projects / postfix-cn.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Preslagivanje access i check lista, ovisnost o postfix-pcre
[postfix-cn.git] / debian / postinst
diff --git a/debian/postinst b/debian/postinst
index a88f6ed..0749482 100755 (executable)
--- a/debian/postinst
+++ b/debian/postinst
@@ -41,6 +41,16 @@ if echo $rbl | grep -q dnsbl.njabl.org; then
   db_set postfix-cn/rbl "$rbl" || true
 fi
 
+# zelja, 2021-04-29
+# ako je spamhaus.org ovdje, postavi eta.cert.hr, a sam
+# spamhaus je nepotreban, jer imamo zen.dnsbl-sh.carnet.hr
+if echo $rbl | grep -q zen.spamhaus.org; then
+  rbl="`echo $rbl | sed 's/zen.spamhaus.org, /eta.cert.hr, /g'`"
+  # za svaki slucaj, ako je na kraju
+  rbl="`echo $rbl | sed 's/zen.spamhaus.org/eta.cert.hr/g'`"
+  db_set postfix-cn/rbl "$rbl" || true
+fi
+
 db_get postfix-cn/matchgecos || true
 matchgecos="$RET"
 
@@ -208,13 +218,10 @@ smtpd_recipient_restrictions="reject_invalid_hostname, \
                              permit_sasl_authenticated, \
                              permit_mynetworks, \
                              reject_unauth_destination, \
-                              check_client_access hash:/etc/postfix/access_client_cn, \
-                              check_helo_access hash:/etc/postfix/access_helo_cn, \
-                              check_sender_access hash:/etc/postfix/access_sender_cn, \
-                              check_recipient_access hash:/etc/postfix/access_recipient_cn, \
-                              check_header_access regexp:/etc/postfix/access_header_cn, \
-                              check_mime_header_access regexp:/etc/postfix/access_mime_header_cn, \
-                              check_body_access regexp:/etc/postfix/access_body_cn"
+                              check_client_access hash:/etc/postfix/client_access.cn, \
+                              check_helo_access hash:/etc/postfix/helo_access.cn, \
+                              check_sender_access hash:/etc/postfix/sender_access.cn, \
+                              check_recipient_access hash:/etc/postfix/recipient_access.cn"
 
 # dodaj samo rbl-ove iz debconfa
 if [ "$rbl" ]; then
@@ -227,6 +234,14 @@ fi
 smtpd_recipient_restrictions="$smtpd_recipient_restrictions, permit"
 postconf -e smtpd_recipient_restrictions="$smtpd_recipient_restrictions"
 
+# Header & body checks
+
+postconf -e header_checks="pcre:/etc/postfix/header_checks.cn"
+postconf -e mime_header_checks="pcre:/etc/postfix/mime_header_checks.cn"
+postconf -e nested_header_checks="pcre:/etc/postfix/nested_header_checks.cn"
+postconf -e body_checks="pcre:/etc/postfix/body_checks.cn"
+
+
 # SASL stuff
 postconf -e smtpd_sasl_auth_enable="yes"
 postconf -e smtpd_sasl_security_options="noanonymous"
@@ -400,7 +415,7 @@ fi
 
 # rjesava gresku using backwards-compatible default setting chroot=y
 
-for service in smtp/inet smtp/unix submission/inet pickup/fifo cleanup/unix qmgr/fifo rewrite/unix bounce/unix defer/unix trace/unix verify/unix flush/unix relay/unix showq/unix error/unix scache/unix discard/unix retry/unix
+for service in smtps/inet smtp/inet smtp/unix submission/inet pickup/fifo cleanup/unix qmgr/fifo rewrite/unix bounce/unix defer/unix trace/unix verify/unix flush/unix relay/unix showq/unix error/unix scache/unix discard/unix retry/unix
 do
        postconf -F $service/chroot=y
 done   
postfix-cn