diff options
| -rwxr-xr-x | emailwiz.sh | 31 | 
1 files changed, 23 insertions, 8 deletions
| diff --git a/emailwiz.sh b/emailwiz.sh index 96f2bfd..86bffa4 100755 --- a/emailwiz.sh +++ b/emailwiz.sh @@ -16,9 +16,9 @@  # On installation of Postfix, select "Internet Site" and put in TLD (without before it mail.)  echo "Installing programs..." -apt install postfix dovecot-imapd opendkim spamassassin spamc +apt install postfix dovecot-imapd dovecot-sieve opendkim spamassassin spamc  # Install another requirement for opendikm only if the above command didn't get it already -[ -e $(which opendkim-genkey) ] || apt install opendkim-tools +[ which opendkim-genkey > /dev/null 2>&1 ] || apt install opendkim-tools  domain="$(cat /etc/mailname)"  subdom="mail"  maildomain="$subdom.$domain" @@ -96,7 +96,7 @@ ssl = required  ssl_cert = </etc/letsencrypt/live/$maildomain/fullchain.pem  ssl_key = </etc/letsencrypt/live/$maildomain/privkey.pem  # Plaintext login. This is safe and easy thanks to SSL. -auth_mechanisms = plain +auth_mechanisms = plain login cram-md5  protocols = \$protocols imap @@ -104,7 +104,12 @@ protocols = \$protocols imap  userdb {  	driver = passwd  } -# Use plain old PAM to find user passwords +# Use file with cram-md5 hashed passwords to find user passwords +passdb { +	driver = passwd-file +	args = scheme=cram-md5 /etc/cram-md5.pwd +} +#Fallback: Use plain old PAM to find user passwords  passdb {  	driver = pam  } @@ -170,6 +175,7 @@ if header :contains \"X-Spam-Flag\" \"YES\"  		fileinto \"Junk\";  	}" > /var/lib/dovecot/sieve/default.sieve +cut -d: -f1 /etc/passwd | grep ^vmail > /dev/null 2&>1 || useradd vmail  chown -R vmail:vmail /var/lib/dovecot  sievec /var/lib/dovecot/sieve/default.sieve @@ -211,15 +217,24 @@ grep ^KeyTable /etc/opendkim.conf >/dev/null || echo "KeyTable file:/etc/postfix  SigningTable refile:/etc/postfix/dkim/signingtable  InternalHosts refile:/etc/postfix/dkim/trustedhosts" >> /etc/opendkim.conf +sed -i '/^#Canonicalization/s/simple/relaxed\/simple/' /etc/opendkim.conf +sed -i '/^#Canonicalization/s/^#//' /etc/opendkim.conf + +sed -e '/Socket/s/^#*/#/' -i /etc/opendkim.conf +sed -i '/\local:\/var\/run\/opendkim\/opendkim.sock/a \Socket\t\t\tinet:12301@localhost' /etc/opendkim.conf +  # OpenDKIM daemon settings, removing previously activated socket. -sed -i "/^SOCKET/d" /etc/default/opendkim && echo "SOCKET=\"inet:8891@localhost\"" >> /etc/default/opendkim +sed -i "/^SOCKET/d" /etc/default/opendkim && echo "SOCKET=\"inet:12301@localhost\"" >> /etc/default/opendkim  # Here we add to postconf the needed settings for working with OpenDKIM  echo "Configuring Postfix with OpenDKIM settings..." +postconf -e "smtpd_sasl_security_options = noanonymous, noplaintext" +postconf -e "smtpd_sasl_tls_security_options = noanonymous" +postconf -e "myhostname = $maildomain"  postconf -e "milter_default_action = accept" -postconf -e "milter_protocol = 2" -postconf -e "smtpd_milters = inet:localhost:8891" -postconf -e "non_smtpd_milters = inet:localhost:8891" +postconf -e "milter_protocol = 6" +postconf -e "smtpd_milters = inet:localhost:12301" +postconf -e "non_smtpd_milters = inet:localhost:12301"  postconf -e "mailbox_command = /usr/lib/dovecot/deliver"  echo "Restarting Dovecot..." | 
