[DOCKER][MAIL] Fixed small bugs in config and scripts
This commit is contained in:
parent
c2e6e3706f
commit
11dbbef351
@ -1,8 +1,8 @@
|
||||
protocols = imap pop3 lmtp
|
||||
|
||||
ssl = yes
|
||||
ssl_cert = </etc/ssl/mailcerts/mail.crt
|
||||
ssl_key = </etc/ssl/mailcerts/mail.key
|
||||
ssl_cert = </etc/ssl/mail.crt
|
||||
ssl_key = </etc/ssl/mail.key
|
||||
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
|
||||
|
||||
listen = *, ::
|
||||
@ -11,28 +11,32 @@ dict {
|
||||
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
|
||||
}
|
||||
|
||||
disable_plaintext_auth = yes
|
||||
disable_plaintext_auth = no
|
||||
auth_mechanisms = plain login
|
||||
mail_access_groups = vmail
|
||||
default_login_user = vmail
|
||||
first_valid_uid = 2222
|
||||
first_valid_gid = 2222
|
||||
mail_location = maildir:/var/mail/%d/%n
|
||||
auth_verbose_passwords = sha1
|
||||
auth_debug = yes
|
||||
|
||||
|
||||
passdb {
|
||||
driver = passwd-file
|
||||
args = scheme=SHA1 /etc/mail/passwd
|
||||
args = scheme=SHA512-CRYPT /etc/mail/passwd
|
||||
}
|
||||
userdb {
|
||||
driver = static
|
||||
args = uid=2222 gid=2222 home=/var/mail/%d/%n allow_all_users=yes
|
||||
auth_verbose = yes
|
||||
}
|
||||
|
||||
service auth {
|
||||
unix_listener auth-client {
|
||||
user = postfix
|
||||
group = postfix
|
||||
mode = 0660
|
||||
user = postfix
|
||||
}
|
||||
user = root
|
||||
}
|
||||
@ -51,6 +55,19 @@ protocol imap {
|
||||
mail_max_userip_connections = 30
|
||||
}
|
||||
|
||||
service stats {
|
||||
unix_listener stats-reader {
|
||||
user = vmail
|
||||
group = vmail
|
||||
mode = 0660
|
||||
}
|
||||
|
||||
unix_listener stats-writer {
|
||||
user = vmail
|
||||
group = vmail
|
||||
mode = 0660
|
||||
}
|
||||
}
|
||||
|
||||
!include_try conf.d/*.conf
|
||||
!include_try local.conf
|
||||
|
@ -64,8 +64,8 @@ smtpd_sasl_local_domain = $mydomain
|
||||
broken_sasl_auth_clients = yes
|
||||
|
||||
smtpd_tls_security_level = may
|
||||
smtpd_tls_key_file = /etc/ssl/mailcerts/mail.key
|
||||
smtpd_tls_cert_file = /etc/ssl/mailcerts/mail_chained.crt
|
||||
smtpd_tls_key_file = /etc/ssl/mail.key
|
||||
smtpd_tls_cert_file = /etc/ssl/mail.crt
|
||||
smtpd_tls_loglevel = 1
|
||||
smtpd_tls_session_cache_timeout = 3600s
|
||||
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache
|
||||
|
@ -7,8 +7,8 @@ then
|
||||
exit 1;
|
||||
fi
|
||||
|
||||
DOMAINPART=$(echo $1 | sed -e "s/^.*\@//")
|
||||
USERPART=$(echo $1 | sed -e "s/\@.*$//")
|
||||
DOMAINPART=$(echo "$1" | sed -e "s/^.*\@//")
|
||||
USERPART=$(echo "$1" | sed -e "s/\@.*$//")
|
||||
|
||||
if ! grep -q "^$DOMAINPART" /etc/mail/domains
|
||||
then
|
||||
@ -16,7 +16,7 @@ then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PASSHASH=$(doveadm pw -s SHA512-CRYPT)
|
||||
PASSHASH=$(doveadm pw -s SHA512-CRYPT -p "$2")
|
||||
|
||||
/usr/bin/new-alias.sh "$1" "$1"
|
||||
echo "$1 $DOMAINPART/$USERPART/" >> /etc/mail/mailboxes
|
||||
|
@ -19,11 +19,11 @@ sed -i -e "s/#HOSTNAME/$MAILNAME/" /etc/opendkim/TrustedHosts
|
||||
if [ ! -e /etc/ssl/.ssl-generated ]
|
||||
then
|
||||
openssl genrsa -des3 -passout pass:asdf -out /etc/ssl/mail.pass.key 2048 && \
|
||||
openssl rsa -passin pass:asdf -in /etc/ssl/mail.pass.key -out /etc/ssl/mail.key
|
||||
openssl rsa -passin pass:asdf -in /etc/ssl/mail.pass.key -out "$SSL_KEY"
|
||||
rm /etc/ssl/mail.pass.key
|
||||
openssl req -new -key /etc/ssl/mail.key -out /etc/ssl/mail.csr \
|
||||
-subj "/C=UK/ST=England/L=London/O=OrgName/OU=IT Department/CN=$MAIL_HOSTNAME_FQDN"
|
||||
openssl x509 -req -days 365 -in /etc/ssl/mail.csr -signkey /etc/ssl/mail.key -out /etc/ssl/mail.crt
|
||||
openssl req -new -key "$SSL_KEY" -out /etc/ssl/mail.csr \
|
||||
-subj "/C=UK/ST=England/L=London/O=OrgName/OU=IT Department/CN=$MAILNAME"
|
||||
openssl x509 -req -days 365 -in /etc/ssl/mail.csr -signkey "$SSL_KEY" -out "$SSL_CERT"
|
||||
echo "Do not remove this file." >> /etc/ssl/.ssl-generated
|
||||
fi
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user