SMTP_IP -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
118 |
$SED "s/^\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/#\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -d \$SMTP_IP -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 119 |
$SED "s/^\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/#\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -s \$SMTP_IP -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
119 |
$SED "s/^\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/#\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -s \$SMTP_IP -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 120 |
$SED "s/^relayhost =.*/relayhost =/" $POSTFIX_CONF_FILE
|
120 |
$SED "s/^relayhost =.*/relayhost =/" $POSTFIX_CONF_FILE
|
| 121 |
$SED "s/^smtp_tls_security_level =.*/smtp_tls_security_level = may/g" $POSTFIX_CONF_FILE
|
121 |
$SED "s/^smtp_tls_security_level =.*/smtp_tls_security_level = may/g" $POSTFIX_CONF_FILE
|
| 122 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = no/g" $POSTFIX_CONF_FILE
|
122 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = no/g" $POSTFIX_CONF_FILE
|
| 123 |
$SED "s/^myhostname =.*/myhostname = $hostName.$domainName/g" $POSTFIX_CONF_FILE
|
123 |
$SED "s/^myhostname =.*/myhostname = $hostName.$domainName/g" $POSTFIX_CONF_FILE
|
| 124 |
[ -e ${SASLPATH}/sasl_passwd ] && rm -f ${SASLPATH}/*
|
124 |
[ -e ${SASLPATH}/sasl_passwd ] && rm -f ${SASLPATH}/*
|
| 125 |
elif [[ $TYPE_MAIL -eq 1 ]]; then # Enable mail service (act as smtp server)
|
125 |
elif [[ $TYPE_MAIL -eq 1 ]]; then # Enable mail service (act as smtp server)
|
| 126 |
$SED "s/^MAIL=.*/MAIL=on/" $CONF_FILE
|
126 |
$SED "s/^MAIL=.*/MAIL=on/" $CONF_FILE
|
| 127 |
$SED "s/^MAIL_TYPE=.*/MAIL_TYPE=1/" $CONF_FILE
|
127 |
$SED "s/^MAIL_TYPE=.*/MAIL_TYPE=1/" $CONF_FILE
|
| 128 |
$SED "s/^MAIL_SMTP_IP=.*/MAIL_SMTP_IP=/" $CONF_FILE
|
128 |
$SED "s/^MAIL_SMTP_IP=.*/MAIL_SMTP_IP=/" $CONF_FILE
|
| 129 |
$SED "s/^MAIL_SMTP_PORT=.*/MAIL_SMTP_PORT=$smtpPort/" $CONF_FILE
|
129 |
$SED "s/^MAIL_SMTP_PORT=.*/MAIL_SMTP_PORT=$smtpPort/" $CONF_FILE
|
| 130 |
$SED "s/^MAIL_ADDR=.*/MAIL_ADDR=/" $CONF_FILE
|
130 |
$SED "s/^MAIL_ADDR=.*/MAIL_ADDR=/" $CONF_FILE
|
| 131 |
$SED "s/^MAIL_WHITEDOMAIN=.*/MAIL_WHITEDOMAIN=$whiteDomain/" $CONF_FILE
|
131 |
$SED "s/^MAIL_WHITEDOMAIN=.*/MAIL_WHITEDOMAIN=$whiteDomain/" $CONF_FILE
|
| 132 |
$SED "s/^MAIL_ADMIN=.*/MAIL_ADMIN=$adminMail/" $CONF_FILE
|
132 |
$SED "s/^MAIL_ADMIN=.*/MAIL_ADMIN=$adminMail/" $CONF_FILE
|
| 133 |
$SED "/^SMTP_IP=/ s/^/#/" $LOCAL_IPTABLE_FILE
|
133 |
$SED "/^SMTP_IP=/ s/^/#/" $LOCAL_IPTABLE_FILE
|
| 134 |
$SED "s/^SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
134 |
$SED "s/^SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
| 135 |
$SED "s/^\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
135 |
$SED "s/^\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 136 |
$SED "s/^\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
136 |
$SED "s/^\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 137 |
$SED "s/^#SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
137 |
$SED "s/^#SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
| 138 |
$SED "s/^#\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
138 |
$SED "s/^#\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 139 |
$SED "s/^#\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
139 |
$SED "s/^#\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 140 |
$SED "s/^relayhost =.*/relayhost =/" $POSTFIX_CONF_FILE
|
140 |
$SED "s/^relayhost =.*/relayhost =/" $POSTFIX_CONF_FILE
|
| 141 |
$SED "s/^smtp_tls_security_level =.*/smtp_tls_security_level = may/g" $POSTFIX_CONF_FILE
|
141 |
$SED "s/^smtp_tls_security_level =.*/smtp_tls_security_level = may/g" $POSTFIX_CONF_FILE
|
| 142 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = no/g" $POSTFIX_CONF_FILE
|
142 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = no/g" $POSTFIX_CONF_FILE
|
| 143 |
$SED "s/^myhostname =.*/myhostname = $hostName.$domainName/g" $POSTFIX_CONF_FILE
|
143 |
$SED "s/^myhostname =.*/myhostname = $hostName.$domainName/g" $POSTFIX_CONF_FILE
|
| 144 |
[ -e ${SASLPATH}/sasl_passwd ] && rm -f ${SASLPATH}/*
|
144 |
[ -e ${SASLPATH}/sasl_passwd ] && rm -f ${SASLPATH}/*
|
| 145 |
elif [[ $TYPE_MAIL -eq 2 ]]; then # Enable mail service (relaying to an extern mail server)
|
145 |
elif [[ $TYPE_MAIL -eq 2 ]]; then # Enable mail service (relaying to an extern mail server)
|
| 146 |
$SED "s/^MAIL=.*/MAIL=on/" $CONF_FILE
|
146 |
$SED "s/^MAIL=.*/MAIL=on/" $CONF_FILE
|
| 147 |
$SED "s/^MAIL_TYPE=.*/MAIL_TYPE=2/" $CONF_FILE
|
147 |
$SED "s/^MAIL_TYPE=.*/MAIL_TYPE=2/" $CONF_FILE
|
| 148 |
$SED "s/^MAIL_SMTP_IP=.*/MAIL_SMTP_IP=$smtpIP/" $CONF_FILE
|
148 |
$SED "s/^MAIL_SMTP_IP=.*/MAIL_SMTP_IP=$smtpIP/" $CONF_FILE
|
| 149 |
$SED "s/^MAIL_SMTP_PORT=.*/MAIL_SMTP_PORT=$smtpPort/" $CONF_FILE
|
149 |
$SED "s/^MAIL_SMTP_PORT=.*/MAIL_SMTP_PORT=$smtpPort/" $CONF_FILE
|
| 150 |
$SED "s/^MAIL_ADDR=.*/MAIL_ADDR=/" $CONF_FILE
|
150 |
$SED "s/^MAIL_ADDR=.*/MAIL_ADDR=/" $CONF_FILE
|
| 151 |
$SED "s/^MAIL_WHITEDOMAIN=.*/MAIL_WHITEDOMAIN=$whiteDomain/" $CONF_FILE
|
151 |
$SED "s/^MAIL_WHITEDOMAIN=.*/MAIL_WHITEDOMAIN=$whiteDomain/" $CONF_FILE
|
| 152 |
$SED "s/^MAIL_ADMIN=.*/MAIL_ADMIN=$adminMail/" $CONF_FILE
|
152 |
$SED "s/^MAIL_ADMIN=.*/MAIL_ADMIN=$adminMail/" $CONF_FILE
|
| 153 |
$SED "s/^SMTP_IP=.*/SMTP_IP=$smtpIP/" $LOCAL_IPTABLE_FILE
|
153 |
$SED "s/^SMTP_IP=.*/SMTP_IP=$smtpIP/" $LOCAL_IPTABLE_FILE
|
| 154 |
$SED "s/^SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
154 |
$SED "s/^SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
| 155 |
$SED "s/^\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -d \$SMTP_IP -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
155 |
$SED "s/^\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -d \$SMTP_IP -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 156 |
$SED "s/^\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -s \$SMTP_IP -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
156 |
$SED "s/^\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -s \$SMTP_IP -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 157 |
$SED "s/^#SMTP_IP=.*/SMTP_IP=$smtpIP/" $LOCAL_IPTABLE_FILE
|
157 |
$SED "s/^#SMTP_IP=.*/SMTP_IP=$smtpIP/" $LOCAL_IPTABLE_FILE
|
| 158 |
$SED "s/^#SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
158 |
$SED "s/^#SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
| 159 |
$SED "s/^#\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -d \$SMTP_IP -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
159 |
$SED "s/^#\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -d \$SMTP_IP -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 160 |
$SED "s/^#\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -s \$SMTP_IP -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
160 |
$SED "s/^#\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -s \$SMTP_IP -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 161 |
$SED "s/^relayhost =.*/relayhost = [$smtpIP]:$smtpPort/g" $POSTFIX_CONF_FILE
|
161 |
$SED "s/^relayhost =.*/relayhost = [$smtpIP]:$smtpPort/g" $POSTFIX_CONF_FILE
|
| 162 |
$SED "s/^smtp_tls_security_level =.*/smtp_tls_security_level = may/g" $POSTFIX_CONF_FILE
|
162 |
$SED "s/^smtp_tls_security_level =.*/smtp_tls_security_level = may/g" $POSTFIX_CONF_FILE
|
| 163 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = no/g" $POSTFIX_CONF_FILE
|
163 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = no/g" $POSTFIX_CONF_FILE
|
| 164 |
$SED "s/^myhostname =.*/myhostname = $hostName.$domainName/g" $POSTFIX_CONF_FILE
|
164 |
$SED "s/^myhostname =.*/myhostname = $hostName.$domainName/g" $POSTFIX_CONF_FILE
|
| 165 |
[ -e ${SASLPATH}/sasl_passwd ] && rm -f ${SASLPATH}/*
|
165 |
[ -e ${SASLPATH}/sasl_passwd ] && rm -f ${SASLPATH}/*
|
| 166 |
elif [[ $TYPE_MAIL -eq 3 ]]; then # Enable mail service (using an email address)
|
166 |
elif [[ $TYPE_MAIL -eq 3 ]]; then # Enable mail service (using an email address)
|
| 167 |
$SED "s/^MAIL=.*/MAIL=on/" $CONF_FILE
|
167 |
$SED "s/^MAIL=.*/MAIL=on/" $CONF_FILE
|
| 168 |
$SED "s/^MAIL_TYPE=.*/MAIL_TYPE=3/" $CONF_FILE
|
168 |
$SED "s/^MAIL_TYPE=.*/MAIL_TYPE=3/" $CONF_FILE
|
| 169 |
$SED "s/^MAIL_SMTP_IP=.*/MAIL_SMTP_IP=$smtpIP/" $CONF_FILE
|
169 |
$SED "s/^MAIL_SMTP_IP=.*/MAIL_SMTP_IP=$smtpIP/" $CONF_FILE
|
| 170 |
$SED "s/^MAIL_SMTP_PORT=.*/MAIL_SMTP_PORT=$smtpPort/" $CONF_FILE
|
170 |
$SED "s/^MAIL_SMTP_PORT=.*/MAIL_SMTP_PORT=$smtpPort/" $CONF_FILE
|
| 171 |
$SED "s/^MAIL_ADDR=.*/MAIL_ADDR=$mailAddr/" $CONF_FILE
|
171 |
$SED "s/^MAIL_ADDR=.*/MAIL_ADDR=$mailAddr/" $CONF_FILE
|
| 172 |
$SED "s/^MAIL_WHITEDOMAIN=.*/MAIL_WHITEDOMAIN=$whiteDomain/" $CONF_FILE
|
172 |
$SED "s/^MAIL_WHITEDOMAIN=.*/MAIL_WHITEDOMAIN=$whiteDomain/" $CONF_FILE
|
| 173 |
$SED "s/^MAIL_ADMIN=.*/MAIL_ADMIN=$adminMail/" $CONF_FILE
|
173 |
$SED "s/^MAIL_ADMIN=.*/MAIL_ADMIN=$adminMail/" $CONF_FILE
|
| 174 |
$SED "s/^SMTP_IP=.*/SMTP_IP=$smtpIP/" $LOCAL_IPTABLE_FILE
|
174 |
$SED "s/^SMTP_IP=.*/SMTP_IP=$smtpIP/" $LOCAL_IPTABLE_FILE
|
| 175 |
$SED "s/^SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
175 |
$SED "s/^SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
| 176 |
$SED "s/^\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
176 |
$SED "s/^\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 177 |
$SED "s/^\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
177 |
$SED "s/^\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 178 |
$SED "s/^#SMTP_IP=.*/SMTP_IP=$smtpIP/" $LOCAL_IPTABLE_FILE
|
178 |
$SED "s/^#SMTP_IP=.*/SMTP_IP=$smtpIP/" $LOCAL_IPTABLE_FILE
|
| 179 |
$SED "s/^#SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
179 |
$SED "s/^#SMTP_PORT=.*/SMTP_PORT=$smtpPort/" $LOCAL_IPTABLE_FILE
|
| 180 |
$SED "s/^#\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
180 |
$SED "s/^#\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT.*/\$IPTABLES -A OUTPUT -p tcp --dport \$SMTP_PORT -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 181 |
$SED "s/^#\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
181 |
$SED "s/^#\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT.*/\$IPTABLES -A INPUT -p tcp --sport \$SMTP_PORT -m conntrack --ctstate ESTABLISHED -j ACCEPT/" $LOCAL_IPTABLE_FILE
|
| 182 |
$SED "s/^relayhost =.*/relayhost = [$smtpIP]:$smtpPort/g" $POSTFIX_CONF_FILE
|
182 |
$SED "s/^relayhost =.*/relayhost = [$smtpIP]:$smtpPort/g" $POSTFIX_CONF_FILE
|
| 183 |
$SED "s/^smtp_tls_security_level =.*/smtp_tls_security_level = encrypt/g" $POSTFIX_CONF_FILE
|
183 |
$SED "s/^smtp_tls_security_level =.*/smtp_tls_security_level = encrypt/g" $POSTFIX_CONF_FILE
|
| 184 |
if [ "$smtpPort" = "465" ]; then # wrappermode is madatory only if port = 465
|
184 |
if [ "$smtpPort" = "465" ]; then # wrappermode is madatory only if port = 465
|
| 185 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = yes/g" $POSTFIX_CONF_FILE
|
185 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = yes/g" $POSTFIX_CONF_FILE
|
| 186 |
else
|
186 |
else
|
| 187 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = no/g" $POSTFIX_CONF_FILE
|
187 |
$SED "s/^smtp_tls_wrappermode =.*/smtp_tls_wrappermode = no/g" $POSTFIX_CONF_FILE
|
| 188 |
fi
|
188 |
fi
|
| 189 |
$SED "s/^myhostname =.*/myhostname = alcasar.net/g" $POSTFIX_CONF_FILE # use the alcasar domain name to avoid extern smtp servers reject
|
189 |
$SED "s/^myhostname =.*/myhostname = alcasar.net/g" $POSTFIX_CONF_FILE # use the alcasar domain name to avoid extern smtp servers reject
|
| 190 |
[ -d ${SASLPATH} ] || mkdir ${SASLPATH}
|
190 |
[ -d ${SASLPATH} ] || mkdir ${SASLPATH}
|
| 191 |
echo "[${smtpIP}]:${smtpPort} ${mailAddr}:${mailMdp}" > ${SASLPATH}/sasl_passwd
|
191 |
echo "[${smtpIP}]:${smtpPort} ${mailAddr}:${mailMdp}" > ${SASLPATH}/sasl_passwd
|
| 192 |
postmap ${SASLPATH}/sasl_passwd
|
192 |
postmap ${SASLPATH}/sasl_passwd
|
| 193 |
chmod -R 644 ${SASLPATH}
|
193 |
chmod -R 644 ${SASLPATH}
|
| 194 |
chown root:root ${SASLPATH}/sasl_passwd*
|
194 |
chown root:root ${SASLPATH}/sasl_passwd*
|
| 195 |
chmod 0600 ${SASLPATH}/sasl_passwd*
|
195 |
chmod 0600 ${SASLPATH}/sasl_passwd*
|
| 196 |
else
|
196 |
else
|
| 197 |
echo "Erreur ! Aucun type de messagerie sélectionné !"
|
197 |
echo "Erreur ! Aucun type de messagerie sélectionné !"
|
| 198 |
exit 0
|
198 |
exit 0
|
| 199 |
fi
|
199 |
fi
|
| 200 |
/usr/local/bin/alcasar-iptables.sh
|
200 |
/usr/local/bin/alcasar-iptables.sh
|
| 201 |
systemctl restart postfix.service
|
201 |
systemctl restart postfix.service
|
| 202 |
exit 0
|
202 |
exit 0
|
| 203 |
|
203 |
|