Add option to block specific senders
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Simon Bruder 2019-08-01 12:04:30 +00:00
parent a62b58287e
commit fca6ae6360
6 changed files with 15 additions and 12 deletions

2
.gitignore vendored
View file

@ -1,4 +1,4 @@
aliases.d hotplug.d
docker-compose.yml docker-compose.yml
spool spool
vmail vmail

View file

@ -16,7 +16,7 @@ services:
- LDAP_USER=cn=readonly,dc=example,dc=com - LDAP_USER=cn=readonly,dc=example,dc=com
- LDAP_PASSWORD=v3rys3cur3 - LDAP_PASSWORD=v3rys3cur3
volumes: volumes:
- ./aliases.d:/etc/postfix/aliases.d - ./hotplug.d:/etc/postfix/hotplug.d
- ../web/certs/mail.example.com/:/tls/:ro - ../web/certs/mail.example.com/:/tls/:ro
- ./spool/postfix:/var/spool/postfix - ./spool/postfix:/var/spool/postfix
- dhparams:/etc/postfix/dh-params - dhparams:/etc/postfix/dh-params

View file

@ -11,6 +11,7 @@ RUN echo '' > /etc/postfix/main.cf \
&& postconf -e myorigin='$mydomain' \ && postconf -e myorigin='$mydomain' \
&& postconf -e mynetworks='127.0.0.0/8 [::1]/128' \ && postconf -e mynetworks='127.0.0.0/8 [::1]/128' \
&& postconf -e smtpd_recipient_restrictions=' \ && postconf -e smtpd_recipient_restrictions=' \
check_sender_access hash:/etc/postfix/access_sender, \
reject_non_fqdn_sender, \ reject_non_fqdn_sender, \
reject_non_fqdn_recipient, \ reject_non_fqdn_recipient, \
reject_unknown_sender_domain, \ reject_unknown_sender_domain, \
@ -51,7 +52,8 @@ RUN echo '' > /etc/postfix/main.cf \
&& postconf -e enable_long_queue_ids='yes' \ && postconf -e enable_long_queue_ids='yes' \
&& postconf -e strict_rfc821_envelopes='yes' \ && postconf -e strict_rfc821_envelopes='yes' \
&& postconf -e maillog_file='/dev/stdout' \ && postconf -e maillog_file='/dev/stdout' \
&& newaliases && newaliases \
&& touch /etc/postfix/access_sender
RUN cp -r /var/spool/postfix /var/spool/postfix-skel RUN cp -r /var/spool/postfix /var/spool/postfix-skel

View file

@ -24,7 +24,8 @@ if ! [ -e /var/spool/postfix/.initialized ]; then
touch /var/spool/postfix/.initialized touch /var/spool/postfix/.initialized
fi fi
map-virtual.sh c /etc/postfix/aliases.d/ virtual map-hotplug.sh c /etc/postfix/hotplug.d/ virtual
map-hotplug.sh c /etc/postfix/hotplug.d/ access_sender
inotifyd map-virtual.sh /etc/postfix/aliases.d/ & inotifyd map-hotplug.sh /etc/postfix/hotplug.d/ &
/usr/libexec/postfix/master -c /etc/postfix -d /usr/libexec/postfix/master -c /etc/postfix -d

7
postfix/scripts/map-hotplug.sh Executable file
View file

@ -0,0 +1,7 @@
#!/bin/sh
if [ "$1" == "c" ] && [ "$2" == "/etc/postfix/hotplug.d/" ] && ([ "$3" == "virtual" ] || [ "$3" == "access_sender" ]); then
cp "/etc/postfix/hotplug.d/$3" "/etc/postfix/$3"
chown root:root "/etc/postfix/$3"
postmap "/etc/postfix/$3"
echo "$(date +"%b %d %H:%M:%H"): remapped $3"
fi

View file

@ -1,7 +0,0 @@
#!/bin/sh
if [ "$1" == "c" ] && [ "$2" == "/etc/postfix/aliases.d/" ] && [ "$3" == "virtual" ]; then
cp /etc/postfix/aliases.d/virtual /etc/postfix/virtual
chown root:root /etc/postfix/virtual
postmap /etc/postfix/virtual
echo "$(date +"%b %d %H:%M:%H"): remapped virtual aliases"
fi