--- /dev/null
+postfix-cn (2.3.8-1) carnet-etch; urgency=high
+
+ * Prva verzija za Etch
+
+ -- Ivan Rako <irako@srce.hr> Mon, 22 Oct 2007 00:00:10 +0200
+
+postfix-cn (2.1.5-11) sarge; urgency=low
+
+ * Izmijenjena poruka za purganje paketa sendmail-base
+
+ -- Ivan Rako <Ivan.Rako@CARNet.hr> Mon, 21 May 2007 15:27:01 +0200
+
+postfix-cn (2.1.5-10) sarge; urgency=medium
+
+ * Stavljen openssl u Depends
+ * Provjera da li postoji main.cf i master.cf
+ * Izbacen postfix-cn/upgrade-from-sendmail
+ * postfix-cn/matchgecos postavljen na critical
+ * Dodan softlink /usr/bin/make-aliases-gecos
+ * Postavlja START=yes u /etc/default/saslauthd
+
+ -- Ivan Rako <Ivan.Rako@CARNet.hr> Wed, 25 Apr 2007 15:34:21 +0200
+
+postfix-cn (2.1.5-9) sarge; urgency=medium
+
+ * Gasi se RBL ORDB.org pa je izbacen iz paketa
+ * Izbacen i RBL opm.blitzed.org
+ * Ubacen novi RBL list.dsbl.org
+
+ -- Ivan Rako <Ivan.Rako@CARNet.hr> Tue, 19 Dec 2006 10:40:46 +0100
+
+postfix-cn (2.1.5-8) sarge; urgency=medium
+
+ * Dodana provjera da li je host mx, pa postavlja ispravan mydestination
+
+ -- Ivan 'ico' Rako <irako@srce.hr> Thu, 9 Nov 2006 10:19:20 +0100
+
+postfix-cn (2.1.5-7) sarge; urgency=medium
+
+ * Dodana definicija PATH-a u skripti za generiranje aliases_gecos
+ * Dodana opcija PA_OPTIONS="-r" u /usr/share/postfix-cn/make-aliases-gecos.sh
+ za skrivanje cron poruka o duplim aliasima
+ * Dodatni uvjet za provjeru da li postoji GECOS polje u skripti
+ /usr/share/postfix-cn/make-aliases-gecos.sh
+
+ -- Ivan Rako <ivan.rako@carnet.hr> Mon, 30 Oct 2006 13:55:28 +0100
+
+postfix-cn (2.1.5-6) sarge; urgency=medium
+
+ * Povecan prioritet za debconf pitanje postfix-cn/matchgecos
+ * Stavljen sendmail-base u Conflicts
+ * Dodana poruka za purge-anje paketa sendmail-base
+ * Nadopunjena lista CARNetovih mail exchangera u
+ /etc/postgrey/whitelist_clients
+ * Smanjen bounce_queue_lifetime i maximal_queue_lifetime na 5 dana
+ * Ako su vec postavljeni smtp_tls_cert_file i smtp_tls_cert_file,
+ onda postinst vise ne dira
+ * Uvjet za kreiranje aliases_gecos je samo po uid-u (> 100)
+ * /etc/cron.daily/postfix-cn -> /etc/cron.d/postfix-cn
+ * Postgrey delay postavljen na 58 sekundi
+ * Izmjenijena varijabla local_recipient_maps
+
+ -- Ivan 'ico' Rako <irako@srce.hr> Sat, 28 Oct 2006 21:15:28 +0200
+
+postfix-cn (2.1.5-5)
+
+ * Privremeno dodano u Postfix konfiguraciju zbog problema u radu sa
+ Squirrelmail-om:
+ append_dot_mydomain = yes
+ append_at_myorigin = yes
+
+ -- Ivan 'ico' Rako <irako@srce.hr> Thu, 31 Aug 2006 17:11:09 +0200
+
+postfix-cn (2.1.5-4)
+
+ * ispravan poredak kod postfix varijable smtpd_recipient_restrictions
+ * sitne ispravke kod prebacivanje /var/run/saslauthd ->
+ /var/spool/postfix/var/run/saslauthd
+ * dodaje CARNetove mail exchangere u /etc/postgrey/whitelist_clients
+
+ -- Ivan 'ico' Rako <irako@srce.hr> Tue, 11 Jul 2006 19:27:46 +0200
+
+postfix-cn (2.1.5-3)
+
+ * dodaje korisnika postfix u grupu sasl
+
+ -- Ivan 'ico' Rako <irako@srce.hr> Tue, 4 Jul 2006 14:52:15 +0200
+
+postfix-cn (2.1.5-2)
+
+ * dodana skripta za kreiranje aliasa na osnovu GECOS polja
+ (/etc/cron.daily/postfix-cn)
+ * dodan hash:/var/lib/postfix-cn/aliases_gecos u $alias_maps
+ * dopune za sasl (/etc/postfix/sasl/smtpd.conf, ...)
+ * privremene datoteke za tlsmgr premjestene iz /etc/postfix u
+ /var/spool/postfix
+
+ -- Ivan 'ico' Rako <irako@srce.hr> Tue, 4 Jul 2006 14:52:15 +0200
+
+postfix-cn (2.1.5-1)
+
+ * backup zatecenog stanja konfiguracijskih datoteka
+
+ -- Ivan 'ico' Rako <irako@srce.hr> Sat, 1 Jul 2006 09:50:09 +0200
+
+postfix-cn (2.1.5-0)
+
+ * inicijalna verzija paketa
+
+ -- Ivan 'ico' Rako <irako@srce.hr> Wed, 31 May 2006 19:34:29 +0200
--- /dev/null
+#!/bin/sh -e
+
+[ "$1" = "configure" ] || exit 0
+
+# Load CARNet Tools
+. /usr/share/carnet-tools/functions.sh
+# Load Debconf
+. /usr/share/debconf/confmodule
+
+db_get postfix-cn/rbl || true
+rbl="$RET"
+
+# Tue, 19 Dec 2006 10:31:01 +0100
+# relays.ordb.org se gasi 2006-12-31
+if echo $rbl | grep -q relays.ordb.org; then
+ rbl="`echo $rbl | sed 's/relays.ordb.org, //g'`"
+ # za svaki slucaj, ako je na kraju
+ rbl="`echo $rbl | sed 's/relays.ordb.org//g'`"
+ db_set postfix-cn/rbl "$rbl" || true
+fi
+
+# Thu, 21 Dec 2006 09:03:50 +0100
+# opm.blitzed.org je ugasen 2006-05
+if echo $rbl | grep -q opm.blitzed.org; then
+ rbl="`echo $rbl | sed 's/opm.blitzed.org, //g'`"
+ # za svaki slucaj, ako je na kraju
+ rbl="`echo $rbl | sed 's/opm.blitzed.org//g'`"
+ db_set postfix-cn/rbl "$rbl" || true
+fi
+
+db_get postfix-cn/matchgecos || true
+matchgecos="$RET"
+
+hostname="`hostname`"
+fqdn="`hostname --fqdn`"
+domain="`dnsdomainname`"
+mailname="`cat /etc/mailname 2> /dev/null || hostname --fqdn`"
+cp_get_netaddr || true
+netaddr="$RET"
+
+# ako ne postoje konfiguracijske datoteke, napravi ih
+[ -f /etc/postfix/master.cf ] || touch /etc/postfix/master.cf
+[ -f /etc/postfix/main.cf ] || touch /etc/postfix/main.cf
+
+# spremi pocetnu verziju
+cp -pf /etc/postfix/master.cf /etc/postfix/master.cf.dpkg-tmp.$$
+cp -pf /etc/postfix/main.cf /etc/postfix/main.cf.dpkg-tmp.$$
+
+# srediti master.cf za TLS
+if [ -f /etc/postfix/master.cf ]; then
+ cp_check_and_sed '^#tlsmgr' \
+ 's/^#tlsmgr/tlsmgr/g' \
+ /etc/postfix/master.cf || true
+
+ cp_check_and_sed '^#smtps' \
+ 's/^#smtps/smtps/g' \
+ /etc/postfix/master.cf || true
+fi
+
+# ovo manje/vise uzima kao default, ali u slucaju da je multihomed stroj,
+# i eventualno je sprckan, mozda nesto nece raditi kako spada pa cemo konfigurirati
+postconf -e myhostname="$fqdn"
+postconf -e mydomain="$domain"
+postconf -e myorigin="$mailname"
+
+# zbog problema sa squirrelmailom
+postconf -e append_dot_mydomain="yes"
+postconf -e append_at_myorigin="yes"
+
+# dodaj 127.0.0.0/8 i netaddr
+mynetworks="`postconf -h mynetworks`"
+for i in "127.0.0.0/8" "$netaddr"; do
+ if ! echo $mynetworks | grep -q $i; then
+ mynetworks="$mynetworks, $i"
+ fi
+done
+postconf -e mynetworks="$mynetworks"
+
+# obrisati $mydomain, ako je upgrade sa starije verzije
+# te srediti mydestination
+if dpkg --compare-versions "$2" lt 2.1.5-8; then
+ mydestination="`postconf -h mydestination`"
+ if echo $mydestination | grep -q ", \$mydomain"; then
+ mydestination="`echo $mydestination | sed 's/, \$mydomain//g'`"
+ fi
+ postconf -e mydestination="$mydestination"
+fi
+
+# default je: $myhostname, localhost.$mydomain, localhost
+# treba dodati jos ", $mydomain", ako je host mx
+cp_get_mx_domain || true
+mx_domain="$RET"
+if [ "$mx_domain" != "$fqdn" ]; then
+ mydestination="`postconf -h mydestination`"
+ if ! echo $mydestination | grep -q ", \$mydomain"; then
+ postconf -e mydestination="$mydestination, \$mydomain"
+ fi
+ postconf -e relay_domains="\$mydestination"
+ if [ "$mx_domain" != "$domain" ]; then
+ if dpkg --compare-versions "$2" lt 2.1.5-8; then
+ cp_echo "CN: This host is MX for more than one domain! postfix-cn package will"
+ cp_echo "CN only set up $mx_domain, you HAVE TO add the other domains manually"
+ cp_echo "CN to mydestination variable in /etc/postfix/main.cf, if you haven't"
+ cp_echo "CN done that already or you may lose mail."
+ fi
+ fi
+fi
+
+# sredi $alias_maps
+if [ "$matchgecos" = "true" ]; then
+ aliasmaps="hash:/etc/aliases hash:/var/lib/postfix-cn/aliases_gecos"
+elif [ "$matchgecos" = "false" ]; then
+ aliasmaps="hash:/etc/aliases"
+ alias_maps="`postconf -h alias_maps | \
+ sed -e 's#hash:/var/lib/postfix-cn/aliases_gecos,*##g' -e 's/,*[[:space:]]*$//g'`"
+ postconf -e alias_maps="$alias_maps"
+fi
+
+for i in $aliasmaps; do
+ alias_maps="`postconf -h alias_maps`"
+ if ! echo $alias_maps | grep -q "$i"; then
+ postconf -e alias_maps="$alias_maps, $i"
+ fi
+done
+
+postconf -e alias_database="hash:/etc/aliases"
+postconf -e local_recipient_maps="proxy:unix:passwd.byname \$alias_maps"
+
+# jos malo
+postconf -e recipient_delimiter="+"
+postconf -e smtpd_helo_required="yes"
+postconf -e smtpd_helo_restrictions="permit_mynetworks"
+postconf -e in_flow_delay="2s"
+postconf -e initial_destination_concurrency="10"
+postconf -e default_destination_concurrency_limit="30"
+postconf -e smtpd_recipient_limit="400"
+postconf -e hash_queue_depth="3"
+
+if dpkg --compare-versions "$2" lt 2.1.5-6; then
+ postconf -e bounce_queue_lifetime="5d"
+ postconf -e maximal_queue_lifetime="5d"
+fi
+
+# ako netko zeli maknuti maskiranje, da mu ga nova verzija ne doda
+if dpkg --compare-versions "$2" lt 2.1.5-2; then
+ postconf -e masquerade_domains="\$mydomain"
+fi
+
+# sredi smtpd_recipient_restrictions
+smtpd_recipient_restrictions="reject_invalid_hostname, \
+ reject_unknown_sender_domain, \
+ reject_unknown_recipient_domain, \
+ reject_unauth_pipelining, \
+ permit_sasl_authenticated, \
+ permit_mynetworks, \
+ reject_unauth_destination"
+
+# dodaj samo rbl-ove iz debconfa
+if [ "$rbl" ]; then
+ for i in `echo $rbl | tr -d ,`; do
+ smtpd_recipient_restrictions="$smtpd_recipient_restrictions, reject_rbl_client $i"
+ done
+fi
+
+# dodaj check_policy_service i permit na kraj
+smtpd_recipient_restrictions="$smtpd_recipient_restrictions, check_policy_service inet:127.0.0.1:60000, permit"
+postconf -e smtpd_recipient_restrictions="$smtpd_recipient_restrictions"
+
+# SASL stuff
+postconf -e smtpd_sasl_auth_enable="yes"
+postconf -e smtpd_sasl_security_options="noanonymous"
+postconf -e smtpd_sasl_local_domain="\$myhostname"
+postconf -e broken_sasl_auth_clients="yes"
+
+[ -d /etc/postfix/sasl/ ] || mkdir -p /etc/postfix/sasl/
+if [ ! -f /etc/postfix/sasl/smtpd.conf ]; then
+ cat - > /etc/postfix/sasl/smtpd.conf <<EOF
+pwcheck_method: saslauthd
+mech_list: plain login
+EOF
+ restart_postfix="yes"
+fi
+
+if [ -f /etc/default/saslauthd ]; then
+ cp_check_and_sed "^START=no" \
+ "s/^START=no/START=yes/g" \
+ /etc/default/saslauthd && restart_saslauthd="yes"
+
+ cp_check_and_sed "^#[[:blank:]]*START=" \
+ "s/^#[[:blank:]]*START=.*$/START=yes/g" \
+ /etc/default/saslauthd && restart_saslauthd="yes"
+
+ if ! grep -q "^START.*yes" /etc/default/saslauthd; then
+ echo "START=yes" >> /etc/default/saslauthd
+ restart_saslauthd="yes"
+ fi
+ if ! grep -q "^PARAMS.*/var/spool/postfix/var/run/saslauthd" /etc/default/saslauthd; then
+ echo "PARAMS=\"-m /var/spool/postfix/var/run/saslauthd\"" >> /etc/default/saslauthd
+ restart_saslauthd="yes"
+ fi
+ if ! grep -q "^PIDFILE.*/var/spool/postfix/var/run/saslauthd/saslauthd.pid" /etc/default/saslauthd; then
+ echo "PIDFILE=\"/var/spool/postfix/var/run/saslauthd/saslauthd.pid\"" >> /etc/default/saslauthd
+ restart_saslauthd="yes"
+ fi
+ if ! grep -q "^PWDIR.*/var/spool/postfix/var/run/saslauthd" /etc/default/saslauthd; then
+ echo "PWDIR=\"/var/spool/postfix/var/run/saslauthd\"" >> /etc/default/saslauthd
+ restart_saslauthd="yes"
+ fi
+ if ! grep -q "&& ln -s" /etc/default/saslauthd; then
+ echo "[ ! -L /var/run/saslauthd -a -d /var/spool/postfix/var/run/saslauthd -a ! -d /var/run/saslauthd ] && ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd || true" >> /etc/default/saslauthd
+ restart_saslauthd="yes"
+ fi
+ if [ ! -L /var/run/saslauthd ]; then
+ mkdir -p /var/spool/postfix/var/run/
+ if [ -d /var/run/saslauthd -a ! -d /var/spool/postfix/var/run/saslauthd ]; then
+ mv /var/run/saslauthd /var/spool/postfix/var/run/
+ elif [ -d /var/run/saslauthd -a -d /var/spool/postfix/var/run/saslauthd ]; then
+ rm -rf /var/run/saslauthd/
+ fi
+
+ # XXX jos kad bi ln -s u /var/run/ radio (bootclean.sh)
+ if [ -d /var/spool/postfix/var/run/saslauthd -a ! -d /var/run/saslauthd ]; then
+ ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd
+ fi
+
+ restart_saslauthd="yes"
+ fi
+ if [ ! -d /var/spool/postfix/var/run/saslauthd ]; then
+ mkdir -p /var/spool/postfix/var/run/saslauthd
+ restart_saslauthd="yes"
+ fi
+ if ! dpkg-statoverride --list /var/spool/postfix/var/run/saslauthd > /dev/null; then
+ dpkg-statoverride --update --add root sasl 710 /var/spool/postfix/var/run/saslauthd
+ fi
+fi
+
+# restart saslauthd
+if [ "$restart_saslauthd" = "yes" ]; then
+ if [ -x /usr/sbin/invoke-rc.d ]; then
+ [ -x /etc/init.d/saslauthd ] && invoke-rc.d saslauthd restart
+ else
+ [ -x /etc/init.d/saslauthd ] && /etc/init.d/saslauthd restart
+ fi
+fi
+
+# izgenerirati certifikate
+cert="postfix" # basename of certificate
+description="Postfix SMTP daemon" # descriptive text
+cd /etc/ssl/certs
+PATH=$PATH:/usr/bin/ssl
+if [ -f "$cert.pem" ]; then
+ echo "CN: You already have /etc/ssl/certs/$cert.pem"
+else
+ echo "CN: Creating generic self-signed certificate: /etc/ssl/certs/$cert.pem"
+ echo "CN: (replace with hand-crafted or authorized one if needed)."
+ HOSTNAME=`hostname -s`
+ FQDN=`hostname -f`
+ openssl req -new -x509 -days 365 -nodes -out "$cert.pem" -keyout "$cert.pem" > /dev/null 2>&1 <<+
+.
+.
+.
+$description
+$hostname
+$fqdn
+root@$mailname
++
+ ln -sf "$cert.pem" `openssl x509 -noout -hash < "$cert.pem"`.0
+ chown root.root "/etc/ssl/certs/$cert.pem"
+ chmod 0640 "/etc/ssl/certs/$cert.pem"
+fi
+
+# TLS stuff
+postconf -e smtp_use_tls="yes"
+postconf -e smtp_tls_key_file="\$smtp_tls_cert_file"
+postconf -e smtp_tls_session_cache_database="sdbm:/var/spool/postfix/smtp_scache"
+postconf -e smtp_tls_session_cache_timeout="3600s"
+postconf -e smtpd_use_tls="yes"
+postconf -e smtpd_tls_key_file="\$smtpd_tls_cert_file"
+postconf -e smtpd_tls_session_cache_database="sdbm:/var/spool/postfix/smtpd_scache"
+postconf -e smtpd_tls_session_cache_timeout="3600s"
+postconf -e tls_random_source="dev:/dev/urandom"
+# ako je postavljen neki drugi certifikat, ne diraj
+smtp_tls_cert_file="`postconf -h smtp_tls_cert_file`"
+if [ -z "$smtp_tls_cert_file" ]; then
+ postconf -e smtp_tls_cert_file="/etc/ssl/certs/$cert.pem"
+fi
+smtpd_tls_cert_file="`postconf -h smtpd_tls_cert_file`"
+if [ -z "$smtpd_tls_cert_file" ]; then
+ postconf -e smtpd_tls_cert_file="/etc/ssl/certs/$cert.pem"
+fi
+
+# prije bilo u /etc/postfix/, od verzije 2.1.5-2 je u /var/spool/postfix
+[ -f /etc/postfix/smtp_scache.dir ] && rm -f /etc/postfix/smtp_scache.dir
+[ -f /etc/postfix/smtp_scache.pag ] && rm -f /etc/postfix/smtp_scache.pag
+[ -f /etc/postfix/smtpd_scache.dir ] && rm -f /etc/postfix/smtpd_scache.dir
+[ -f /etc/postfix/smtpd_scache.pag ] && rm -f /etc/postfix/smtpd_scache.pag
+
+# debconf stop
+db_go || true
+db_stop || true
+
+# ako postoji amavis, sredi
+if [ -x /usr/share/amavisd-cn/postfixize.sh ]; then
+ /usr/share/amavisd-cn/postfixize.sh
+fi
+
+# provjeri da li postoji sendmail-base
+if ! dpkg -l sendmail-base | grep -q '^.n'; then
+ cp_echo ""
+ cp_echo "CN: Package sendmail-base detected."
+ cp_echo "CN: Please, purge this package with command:"
+ cp_echo "CN: # dpkg --purge sendmail-base"
+ cp_echo ""
+fi
+
+# sendmailov /etc/mail/access
+if [ -f /etc/mail/access -a /etc/mail/access.db ]; then
+ cp_echo ""
+ cp_echo "CN: Sendmail's access file (/etc/mail/access) detected."
+ cp_echo "CN: Please, upgrade your's /etc/postfix/access."
+ cp_echo "CN: http://www.postfix.org/SMTPD_ACCESS_README.html"
+ cp_echo ""
+fi
+
+if ! id postfix | grep -q sasl; then
+ adduser postfix sasl > /dev/null
+ restart_postfix="yes"
+fi
+
+# ako ima razlika, backupiraj stari, ako ne, obrisi privremeni backup
+if ! cmp -s /etc/postfix/master.cf /etc/postfix/master.cf.dpkg-tmp.$$; then
+ cp_echo "CN: Backing up old version of /etc/postfix/master.cf in /var/backups/..."
+ cp_backup_conffile /etc/postfix/master.cf.dpkg-tmp.$$ master.cf
+ restart_postfix="yes"
+fi
+rm -f /etc/postfix/master.cf.dpkg-tmp.$$
+
+if ! cmp -s /etc/postfix/main.cf /etc/postfix/main.cf.dpkg-tmp.$$; then
+ cp_echo "CN: Backing up old version of /etc/postfix/main.cf in /var/backups/..."
+ cp_backup_conffile /etc/postfix/main.cf.dpkg-tmp.$$ main.cf
+ restart_postfix="yes"
+fi
+rm -f /etc/postfix/main.cf.dpkg-tmp.$$
+
+# kreiraj aliases_gecos
+if [ -x /usr/share/postfix-cn/make-aliases-gecos.sh ]; then
+ if [ "$matchgecos" = "true" ]; then
+ echo "CN: Creating GECOS alias map..."
+ /usr/share/postfix-cn/make-aliases-gecos.sh
+ fi
+fi
+
+if dpkg --compare-versions "$2" lt 2.1.5-6 && \
+ [ -f /etc/postgrey/whitelist_clients ]; then
+ # dodaj CARNet MX u /etc/postgrey/whitelist_clients
+ cp-update postfix-cn /etc/postgrey/whitelist_clients < /usr/share/postfix-cn/carnet_whitelist_clients
+ restart_postgrey="yes"
+fi
+
+if [ -f /etc/default/postgrey ]; then
+ if ! grep -q "^POSTGREY_OPTS=.*--delay" /etc/default/postgrey; then
+ cp_check_and_sed 'POSTGREY_OPTS=' \
+ 's/^POSTGREY_OPTS="/POSTGREY_OPTS="--delay=58 /g' \
+ /etc/default/postgrey || true
+ restart_postgrey="yes"
+ fi
+fi
+
+if [ "$restart_postgrey" = "yes" ]; then
+ if [ -x /usr/sbin/invoke-rc.d ]; then
+ [ -x /etc/init.d/postgrey ] && invoke-rc.d postgrey restart
+ else
+ [ -x /etc/init.d/postgrey ] && /etc/init.d/postgrey restart
+ fi
+fi
+
+# restart
+if [ "$restart_postfix" = "yes" ]; then
+ if [ -x /usr/sbin/invoke-rc.d ]; then
+ [ -x /etc/init.d/postfix ] && invoke-rc.d postfix restart
+ else
+ [ -x /etc/init.d/postfix ] && /etc/init.d/postfix restart
+ fi
+fi
+cp_mail postfix-cn
projects / postfix-cn.git / commitdiff