manager/install/postfix.go

package install

import "fmt"

const (
	postconf = "postconf"
)

func setPostfixVirtualMysql() error {
	if e := postfixSetConfig("virtual_alias_maps", "mysql:/etc/postfix/mysql/virtual_alias_maps.cf"); e != nil {
		return e
	}
	if e := postfixSetConfig("virtual_mailbox_domains", "mysql:/etc/postfix/mysql/virtual_domains_maps.cf"); e != nil {
		return e
	}
	if e := postfixSetConfig("virtual_mailbox_maps", "mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf"); e != nil {
		return e
	}
	return nil
}

func setPostfixConfigAll(hostname string) error {
	postfixSetConfig("compatibility_level", "2")
	postfixSetConfig("queue_directory", "/var/spool/postfix")
	postfixSetConfig("command_directory", "/usr/sbin")
	postfixSetConfig("daemon_directory", "/usr/libexec/postfix")
	postfixSetConfig("data_directory", "/var/lib/postfix")
	postfixSetConfig("mail_owner", "postfix")
	postfixSetConfig("myhostname", hostname)
	postfixSetConfig("mydomain", "")
	postfixSetConfig("myorigin", "$myhostname")
	postfixSetConfig("inet_interfaces", "all")
	postfixSetConfig("unknown_local_recipient_reject_code", "550")
	postfixSetConfig("mynetworks_style", "host")
	postfixSetConfig("alias_maps", "hash:/etc/aliases")
	postfixSetConfig("smtpd_banner", "$myhostname ESMTP $mail_name")
	postfixSetConfig("debug_peer_level", "2")
	postfixSetConfig("debugger_command", "PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5")
	postfixSetConfig("sendmail_path", "/usr/sbin/sendmail")
	postfixSetConfig("newaliases_path", "/usr/bin/newaliases")
	postfixSetConfig("mailq_path", "/usr/bin/mailq")
	postfixSetConfig("setgid_group", "postdrop")
	postfixSetConfig("html_directory", "no")
	postfixSetConfig("manpage_directory", "/usr/share/man")
	postfixSetConfig("readme_directory", "no")
	postfixSetConfig("inet_protocols", "ipv4,ipv6")
	postfixSetConfig("meta_directory", "/etc/postfix")
	postfixSetConfig("shlib_directory", "/usr/lib64/postfix/${mail_version}")
	postfixSetConfig("smtp_tls_session_cache_database", "btree:/var/lib/postfix/smtp_scache")
	postfixSetConfig("smtp_tls_security_level", "may")
	postfixSetConfig("tls_random_source", "dev:/dev/urandom")
	postfixSetConfig("smtp_tls_loglevel", "1")
	postfixSetConfig("smtpd_tls_loglevel", "1")
	postfixSetConfig("smtpd_tls_cert_file", fmt.Sprintf("/etc/letsencrypt/live/%s/fullchain.pem", hostname))
	postfixSetConfig("smtpd_tls_received_header", "yes")
	postfixSetConfig("smtpd_tls_security_level", "may")
	postfixSetConfig("smtpd_tls_key_file", fmt.Sprintf("/etc/letsencrypt/live/%s/privkey.pem", hostname))
	postfixSetConfig("append_dot_mydomain", "no")
	postfixSetConfig("biff", "no")
	postfixSetConfig("delay_warning_time", "4h")
	postfixSetConfig("smtpd_use_tls", "yes")
	postfixSetConfig("smtpd_tls_session_cache_database", "btree:/var/lib/postfix/smtpd_scache")
	postfixSetConfig("smtp_tls_session_cache_database", "btree:/var/lib/postfix/smtp_scache")
	postfixSetConfig("smtpd_tls_loglevel", "1")
	postfixSetConfig("smtpd_tls_auth_only", "yes")
	postfixSetConfig("mailbox_size_limit", "0")
	postfixSetConfig("recipient_delimiter", "+")
	postfixSetConfig("notify_classes", "resource, software")
	postfixSetConfig("error_notice_recipient", "info@icod.de")
	// postfixSetConfig("")
	return nil
}

func postfixSetConfig(key, value string) error {
	return runCmd(postconf, "-e", fmt.Sprintf("%s = %s", key, value))
}

/*

virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /srv/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_minimum_uid = 2000
virtual_uid_maps = static:2000
#dovecot_destination_recipient_limit = 1
virtual_transport = lmtp:unix:private/dovecot-lmtp

smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
broken_sasl_auth_clients = yes
message_size_limit = 40000000
home_mailbox = Maildir/
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname

smtp_use_tls = yes
smtpd_tls_received_header = yes
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1
smtp_tls_mandatory_protocols  = !SSLv2,!SSLv3,!TLSv1
smtpd_tls_protocols           = !SSLv2,!SSLv3,!TLSv1
smtp_tls_protocols            = !SSLv2,!SSLv3,!TLSv1
smtpd_tls_mandatory_ciphers = medium
tls_random_source = dev:/dev/urandom
smtpd_recipient_restrictions =
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_non_fqdn_sender,
        reject_unauth_pipelining,
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client bl.spamcop.net,

smtpd_helo_required = yes

smtpd_sender_restrictions =
        reject_unknown_sender_domain,
        check_sender_access pcre:/etc/postfix/access

smtpd_data_restrictions =
        reject_unauth_pipelining

smtpd_client_restrictions = permit_sasl_authenticated
#,reject_rbl_client localhost
#        check_client_access hash:/etc/postfix/client_access,

smtpd_milters     = inet:localhost:8891 inet:localhost:11332
non_smtpd_milters = inet:localhost:8891
milter_default_action = accept
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA
smtpd_tls_dh512_param_file = /etc/postfix/dhparams.pem
smtpd_tls_dh1024_param_file = /etc/postfix/dhparams.pem
*/
added some install files 2022-05-22 14:56:45 +02:00			`package install`

			`import "fmt"`

			`const (`
			`postconf = "postconf"`
			`)`

			`func setPostfixVirtualMysql() error {`
			`if e := postfixSetConfig("virtual_alias_maps", "mysql:/etc/postfix/mysql/virtual_alias_maps.cf"); e != nil {`
			`return e`
			`}`
			`if e := postfixSetConfig("virtual_mailbox_domains", "mysql:/etc/postfix/mysql/virtual_domains_maps.cf"); e != nil {`
			`return e`
			`}`
			`if e := postfixSetConfig("virtual_mailbox_maps", "mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf"); e != nil {`
			`return e`
			`}`
			`return nil`
			`}`

			`func setPostfixConfigAll(hostname string) error {`
			`postfixSetConfig("compatibility_level", "2")`
			`postfixSetConfig("queue_directory", "/var/spool/postfix")`
			`postfixSetConfig("command_directory", "/usr/sbin")`
			`postfixSetConfig("daemon_directory", "/usr/libexec/postfix")`
			`postfixSetConfig("data_directory", "/var/lib/postfix")`
			`postfixSetConfig("mail_owner", "postfix")`
			`postfixSetConfig("myhostname", hostname)`
			`postfixSetConfig("mydomain", "")`
			`postfixSetConfig("myorigin", "$myhostname")`
			`postfixSetConfig("inet_interfaces", "all")`
			`postfixSetConfig("unknown_local_recipient_reject_code", "550")`
			`postfixSetConfig("mynetworks_style", "host")`
			`postfixSetConfig("alias_maps", "hash:/etc/aliases")`
			`postfixSetConfig("smtpd_banner", "$myhostname ESMTP $mail_name")`
			`postfixSetConfig("debug_peer_level", "2")`
			`postfixSetConfig("debugger_command", "PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5")`
			`postfixSetConfig("sendmail_path", "/usr/sbin/sendmail")`
			`postfixSetConfig("newaliases_path", "/usr/bin/newaliases")`
			`postfixSetConfig("mailq_path", "/usr/bin/mailq")`
			`postfixSetConfig("setgid_group", "postdrop")`
			`postfixSetConfig("html_directory", "no")`
			`postfixSetConfig("manpage_directory", "/usr/share/man")`
			`postfixSetConfig("readme_directory", "no")`
			`postfixSetConfig("inet_protocols", "ipv4,ipv6")`
			`postfixSetConfig("meta_directory", "/etc/postfix")`
			`postfixSetConfig("shlib_directory", "/usr/lib64/postfix/${mail_version}")`
			`postfixSetConfig("smtp_tls_session_cache_database", "btree:/var/lib/postfix/smtp_scache")`
			`postfixSetConfig("smtp_tls_security_level", "may")`
			`postfixSetConfig("tls_random_source", "dev:/dev/urandom")`
			`postfixSetConfig("smtp_tls_loglevel", "1")`
			`postfixSetConfig("smtpd_tls_loglevel", "1")`
			`postfixSetConfig("smtpd_tls_cert_file", fmt.Sprintf("/etc/letsencrypt/live/%s/fullchain.pem", hostname))`
			`postfixSetConfig("smtpd_tls_received_header", "yes")`
			`postfixSetConfig("smtpd_tls_security_level", "may")`
			`postfixSetConfig("smtpd_tls_key_file", fmt.Sprintf("/etc/letsencrypt/live/%s/privkey.pem", hostname))`
			`postfixSetConfig("append_dot_mydomain", "no")`
			`postfixSetConfig("biff", "no")`
			`postfixSetConfig("delay_warning_time", "4h")`
			`postfixSetConfig("smtpd_use_tls", "yes")`
			`postfixSetConfig("smtpd_tls_session_cache_database", "btree:/var/lib/postfix/smtpd_scache")`
			`postfixSetConfig("smtp_tls_session_cache_database", "btree:/var/lib/postfix/smtp_scache")`
			`postfixSetConfig("smtpd_tls_loglevel", "1")`
			`postfixSetConfig("smtpd_tls_auth_only", "yes")`
			`postfixSetConfig("mailbox_size_limit", "0")`
			`postfixSetConfig("recipient_delimiter", "+")`
			`postfixSetConfig("notify_classes", "resource, software")`
			`postfixSetConfig("error_notice_recipient", "info@icod.de")`
			`// postfixSetConfig("")`
			`return nil`
			`}`

			`func postfixSetConfig(key, value string) error {`
			`return runCmd(postconf, "-e", fmt.Sprintf("%s = %s", key, value))`
			`}`

			`/*`

			`virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf`
			`virtual_gid_maps = static:2000`
			`virtual_mailbox_base = /srv/vmail`
			`virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual_domains_maps.cf`
			`virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf`
			`virtual_minimum_uid = 2000`
			`virtual_uid_maps = static:2000`
			`#dovecot_destination_recipient_limit = 1`
			`virtual_transport = lmtp:unix:private/dovecot-lmtp`

			`smtpd_sasl_auth_enable = yes`
			`smtpd_sasl_type = dovecot`
			`smtpd_sasl_path = private/auth`
			`broken_sasl_auth_clients = yes`
			`message_size_limit = 40000000`
			`home_mailbox = Maildir/`
			`smtpd_sasl_authenticated_header = yes`
			`smtpd_sasl_security_options = noanonymous`
			`smtpd_sasl_local_domain = $myhostname`

			`smtp_use_tls = yes`
			`smtpd_tls_received_header = yes`
			`smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1`
			`smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1`
			`smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1`
			`smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1`
			`smtpd_tls_mandatory_ciphers = medium`
			`tls_random_source = dev:/dev/urandom`
			`smtpd_recipient_restrictions =`
			`reject_unknown_sender_domain,`
			`reject_unknown_recipient_domain,`
			`reject_non_fqdn_sender,`
			`reject_unauth_pipelining,`
			`permit_mynetworks,`
			`permit_sasl_authenticated,`
			`reject_unauth_destination,`
			`reject_rbl_client cbl.abuseat.org,`
			`reject_rbl_client bl.spamcop.net,`

			`smtpd_helo_required = yes`

			`smtpd_sender_restrictions =`
			`reject_unknown_sender_domain,`
			`check_sender_access pcre:/etc/postfix/access`

			`smtpd_data_restrictions =`
			`reject_unauth_pipelining`

			`smtpd_client_restrictions = permit_sasl_authenticated`
			`#,reject_rbl_client localhost`
			`# check_client_access hash:/etc/postfix/client_access,`

			`smtpd_milters = inet:localhost:8891 inet:localhost:11332`
			`non_smtpd_milters = inet:localhost:8891`
			`milter_default_action = accept`
			`smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA`
			`smtpd_tls_dh512_param_file = /etc/postfix/dhparams.pem`
			`smtpd_tls_dh1024_param_file = /etc/postfix/dhparams.pem`
			`*/`