[DOCKER][MAIL] Fixed small bugs in config and scripts

This commit is contained in:
Pastilhas 2020-11-02 16:40:20 +00:00 committed by Hugo Sales
parent c2e6e3706f
commit 11dbbef351
Signed by: someonewithpc
GPG Key ID: 7D0C7EAFC9D835A0
4 changed files with 31 additions and 14 deletions

View File

@ -1,8 +1,8 @@
protocols = imap pop3 lmtp
ssl = yes
ssl_cert = </etc/ssl/mailcerts/mail.crt
ssl_key = </etc/ssl/mailcerts/mail.key
ssl_cert = </etc/ssl/mail.crt
ssl_key = </etc/ssl/mail.key
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
listen = *, ::
@ -11,28 +11,32 @@ dict {
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = yes
disable_plaintext_auth = no
auth_mechanisms = plain login
mail_access_groups = vmail
default_login_user = vmail
first_valid_uid = 2222
first_valid_gid = 2222
mail_location = maildir:/var/mail/%d/%n
auth_verbose_passwords = sha1
auth_debug = yes
passdb {
driver = passwd-file
args = scheme=SHA1 /etc/mail/passwd
args = scheme=SHA512-CRYPT /etc/mail/passwd
}
userdb {
driver = static
args = uid=2222 gid=2222 home=/var/mail/%d/%n allow_all_users=yes
auth_verbose = yes
}
service auth {
unix_listener auth-client {
user = postfix
group = postfix
mode = 0660
user = postfix
}
user = root
}
@ -51,6 +55,19 @@ protocol imap {
mail_max_userip_connections = 30
}
service stats {
unix_listener stats-reader {
user = vmail
group = vmail
mode = 0660
}
unix_listener stats-writer {
user = vmail
group = vmail
mode = 0660
}
}
!include_try conf.d/*.conf
!include_try local.conf

View File

@ -64,8 +64,8 @@ smtpd_sasl_local_domain = $mydomain
broken_sasl_auth_clients = yes
smtpd_tls_security_level = may
smtpd_tls_key_file = /etc/ssl/mailcerts/mail.key
smtpd_tls_cert_file = /etc/ssl/mailcerts/mail_chained.crt
smtpd_tls_key_file = /etc/ssl/mail.key
smtpd_tls_cert_file = /etc/ssl/mail.crt
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache

View File

@ -7,8 +7,8 @@ then
exit 1;
fi
DOMAINPART=$(echo $1 | sed -e "s/^.*\@//")
USERPART=$(echo $1 | sed -e "s/\@.*$//")
DOMAINPART=$(echo "$1" | sed -e "s/^.*\@//")
USERPART=$(echo "$1" | sed -e "s/\@.*$//")
if ! grep -q "^$DOMAINPART" /etc/mail/domains
then
@ -16,7 +16,7 @@ then
exit 1
fi
PASSHASH=$(doveadm pw -s SHA512-CRYPT)
PASSHASH=$(doveadm pw -s SHA512-CRYPT -p "$2")
/usr/bin/new-alias.sh "$1" "$1"
echo "$1 $DOMAINPART/$USERPART/" >> /etc/mail/mailboxes

View File

@ -19,11 +19,11 @@ sed -i -e "s/#HOSTNAME/$MAILNAME/" /etc/opendkim/TrustedHosts
if [ ! -e /etc/ssl/.ssl-generated ]
then
openssl genrsa -des3 -passout pass:asdf -out /etc/ssl/mail.pass.key 2048 && \
openssl rsa -passin pass:asdf -in /etc/ssl/mail.pass.key -out /etc/ssl/mail.key
openssl rsa -passin pass:asdf -in /etc/ssl/mail.pass.key -out "$SSL_KEY"
rm /etc/ssl/mail.pass.key
openssl req -new -key /etc/ssl/mail.key -out /etc/ssl/mail.csr \
-subj "/C=UK/ST=England/L=London/O=OrgName/OU=IT Department/CN=$MAIL_HOSTNAME_FQDN"
openssl x509 -req -days 365 -in /etc/ssl/mail.csr -signkey /etc/ssl/mail.key -out /etc/ssl/mail.crt
openssl req -new -key "$SSL_KEY" -out /etc/ssl/mail.csr \
-subj "/C=UK/ST=England/L=London/O=OrgName/OU=IT Department/CN=$MAILNAME"
openssl x509 -req -days 365 -in /etc/ssl/mail.csr -signkey "$SSL_KEY" -out "$SSL_CERT"
echo "Do not remove this file." >> /etc/ssl/.ssl-generated
fi