* Thu Apr 25 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-8.sme
- add listening deamon on submission port 587 [SME: 6510] - move qpsmtpd daemons to full systemd supervision [SME: 12615] - separate configuration for the 3 qpsmtpd daemons [SME: 12451] increase default TLS version on u/sqpsmtpd as auth is required - increase Softlimit to 150M [SME: 12638] - remove old qmail templates [SME: 9492] template for /var/qmail/control/{badrcptto,badmailfrom,rcpthosts} also import template for config/badmailfrom from smeserver-wbl TODO organize peers content for u and s qpsmtpd TODO check if more config modules needs per service config
This commit is contained in:
parent
2f7fb945df
commit
5b40bfd4f1
119
createlinks
119
createlinks
@ -2,7 +2,7 @@
|
||||
|
||||
use esmith::Build::CreateLinks qw(:all);
|
||||
|
||||
foreach $event (qw(
|
||||
foreach my $event (qw(
|
||||
email-update
|
||||
domain-modify
|
||||
domain-create
|
||||
@ -15,39 +15,6 @@ foreach $event (qw(
|
||||
}
|
||||
|
||||
my $service = "/var/service/qpsmtpd";
|
||||
|
||||
foreach $event (qw(
|
||||
network-create
|
||||
network-delete
|
||||
smeserver-qpsmtpd-update
|
||||
))
|
||||
{
|
||||
templates2events("$service/config/relayclients", $event);
|
||||
}
|
||||
|
||||
foreach $event (qw(
|
||||
bootstrap-console-save
|
||||
console-save
|
||||
email-update
|
||||
network-create
|
||||
network-delete
|
||||
smeserver-qpsmtpd-update
|
||||
))
|
||||
{
|
||||
templates2events("$service/peers/0", $event);
|
||||
templates2events("$service/peers/local", $event);
|
||||
|
||||
templates2events("$service/config/peers/0", $event);
|
||||
templates2events("$service/config/peers/local", $event);
|
||||
}
|
||||
|
||||
templates2events("$service/runenv", qw(
|
||||
bootstrap-console-save
|
||||
console-save
|
||||
email-update
|
||||
smeserver-qpsmtpd-update
|
||||
));
|
||||
|
||||
templates2events("$service/ssl/cert.pem", qw(
|
||||
bootstrap-console-save
|
||||
console-save
|
||||
@ -67,42 +34,29 @@ templates2events($_, qw(
|
||||
/home/e-smith/dkim_keys/default/selector
|
||||
));
|
||||
|
||||
my $secure_service = "/var/service/sqpsmtpd";
|
||||
#### start do this for qpsmtpd /sqpsmtpd/ uqpsmtpd
|
||||
for my $daemon ( qw(qpsmtpd sqpsmtpd uqpsmtpd) )
|
||||
{
|
||||
$service = "/var/service/$daemon";
|
||||
my $config = "$service/config"
|
||||
|
||||
templates2events("$secure_service/runenv", qw(
|
||||
foreach $event (qw(
|
||||
bootstrap-console-save
|
||||
console-save
|
||||
email-update
|
||||
network-create
|
||||
network-delete
|
||||
smeserver-qpsmtpd-update
|
||||
));
|
||||
))
|
||||
{
|
||||
templates2events("$service/peers/0", $event);
|
||||
templates2events("$service/peers/local", $event);
|
||||
|
||||
my $control = "/var/qmail/control";
|
||||
templates2events("$control/badmailfrom", qw(
|
||||
bootstrap-console-save
|
||||
console-save
|
||||
email-update
|
||||
smeserver-qpsmtpd-update
|
||||
));
|
||||
templates2events("$control/badrcptto", qw(
|
||||
bootstrap-console-save
|
||||
console-save
|
||||
email-update
|
||||
domain-create
|
||||
domain-delete
|
||||
user-create
|
||||
user-delete
|
||||
user-modify
|
||||
group-create
|
||||
group-delete
|
||||
group-modify
|
||||
pseudonym-create
|
||||
pseudonym-delete
|
||||
pseudonym-modify
|
||||
smeserver-qpsmtpd-update
|
||||
));
|
||||
templates2events("$service/config/peers/0", $event);
|
||||
templates2events("$service/config/peers/local", $event);
|
||||
}
|
||||
|
||||
my $config = "/var/service/qpsmtpd/config";
|
||||
templates2events("$config/$_", qw(
|
||||
templates2events("$config/$_", qw(
|
||||
bootstrap-console-save
|
||||
console-save
|
||||
email-update
|
||||
@ -113,6 +67,7 @@ templates2events("$config/$_", qw(
|
||||
badhelo
|
||||
badrcptto
|
||||
badrcptto_ext
|
||||
badmailfrom
|
||||
dnsbl_zones
|
||||
dnsbl_allow
|
||||
uribl_zones
|
||||
@ -133,7 +88,8 @@ templates2events("$config/$_", qw(
|
||||
tls_ciphers
|
||||
tls_protocols
|
||||
));
|
||||
templates2events("$config/badrcptto_ext", qw(
|
||||
|
||||
templates2events("$config/badrcptto_ext", qw(
|
||||
domain-create
|
||||
domain-delete
|
||||
user-create
|
||||
@ -148,7 +104,13 @@ templates2events("$config/badrcptto_ext", qw(
|
||||
smeserver-qpsmtpd-update
|
||||
));
|
||||
|
||||
templates2events("$config/$_", qw(
|
||||
templates2events("$config/relayclients", qw(
|
||||
network-create
|
||||
network-delete
|
||||
smeserver-qpsmtpd-update
|
||||
));
|
||||
|
||||
templates2events("$config/$_", qw(
|
||||
ssl-update
|
||||
smeserver-qpsmtpd-update
|
||||
))
|
||||
@ -158,9 +120,9 @@ templates2events("$config/$_", qw(
|
||||
tls_protocols
|
||||
));
|
||||
|
||||
templates2events("$config/badhelo", 'ip-change');
|
||||
templates2events("$config/badhelo", 'ip-change');
|
||||
|
||||
templates2events("$config/goodrcptto", qw(
|
||||
templates2events("$config/goodrcptto", qw(
|
||||
bootstrap-console-save
|
||||
email-update
|
||||
domain-create
|
||||
@ -177,8 +139,8 @@ templates2events("$config/goodrcptto", qw(
|
||||
smeserver-qpsmtpd-update
|
||||
));
|
||||
|
||||
safe_touch("root/etc/e-smith/templates/$config/forcespamcheck/template-begin");
|
||||
templates2events("$config/forcespamcheck", qw(
|
||||
safe_touch("root/etc/e-smith/templates/$config/forcespamcheck/template-begin");
|
||||
templates2events("$config/forcespamcheck", qw(
|
||||
bootstrap-console-save
|
||||
email-update
|
||||
domain-create
|
||||
@ -196,25 +158,34 @@ templates2events("$config/forcespamcheck", qw(
|
||||
));
|
||||
|
||||
|
||||
|
||||
for my $daemon ( qw(qpsmtpd sqpsmtpd) )
|
||||
{
|
||||
safe_symlink("sighup",
|
||||
safe_symlink("restart",
|
||||
"root/etc/e-smith/events/email-update/services2adjust/$daemon");
|
||||
safe_symlink("sighup",
|
||||
"root/etc/e-smith/events/ssl-update/services2adjust/$daemon");
|
||||
|
||||
for my $event (qw(smeserver-qpsmtpd-update email-update console-save bootstrap-console-save post-install post-upgrade) )
|
||||
{
|
||||
templates2events("/usr/lib/systemd/system/$daemon.service.d/50koozali.conf", $event);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
#######end of per config dir
|
||||
|
||||
for my $event ( qw(network-create network-delete) )
|
||||
{
|
||||
safe_symlink("sigusr1",
|
||||
"root/etc/e-smith/events/$event/services2adjust/qpsmtpd");
|
||||
safe_symlink("sigusr1",
|
||||
"root/etc/e-smith/events/$event/services2adjust/sqpsmtpd");
|
||||
safe_symlink("sigusr1",
|
||||
"root/etc/e-smith/events/$event/services2adjust/uqpsmtpd");
|
||||
}
|
||||
|
||||
|
||||
my $event = 'smeserver-qpsmtpd-update';
|
||||
safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/qpsmtpd");
|
||||
safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/sqpsmtpd");
|
||||
safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/uqpsmtpd")
|
||||
templates2events("/etc/systemd/system-preset/49-koozali.preset", $event);
|
||||
event_link("systemd-reload", $event, "89");
|
||||
event_link("systemd-default", $event, "88");
|
||||
|
@ -0,0 +1 @@
|
||||
enabled
|
@ -0,0 +1 @@
|
||||
10
|
@ -0,0 +1 @@
|
||||
587
|
@ -0,0 +1 @@
|
||||
public
|
@ -0,0 +1 @@
|
||||
enabled
|
1
root/etc/e-smith/db/configuration/defaults/upqsmtpd/type
Normal file
1
root/etc/e-smith/db/configuration/defaults/upqsmtpd/type
Normal file
@ -0,0 +1 @@
|
||||
service
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/IP"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/badhelo"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/badmailfrom"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/badrcptto"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/badrcptto_ext"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/dnsbl_allow"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/dnsbl_zones"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/forcespamcheck"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/goodrcptto"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/invalid_resolvable_fromhost"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/loglevel"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/memory_threshold"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/norelayclients"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/plugin_dirs"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1 @@
|
||||
OUTPUT_FILENAME="/var/service/sqpsmtpd/config/peers/0"
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/relayclients"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/rhsbl_zones"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/signatures_patterns"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/smtpgreeting"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/spool_dir"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/subject_prefix"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/timeout"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/timeoutsmtpd"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/uribl_zones"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,2 @@
|
||||
PERMS=use esmith::ConfigDB; (esmith::ConfigDB->open_ro->get('qpsmtpd')->prop('access') eq "private") ? "000" : "0644"
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/peers/0"
|
@ -0,0 +1,2 @@
|
||||
PERMS=use esmith::ConfigDB; (esmith::ConfigDB->open_ro->get('qpsmtpd')->prop('status') eq "enabled") ? "0644" : "0000"
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/peers/locals"
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/home/e-smith/ssl.pem"
|
||||
OUTPUT_FILENAME="/var/service/qpsmtpd/ssl/cert.pem"
|
||||
GID="qpsmtpd"
|
||||
PERMS=0640
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/IP"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/badhelo"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/badmailfrom"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/badrcptto"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/badrcptto_ext"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/dnsbl_allow"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/dnsbl_zones"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/forcespamcheck"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/goodrcptto"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/invalid_resolvable_fromhost"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/loglevel"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/memory_threshold"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/norelayclients"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/plugin_dirs"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1 @@
|
||||
OUTPUT_FILENAME="/var/service/uqpsmtpd/config/peers/0"
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/relayclients"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/rhsbl_zones"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/signatures_patterns"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/smtpgreeting"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/spool_dir"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/subject_prefix"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/timeout"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/timeoutsmtpd"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/config/uribl_zones"
|
||||
UID="root"
|
||||
GID="root"
|
||||
PERMS=0644
|
@ -0,0 +1,2 @@
|
||||
PERMS=use esmith::ConfigDB; (esmith::ConfigDB->open_ro->get('uqpsmtpd')->prop('access') eq "private") ? "000" : "0644"
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/peers/0"
|
@ -0,0 +1,2 @@
|
||||
PERMS=use esmith::ConfigDB; (esmith::ConfigDB->open_ro->get('uqpsmtpd')->prop('status') eq "enabled") ? "0644" : "0000"
|
||||
TEMPLATE_PATH="/var/service/qpsmtpd/peers/locals"
|
@ -0,0 +1,4 @@
|
||||
TEMPLATE_PATH="/home/e-smith/ssl.pem"
|
||||
OUTPUT_FILENAME="/var/service/qpsmtpd/ssl/cert.pem"
|
||||
GID="qpsmtpd"
|
||||
PERMS=0640
|
10
root/etc/e-smith/templates/etc/rsyslog.conf/32qpsmtpd
Normal file
10
root/etc/e-smith/templates/etc/rsyslog.conf/32qpsmtpd
Normal file
@ -0,0 +1,10 @@
|
||||
#qpsmtpd
|
||||
:programname, startswith, "qpsmtpd" /var/log/qpsmtpd/qpsmtpd.log
|
||||
& stop
|
||||
:programname, startswith, "sqpsmtpd" /var/log/sqpsmtpd/sqpsmtpd.log
|
||||
& stop
|
||||
:programname, startswith, "uqpsmtpd" /var/log/uqpsmtpd/uqpsmtpd.log
|
||||
& stop
|
||||
|
||||
|
||||
|
@ -0,0 +1,14 @@
|
||||
[Service]
|
||||
LimitDATA={$qpsmtpd{Softlimit} || "150000000"}
|
||||
LimitSTACK={$qpsmtpd{Softlimit} || "150000000"}
|
||||
LimitMEMLOCK={$qpsmtpd{Softlimit} || "150000000"}
|
||||
Environment=
|
||||
Environment={
|
||||
$OUT = "QPSMTPD_CONFIG=/var/service/qpsmtpd/config";
|
||||
$OUT .= " PORT=". ($qpsmtpd{TCPPort} || "25");
|
||||
$OUT .= " INSTANCES=" . ($qpsmtpd{Instances} || "40");
|
||||
$OUT .= " INSTANCES_PER_IP=" . ($qpsmtpd{InstancesPerIP} || "5");
|
||||
$OUT .= " PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin";
|
||||
$OUT .= " TCPLOCALHOST=$SystemName.$DomainName";
|
||||
}
|
||||
|
@ -0,0 +1,14 @@
|
||||
[Service]
|
||||
LimitDATA={$sqpsmtpd{Softlimit} || $qpsmtpd{Softlimit} || "150000000"}
|
||||
LimitSTACK={$sqpsmtpd{Softlimit} || $qpsmtpd{Softlimit} || "150000000"}
|
||||
LimitMEMLOCK={$sqpsmtpd{Softlimit} || $qpsmtpd{Softlimit} || "150000000"}
|
||||
Environment=
|
||||
Environment={
|
||||
$OUT = "QPSMTPD_CONFIG=/var/service/sqpsmtpd/config";
|
||||
$OUT .= " PORT=". ($sqpsmtpd{TCPPort} || "465");
|
||||
$OUT .= " INSTANCES=" . ($sqpsmtpd{Instances} || $qpsmtpd{Instances} || "40");
|
||||
$OUT .= " INSTANCES_PER_IP=" . ($sqpsmtpd{InstancesPerIP} || $qpsmtpd{InstancesPerIP} ||"5");
|
||||
$OUT .= " PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin";
|
||||
$OUT .= " TCPLOCALHOST=$SystemName.$DomainName";
|
||||
}
|
||||
|
@ -0,0 +1,14 @@
|
||||
[Service]
|
||||
LimitDATA={$uqpsmtpd{Softlimit} || $qpsmtpd{Softlimit} || "150000000"}
|
||||
LimitSTACK={$uqpsmtpd{Softlimit} || $qpsmtpd{Softlimit} || "150000000"}
|
||||
LimitMEMLOCK={$uqpsmtpd{Softlimit} || $qpsmtpd{Softlimit} || "150000000"}
|
||||
Environment=
|
||||
Environment={
|
||||
$OUT = "QPSMTPD_CONFIG=/var/service/uqpsmtpd/config";
|
||||
$OUT .= " PORT=". ($uqpsmtpd{TCPPort} || "587");
|
||||
$OUT .= " INSTANCES=" . ($uqpsmtpd{Instances} || $qpsmtpd{Instances} || "40");
|
||||
$OUT .= " INSTANCES_PER_IP=" . ($uqpsmtpd{InstancesPerIP} || $qpsmtpd{InstancesPerIP} ||"5");
|
||||
$OUT .= " PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin";
|
||||
$OUT .= " TCPLOCALHOST=$SystemName.$DomainName";
|
||||
}
|
||||
|
@ -1,9 +0,0 @@
|
||||
{
|
||||
require esmith::AccountsDB;
|
||||
require esmith::DomainsDB;
|
||||
|
||||
%Accounts = esmith::AccountsDB->as_hash;
|
||||
%Domains = esmith::DomainsDB->as_hash;
|
||||
|
||||
"";
|
||||
}
|
@ -1,16 +0,0 @@
|
||||
{
|
||||
foreach my $account ( keys %Accounts )
|
||||
{
|
||||
next unless ( exists $Accounts{$account}{Visible}
|
||||
and $Accounts{$account}{Visible} eq "internal" );
|
||||
|
||||
$OUT .= "$account\n";
|
||||
$OUT .= "$account\@$DomainName\n";
|
||||
|
||||
foreach my $domain ( keys %Domains )
|
||||
{
|
||||
next unless $Domains{$domain}{type} eq "domain";
|
||||
$OUT .= "$account\@$domain\n";
|
||||
}
|
||||
}
|
||||
}
|
@ -1,14 +0,0 @@
|
||||
{
|
||||
use esmith::DomainsDB;
|
||||
|
||||
my $ddb = esmith::DomainsDB->open_ro or die "Couldn't open DomainsDB\n";
|
||||
|
||||
my @rcpt_hosts = ( "$SystemName.$DomainName" );
|
||||
|
||||
foreach my $domain ( $ddb->get_all_by_prop( type => "domain" ) )
|
||||
{
|
||||
push @rcpt_hosts, $domain->key;
|
||||
}
|
||||
|
||||
$OUT = join "\n", @rcpt_hosts;
|
||||
}
|
@ -1,5 +0,0 @@
|
||||
{
|
||||
return "" unless (defined $ExternalIP);
|
||||
|
||||
return "[$ExternalIP]";
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
{
|
||||
$OUT .= '';
|
||||
foreach my $alias ( $a->users, $a->groups, $a->pseudonyms ){
|
||||
foreach my $alias ( $a->users, $a->groups, $a->pseudonyms, $a->get_all_by_prop(type =>"system") ){
|
||||
next unless ( $alias->prop('Visible') || '') =~ m/^(internal|none)$/i;
|
||||
|
||||
$OUT .= $alias->key . "\n" and next if $alias->key =~ m/@/;
|
||||
|
@ -5,4 +5,5 @@ $OUT .= ':!SSLv3' unless ($qpsmtpd{SSLv3} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1' unless ($qpsmtpd{TLSv1} || 'enabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.1' unless ($qpsmtpd{TLSv1.1} || 'enabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.2' unless ($qpsmtpd{TLSv1.2} || 'enabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.3' unless ($qpsmtpd{TLSv1.3} || 'enabled') eq 'enabled';
|
||||
}
|
||||
|
@ -0,0 +1,2 @@
|
||||
# The next line should be set to 0 if you want to offer AUTH without TLS
|
||||
1
|
@ -0,0 +1,5 @@
|
||||
{
|
||||
# When updating CipherSuite both e-smith-apache and smeserver-qpsmtpd templates should be updated.
|
||||
return $sqpsmtpd{tlsCipher} || $uqpsmtpd{tlsCipher} ||$modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4';
|
||||
}
|
||||
|
@ -0,0 +1,9 @@
|
||||
{
|
||||
$OUT .= 'SSLv23';
|
||||
$OUT .= ':!SSLv2' unless ($sqpsmtpd{SSLv2} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!SSLv3' unless ($sqpsmtpd{SSLv3} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1' unless ($sqpsmtpd{TLSv1} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.1' unless ($sqpsmtpd{TLSv1.1} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.2' unless ($sqpsmtpd{TLSv1.2} || 'enabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.3' unless ($sqpsmtpd{TLSv1.3} || 'enabled') eq 'enabled';
|
||||
}
|
@ -1,4 +0,0 @@
|
||||
# This templated file is sourced by the sqpsmtpd run
|
||||
# file. Shell variables can be set here for use by the run
|
||||
# script, or environment variables can be exported for use
|
||||
# by sqpsmtpd.
|
@ -1,3 +0,0 @@
|
||||
{
|
||||
return "INSTANCES=" . ($sqpsmtpd{Instances} || $qpsmtpd{Instances} || "10");
|
||||
}
|
@ -1,4 +0,0 @@
|
||||
{
|
||||
return "INSTANCES_PER_IP=" .
|
||||
($sqpsmtpd{InstancesPerIP} || $qpsmtpd{InstancesPerIP} || "5");
|
||||
}
|
@ -1 +0,0 @@
|
||||
export PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin
|
@ -1,3 +0,0 @@
|
||||
{
|
||||
return "export PORT=" . (${sqpsmtpd}{TCPPort} || "465");
|
||||
}
|
@ -1,3 +0,0 @@
|
||||
{
|
||||
return "SOFTLIMIT=" . ($sqpsmtpd{Softlimit} || $qpsmtpd{Softlimit} || "50000000");
|
||||
}
|
@ -1,3 +0,0 @@
|
||||
{
|
||||
return "export TCPLOCALHOST=$SystemName.$DomainName";
|
||||
}
|
@ -0,0 +1,2 @@
|
||||
# The next line should be set to 0 if you want to offer AUTH without TLS
|
||||
1
|
@ -0,0 +1,5 @@
|
||||
{
|
||||
# When updating CipherSuite both e-smith-apache and smeserver-qpsmtpd templates should be updated.
|
||||
return $uqpsmtpd{tlsCipher} || $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4';
|
||||
}
|
||||
|
@ -0,0 +1,9 @@
|
||||
{
|
||||
$OUT .= 'SSLv23';
|
||||
$OUT .= ':!SSLv2' unless ($uqpsmtpd{SSLv2} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!SSLv3' unless ($uqpsmtpd{SSLv3} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1' unless ($uqpsmtpd{TLSv1} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.1' unless ($uqpsmtpd{TLSv1.1} || 'disabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.2' unless ($uqpsmtpd{TLSv1.2} || 'enabled') eq 'enabled';
|
||||
$OUT .= ':!TLSv1.3' unless ($uqpsmtpd{TLSv1.3} || 'enabled') eq 'enabled';
|
||||
}
|
17
root/etc/logrotate.d/qpsmtpd
Normal file
17
root/etc/logrotate.d/qpsmtpd
Normal file
@ -0,0 +1,17 @@
|
||||
/var/log/qpsmtpd/qpsmtpd.log
|
||||
/var/log/sqpsmtpd/sqpsmtpd.log
|
||||
/var/log/uqpsmtpd/uqpsmtpd.log{
|
||||
weekly
|
||||
rotate 4
|
||||
missingok
|
||||
notifempty
|
||||
compress
|
||||
delaycompress
|
||||
sharedscripts
|
||||
su root root
|
||||
create 600 root root
|
||||
postrotate
|
||||
/usr/bin/systemctl try-restart qpsmtpd.service sqpsmtpd.service uqpsmtpd.service >/dev/null 2>&1 || true
|
||||
endscript
|
||||
}
|
||||
|
@ -2,6 +2,7 @@
|
||||
#----------------------------------------------------------------------
|
||||
# copyright (C) 1999-2005 Mitel Networks Corporation
|
||||
# Copyright (C) 2005-2006 Gordon Rowell <gordonr@gormand.com.au>
|
||||
# Copyright (C) 2013-2024 SME Server Koozali foundation
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
@ -17,14 +18,13 @@
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#----------------------------------------------------------------------
|
||||
ServiceName=$1
|
||||
|
||||
exec 2>&1
|
||||
export QPSMTPD_CONFIG=/var/service/$ServiceName/config
|
||||
|
||||
[ -f ./runenv ] && . ./runenv
|
||||
/sbin/e-smith/systemd/qpsmtpd-tcpsvd $ServiceName
|
||||
|
||||
export QPSMTPD_CONFIG=/var/service/qpsmtpd/config
|
||||
|
||||
./control/1
|
||||
#cleanup pre SME10
|
||||
[ -e /var/service/qpsmtpd/config/databytes ] && \
|
||||
rm -f /var/service/qpsmtpd/config/databytes
|
||||
[ -e /var/service/qpsmtpd/config/badrcptto_patterns ] && \
|
||||
@ -51,23 +51,3 @@ export QPSMTPD_CONFIG=/var/service/qpsmtpd/config
|
||||
chmod 640 /var/lib/qpsmtpd/dmarc/reports.sqlite
|
||||
)
|
||||
|
||||
exec /usr/bin/softlimit -d ${SOFTLIMIT:-50000000} -s ${SOFTLIMIT:-50000000} -l ${SOFTLIMIT:-50000000} \
|
||||
/usr/bin/qpsmtpd-forkserver \
|
||||
-u qpsmtpd \
|
||||
-l 0.0.0.0 \
|
||||
-p ${PORT:-25} \
|
||||
-c ${INSTANCES:-40} \
|
||||
-m ${INSTANCES_PER_IP:-5}
|
||||
|
||||
#sub usage {
|
||||
# print <<"EOT";
|
||||
#usage: qpsmtpd-forkserver [ options ]
|
||||
# -l, --listen-address addr : listen on a specific address; default 0.0.0.0
|
||||
# -p, --port P : listen on a specific port; default 2525
|
||||
# -c, --limit-connections N : limit concurrent connections to N; default 15
|
||||
# -u, --user U : run as a particular user (defualt 'smtpd')
|
||||
# -m, --max-from-ip M : limit connections from a single IP; default 5
|
||||
#EOT
|
||||
# exit 0;
|
||||
#}
|
||||
#
|
7
root/var/service/qpsmtpd/control/1 → root/sbin/e-smith/systemd/qpsmtpd-tcpsvd
Normal file → Executable file
7
root/var/service/qpsmtpd/control/1 → root/sbin/e-smith/systemd/qpsmtpd-tcpsvd
Normal file → Executable file
@ -2,6 +2,7 @@
|
||||
#----------------------------------------------------------------------
|
||||
# copyright (C) 2005 Mitel Networks Corporation
|
||||
# Copyright (C) 2006 Gordon Rowell <gordonr@gormand.com.au>
|
||||
# Copyright (C) 2024 Koozali Foundation Inc.
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
@ -19,8 +20,8 @@
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
use esmith::tcpsvd;
|
||||
|
||||
esmith::tcpsvd::configure_peers('qpsmtpd');
|
||||
esmith::tcpsvd::configure_peers('qpsmtpd', '/var/service/qpsmtpd/config/peers');
|
||||
my $ServiceName = shift || "qpsmtpd";
|
||||
esmith::tcpsvd::configure_peers($ServiceName);
|
||||
esmith::tcpsvd::configure_peers($ServiceName, "/var/service/$ServiceName/config/peers");
|
||||
|
||||
exit(0);
|
@ -1 +0,0 @@
|
||||
/var/service/qpsmtpd
|
@ -1 +0,0 @@
|
||||
/var/service/sqpsmtpd
|
@ -1,16 +1,26 @@
|
||||
[Unit]
|
||||
Description=qpsmtpd
|
||||
After=network.target
|
||||
Conflicts=proqpsmtpdd.service
|
||||
Requires=runit.service
|
||||
After=network.target network-online.target
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
Type=simple
|
||||
LimitDATA=150000000
|
||||
LimitSTACK=150000000
|
||||
LimitMEMLOCK=150000000
|
||||
Environment=PORT=25 INSTANCES=40 INSTANCES_PER_IP=5 QPSMTPD_CONFIG=/var/service/qpsmtpd/config PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin TCPLOCALHOST=me
|
||||
WorkingDirectory=/var/service/qpsmtpd/
|
||||
|
||||
ExecStartPre=/sbin/e-smith/service-status qpsmtpd
|
||||
ExecStart=/usr/bin/sv u /service/qpsmtpd
|
||||
ExecStop=/usr/bin/sv stop /service/qpsmtpd
|
||||
ExecReload=/usr/bin/sv h /service/qpsmtpd
|
||||
RemainAfterExit=yes
|
||||
ExecStartPre=/sbin/e-smith/systemd/qpsmtpd-init %N
|
||||
ExecStart=/usr/bin/qpsmtpd-forkserver \
|
||||
-u qpsmtpd \
|
||||
-l 0.0.0.0 \
|
||||
-p $PORT \
|
||||
-c $INSTANCES \
|
||||
-m $INSTANCES_PER_IP
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
Restart=always
|
||||
RestartSec=20s
|
||||
|
||||
[Install]
|
||||
WantedBy=sme-server.target
|
||||
|
@ -1,16 +1,26 @@
|
||||
[Unit]
|
||||
Description=sqpsmtpd
|
||||
After=network.target
|
||||
Conflicts=prosqpsmtpdd.service
|
||||
Requires=runit.service
|
||||
Description=qpsmtpd
|
||||
After=network.target network-online.target qpsmtpd.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStartPre=/sbin/e-smith/service-status sqpsmtpd
|
||||
ExecStart=/usr/bin/sv u /service/sqpsmtpd
|
||||
ExecStop=/usr/bin/sv stop /service/sqpsmtpd
|
||||
ExecReload=/usr/bin/sv h /service/sqpsmtpd
|
||||
RemainAfterExit=yes
|
||||
Type=simple
|
||||
LimitDATA=150000000
|
||||
LimitSTACK=150000000
|
||||
LimitMEMLOCK=150000000
|
||||
Environment=PORT=465 INSTANCES=40 INSTANCES_PER_IP=5 QPSMTPD_CONFIG=/var/service/sqpsmtpd/config PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin TCPLOCALHOST=me
|
||||
WorkingDirectory=/var/service/qpsmtpd/
|
||||
|
||||
ExecStartPre=/sbin/e-smith/service-status qpsmtpd
|
||||
ExecStartPre=/sbin/e-smith/systemd/qpsmtpd-init %N
|
||||
ExecStart=/usr/bin/qpsmtpd-forkserver \
|
||||
-u qpsmtpd \
|
||||
-l 0.0.0.0 \
|
||||
-p $PORT \
|
||||
-c $INSTANCES \
|
||||
-m $INSTANCES_PER_IP
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
Restart=always
|
||||
RestartSec=20s
|
||||
|
||||
[Install]
|
||||
WantedBy=sme-server.target
|
||||
|
26
root/usr/lib/systemd/system/uqpsmtpd.service
Normal file
26
root/usr/lib/systemd/system/uqpsmtpd.service
Normal file
@ -0,0 +1,26 @@
|
||||
[Unit]
|
||||
Description=qpsmtpd on submission port
|
||||
After=network.target network-online.target qpsmtpd.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
LimitDATA=150000000
|
||||
LimitSTACK=150000000
|
||||
LimitMEMLOCK=150000000
|
||||
Environment=PORT=587 INSTANCES=40 INSTANCES_PER_IP=5 QPSMTPD_CONFIG=/var/service/uqpsmtpd/config PATH=/var/qmail/bin:/bin:/usr/bin:/usr/local/bin TCPLOCALHOST=me
|
||||
WorkingDirectory=/var/service/qpsmtpd/
|
||||
|
||||
ExecStartPre=/sbin/e-smith/service-status uqpsmtpd
|
||||
ExecStartPre=/sbin/e-smith/systemd/qpsmtpd-init %N
|
||||
ExecStart=/usr/bin/qpsmtpd-forkserver \
|
||||
-u qpsmtpd \
|
||||
-l 0.0.0.0 \
|
||||
-p $PORT \
|
||||
-c $INSTANCES \
|
||||
-m $INSTANCES_PER_IP
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
Restart=always
|
||||
RestartSec=20s
|
||||
|
||||
[Install]
|
||||
WantedBy=sme-server.target
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user