This commit is contained in:
Bob Mottram 2014-09-20 17:44:38 +01:00
parent 262295fc27
commit fb6a6a0bf0
1 changed files with 144 additions and 1 deletions

View File

@ -374,13 +374,155 @@ function configure_email {
sed "s/START=no/START=yes/g" /etc/default/saslauthd > /tmp/saslauthd
cp -f /tmp/saslauthd /etc/default/saslauthd
/etc/init.d/saslauthd start
# make a tls certificate for email
makecert exim
mv /etc/ssl/private/exim.key /etc/exim4
mv /etc/ssl/certs/exim.crt /etc/exim4
mv /etc/ssl/certs/exim.dhparam /etc/exim4
chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
#editor /etc/exim4/exim4.conf.template
sed '/login_saslauthd_server/,/.endif/ s/# *//' /etc/exim4/exim4.conf.template > /tmp/exim4.conf.template
cp -f /tmp/exim4.conf.template /etc/exim4/exim4.conf.template
sed '/.ifdef MAIN_HARDCODE_PRIMARY_HOSTNAME/i\MAIN_HARDCODE_PRIMARY_HOSTNAME = $DOMAIN_NAME\nMAIN_TLS_ENABLE = true' /etc/exim4/exim4.conf.template > /tmp/exim4.conf.template
cp -f /tmp/exim4.conf.template /etc/exim4/exim4.conf.template
sed "s|SMTPLISTENEROPTIONS=''|SMTPLISTENEROPTIONS='-oX 465:25:587 -oP /var/run/exim4/exim.pid'|g" /etc/default/exim4 > /tmp/exim4
cp -f /tmp/exim4 /etc/default/exim4
sed '/03_exim4-config_tlsoptions/a\tls_on_connect_ports=465' /etc/exim4/exim4.conf.template > /tmp/exim4.conf.template
cp -f /tmp/exim4.conf.template /etc/exim4/exim4.conf.template
adduser $MY_USERNAME sasl
addgroup Debian-exim sasl
/etc/init.d/exim4 restart
mkdir -m 700 /etc/skel/Maildir
mkdir -m 700 /etc/skel/Maildir/Sent
mkdir -m 700 /etc/skel/Maildir/Sent/tmp
mkdir -m 700 /etc/skel/Maildir/Sent/cur
mkdir -m 700 /etc/skel/Maildir/Sent/new
mkdir -m 700 /etc/skel/Maildir/.learn-spam
mkdir -m 700 /etc/skel/Maildir/.learn-spam/cur
mkdir -m 700 /etc/skel/Maildir/.learn-spam/new
mkdir -m 700 /etc/skel/Maildir/.learn-spam/tmp
mkdir -m 700 /etc/skel/Maildir/.learn-ham
mkdir -m 700 /etc/skel/Maildir/.learn-ham/cur
mkdir -m 700 /etc/skel/Maildir/.learn-ham/new
mkdir -m 700 /etc/skel/Maildir/.learn-ham/tmp
ln -s /etc/skel/Maildir/.learn-spam /etc/skel/Maildir/spam
ln -s /etc/skel/Maildir/.learn-ham /etc/skel/Maildir/ham
if [ ! -d /home/$MY_USERNAME/Maildir ]; then
mkdir -m 700 /home/$MY_USERNAME/Maildir
mkdir -m 700 /home/$MY_USERNAME/Maildir/cur
mkdir -m 700 /home/$MY_USERNAME/Maildir/tmp
mkdir -m 700 /home/$MY_USERNAME/Maildir/new
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/cur
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/tmp
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/new
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/cur
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/new
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/tmp
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/cur
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/new
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/tmp
ln -s /home/$MY_USERNAME/Maildir/.learn-spam /home/$MY_USERNAME/Maildir/spam
ln -s /home/$MY_USERNAME/Maildir/.learn-ham /home/$MY_USERNAME/Maildir/ham
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Maildir
fi
}
function spam_filtering {
apt-get -y install spamassassin exim4-daemon-heavy
sed 's/ENABLED=0/ENABLED=1/g' /etc/default/spamassassin > /tmp/spamassassin
cp -f /tmp/spamassassin /etc/default/spamassassin
sed 's/# spamd_address = 127.0.0.1 783/spamd_address = 127.0.0.1 783/g' /etc/exim4/exim4.conf.template > /tmp/exim4.conf.template
cp -f /tmp/exim4.conf.template /etc/exim4/exim4.conf.template
# This configuration is based on https://wiki.debian.org/DebianSpamAssassin
sed 's/local_parts = postmaster/local_parts = postmaster:abuse/g' /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt > /tmp/30_exim4-config_check_rcpt
cp -f /tmp/30_exim4-config_check_rcpt /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
sed '/domains = +local_domains : +relay_to_domains/a\ set acl_m0 = rfcnames' /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt > /tmp/30_exim4-config_check_rcpt
cp -f /tmp/30_exim4-config_check_rcpt /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
sed 's/accept/accept condition = ${if eq{$acl_m0}{rfcnames} {1}{0}}/g' /etc/exim4/conf.d/acl/40_exim4-config_check_data > /tmp/40_exim4-config_check_data
cp -f /tmp/40_exim4-config_check_data /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo "warn message = X-Spam-Score: $spam_score ($spam_bar)" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo " spam = nobody:true" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo "warn message = X-Spam-Flag: YES" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo " spam = nobody" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo "warn message = X-Spam-Report: $spam_report" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo " spam = nobody" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo "# reject spam at high scores (> 12)" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo "deny message = This message scored $spam_score spam points." >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo " spam = nobody:true" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
echo " condition = ${if >{$spam_score_int}{120}{1}{0}}" >> /etc/exim4/conf.d/acl/40_exim4-config_check_data
# procmail configuration
echo "MAILDIR=$HOME/Maildir" > /home/$MY_USERNAME/.procmailrc
echo "DEFAULT=$MAILDIR/" >> /home/$MY_USERNAME/.procmailrc
echo "LOGFILE=$HOME/log/procmail.log" >> /home/$MY_USERNAME/.procmailrc
echo "LOGABSTRACT=all" >> /home/$MY_USERNAME/.procmailrc
echo "# get spamassassin to check emails" >> /home/$MY_USERNAME/.procmailrc
echo ":0fw: .spamassassin.lock" >> /home/$MY_USERNAME/.procmailrc
echo " * < 256000" >> /home/$MY_USERNAME/.procmailrc
echo "| spamc" >> /home/$MY_USERNAME/.procmailrc
echo "# strong spam are discarded" >> /home/$MY_USERNAME/.procmailrc
echo ":0" >> /home/$MY_USERNAME/.procmailrc
echo " * ^X-Spam-Level: \*\*\*\*\*\*" >> /home/$MY_USERNAME/.procmailrc
echo "/dev/null" >> /home/$MY_USERNAME/.procmailrc
echo "# weak spam are kept just in case - clear this out every now and then" >> /home/$MY_USERNAME/.procmailrc
echo ":0" >> /home/$MY_USERNAME/.procmailrc
echo " * ^X-Spam-Level: \*\*\*\*\*" >> /home/$MY_USERNAME/.procmailrc
echo ".0-spam/" >> /home/$MY_USERNAME/.procmailrc
echo "# otherwise, marginal spam goes here for revision" >> /home/$MY_USERNAME/.procmailrc
echo ":0" >> /home/$MY_USERNAME/.procmailrc
echo " * ^X-Spam-Level: \*\*" >> /home/$MY_USERNAME/.procmailrc
echo ".spam/" >> /home/$MY_USERNAME/.procmailrc
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc
# filtering scripts
echo "#!/bin/bash" > /usr/bin/filterspam
echo "USERNAME=$1" >> /usr/bin/filterspam
echo "MAILDIR=/home/$USERNAME/Maildir/.learn-spam" >> /usr/bin/filterspam
echo "if [ ! -d \"$MAILDIR\" ]; then" >> /usr/bin/filterspam
echo " exit" >> /usr/bin/filterspam
echo "fi" >> /usr/bin/filterspam
echo "for f in `ls $MAILDIR/cur`" >> /usr/bin/filterspam
echo "do" >> /usr/bin/filterspam
echo " spamc -L spam < \"$MAILDIR/cur/$f\" > /dev/null" >> /usr/bin/filterspam
echo " rm \"$MAILDIR/cur/$f\"" >> /usr/bin/filterspam
echo "done" >> /usr/bin/filterspam
echo "for f in `ls $MAILDIR/new`" >> /usr/bin/filterspam
echo "do" >> /usr/bin/filterspam
echo " spamc -L spam < \"$MAILDIR/new/$f\" > /dev/null" >> /usr/bin/filterspam
echo " rm \"$MAILDIR/new/$f\"" >> /usr/bin/filterspam
echo "done" >> /usr/bin/filterspam
echo "#!/bin/bash" > /usr/bin/filterham
echo "USERNAME=$1" >> /usr/bin/filterham
echo "MAILDIR=/home/$USERNAME/Maildir/.learn-ham" >> /usr/bin/filterham
echo "if [ ! -d \"$MAILDIR\" ]; then" >> /usr/bin/filterham
echo " exit" >> /usr/bin/filterham
echo "fi" >> /usr/bin/filterham
echo "for f in `ls $MAILDIR/cur`" >> /usr/bin/filterham
echo "do" >> /usr/bin/filterham
echo " spamc -L ham < \"$MAILDIR/cur/$f\" > /dev/null" >> /usr/bin/filterham
echo " rm \"$MAILDIR/cur/$f\"" >> /usr/bin/filterham
echo "done" >> /usr/bin/filterham
echo "for f in `ls $MAILDIR/new`" >> /usr/bin/filterham
echo "do" >> /usr/bin/filterham
echo " spamc -L ham < \"$MAILDIR/new/$f\" > /dev/null" >> /usr/bin/filterham
echo " rm \"$MAILDIR/new/$f\"" >> /usr/bin/filterham
echo "done" >> /usr/bin/filterham
echo "*/3 * * * * root /usr/bin/timeout 120 /usr/bin/filterspam $MY_USERNAME" >> /etc/crontab
echo "*/3 * * * * root /usr/bin/timeout 120 /usr/bin/filterham $MY_USERNAME" >> /etc/crontab
chmod 655 /usr/bin/filterspam /usr/bin/filterham
service spamassassin restart
service exim4 restart
service cron restart
}
initial_setup
@ -401,3 +543,4 @@ save_firewall_settings
configure_internet_protocol
script_to_make_self_signed_certificates
configure_email
spam_filtering