Merge branch 'master' into chore/install-stepcli
This commit is contained in:
Brennan Kinney
GitHub
commit
0c6667175b
|
|
@ -71,16 +71,16 @@ jobs:
|
|||
cache-buildx-
|
||||
|
||||
- name: 'Set up QEMU'
|
||||
uses: docker/setup-qemu-action@v3.4.0
|
||||
uses: docker/setup-qemu-action@v3.6.0
|
||||
with:
|
||||
platforms: arm64
|
||||
|
||||
- name: 'Set up Docker Buildx'
|
||||
uses: docker/setup-buildx-action@v3.9.0
|
||||
uses: docker/setup-buildx-action@v3.10.0
|
||||
|
||||
# NOTE: AMD64 can build within 2 minutes
|
||||
- name: 'Build images'
|
||||
uses: docker/build-push-action@v6.13.0
|
||||
uses: docker/build-push-action@v6.15.0
|
||||
with:
|
||||
context: .
|
||||
# Build at least the AMD64 image (which runs against the test suite).
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ jobs:
|
|||
|
||||
- name: 'Prepare tags'
|
||||
id: prep
|
||||
uses: docker/metadata-action@v5.6.1
|
||||
uses: docker/metadata-action@v5.7.0
|
||||
with:
|
||||
images: |
|
||||
${{ secrets.DOCKER_REPOSITORY }}
|
||||
|
|
@ -35,12 +35,12 @@ jobs:
|
|||
type=semver,pattern={{major}}.{{minor}}.{{patch}}
|
||||
|
||||
- name: 'Set up QEMU'
|
||||
uses: docker/setup-qemu-action@v3.4.0
|
||||
uses: docker/setup-qemu-action@v3.6.0
|
||||
with:
|
||||
platforms: arm64
|
||||
|
||||
- name: 'Set up Docker Buildx'
|
||||
uses: docker/setup-buildx-action@v3.9.0
|
||||
uses: docker/setup-buildx-action@v3.10.0
|
||||
|
||||
# Try get the cached build layers from a prior `generic_build.yml` job.
|
||||
# NOTE: Until adopting `type=gha` scoped cache exporter (in `docker/build-push-action`),
|
||||
|
|
@ -67,7 +67,7 @@ jobs:
|
|||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: 'Build and publish images'
|
||||
uses: docker/build-push-action@v6.13.0
|
||||
uses: docker/build-push-action@v6.15.0
|
||||
with:
|
||||
context: .
|
||||
build-args: |
|
||||
|
|
|
|||
|
|
@ -38,12 +38,12 @@ jobs:
|
|||
# Ensures consistent BuildKit version (not coupled to Docker Engine),
|
||||
# and increased compatibility of the build cache vs mixing buildx drivers.
|
||||
- name: 'Set up Docker Buildx'
|
||||
uses: docker/setup-buildx-action@v3.9.0
|
||||
uses: docker/setup-buildx-action@v3.10.0
|
||||
|
||||
# Importing from the cache should create the image within approx 30 seconds:
|
||||
# NOTE: `qemu` step is not needed as we only test for AMD64.
|
||||
- name: 'Build AMD64 image from cache'
|
||||
uses: docker/build-push-action@v6.13.0
|
||||
uses: docker/build-push-action@v6.15.0
|
||||
with:
|
||||
context: .
|
||||
tags: mailserver-testing:ci
|
||||
|
|
|
|||
|
|
@ -37,12 +37,12 @@ jobs:
|
|||
# Ensures consistent BuildKit version (not coupled to Docker Engine),
|
||||
# and increased compatibility of the build cache vs mixing buildx drivers.
|
||||
- name: 'Set up Docker Buildx'
|
||||
uses: docker/setup-buildx-action@v3.9.0
|
||||
uses: docker/setup-buildx-action@v3.10.0
|
||||
|
||||
# Importing from the cache should create the image within approx 30 seconds:
|
||||
# NOTE: `qemu` step is not needed as we only test for AMD64.
|
||||
- name: 'Build AMD64 image from cache'
|
||||
uses: docker/build-push-action@v6.13.0
|
||||
uses: docker/build-push-action@v6.15.0
|
||||
with:
|
||||
context: .
|
||||
tags: mailserver-testing:ci
|
||||
|
|
|
|||
16
CHANGELOG.md
16
CHANGELOG.md
|
|
@ -2,10 +2,19 @@
|
|||
|
||||
All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||
|
||||
## [Unreleased](https://github.com/docker-mailserver/docker-mailserver/compare/v14.0.0...HEAD)
|
||||
## [Unreleased](https://github.com/docker-mailserver/docker-mailserver/compare/v15.0.0...HEAD)
|
||||
|
||||
> **Note**: Changes and additions listed here are contained in the `:edge` image tag. These changes may not be as stable as released changes.
|
||||
|
||||
### Fixes
|
||||
|
||||
- **Postfix:**
|
||||
- `setup email restrict` generated configs now only prepend to `dms_smtpd_sender_restrictions` ([#4379](https://github.com/docker-mailserver/docker-mailserver/pull/4379))
|
||||
- **Internal:**
|
||||
- A permissions fix for `/var/log/mail` that was [added in DMS v15]((https://github.com/docker-mailserver/docker-mailserver/pull/4374)) no longer encounters an error when no log files are present during a container restart, such as with a `tmpfs` volume mount ([#4391](https://github.com/docker-mailserver/docker-mailserver/pull/4391))
|
||||
|
||||
## [v15.0.0](https://github.com/docker-mailserver/docker-mailserver/releases/tag/v15.0.0)
|
||||
|
||||
### Breaking
|
||||
|
||||
- **saslauthd** mechanism support via ENV `SASLAUTHD_MECHANISMS` with `pam`, `shadow`, `mysql` values has been removed. Only `ldap` and `rimap` remain supported ([#4259](https://github.com/docker-mailserver/docker-mailserver/pull/4259))
|
||||
|
|
@ -17,6 +26,7 @@ All notable changes to this project will be documented in this file. The format
|
|||
- This has been corrected to `/var/lib/getmail` (_if you have mounted a DMS State Volume to `/var/mail-state`, `/var/lib/getmail` will be symlinked to `/var/mail-state/lib-getmail`_).
|
||||
- To preserve this state when upgrading to DMS v15, **you must manually migrate `getmail/` from the _DMS Config Volume_ to `lib-getmail/` in the _DMS State Volume_.**
|
||||
- `setup email delete <EMAIL ADDRESS>` now requires explicit confirmation if the mailbox data should be deleted ([#4365](https://github.com/docker-mailserver/docker-mailserver/pull/4365)).
|
||||
- **Rspamd:** Removed deprecated file path check (_DMS config volume: `./rspamd-modules.conf` => `./rspamd/custom-commands.conf`_) ([#4373](https://github.com/docker-mailserver/docker-mailserver/pull/4373))
|
||||
|
||||
### Added
|
||||
|
||||
|
|
@ -27,7 +37,7 @@ All notable changes to this project will be documented in this file. The format
|
|||
|
||||
### Updates
|
||||
|
||||
**Internal:**
|
||||
- **Internal:**
|
||||
- **Removed `VERSION` file** from the repo. Releases of DMS prior to v13 (Nov 2023) would check this to detect new releases ([#3677](https://github.com/docker-mailserver/docker-mailserver/issues/3677), [#4321](https://github.com/docker-mailserver/docker-mailserver/pull/4321))
|
||||
- During image build, ensure a secure connection when downloading the `fail2ban` package ([#4080](https://github.com/docker-mailserver/docker-mailserver/pull/4080))
|
||||
- **Documentation:**
|
||||
|
|
@ -60,7 +70,7 @@ All notable changes to this project will be documented in this file. The format
|
|||
- The main `mail.log` (_which is piped to stdout via `tail`_) now correctly begins from the first log line of the active container run. Previously some daemon logs and potential warnings/errors were omitted ([#4146](https://github.com/docker-mailserver/docker-mailserver/pull/4146))
|
||||
- `start-mailserver.sh` removed unused `shopt -s inherit_errexit` ([#4161](https://github.com/docker-mailserver/docker-mailserver/pull/4161))
|
||||
- Fixed a regression introduced in DMS v14 where `postfix-main.cf` appended `stderr` output into `/etc/postfix/main.cf`, causing Postfix startup to fail ([#4147](https://github.com/docker-mailserver/docker-mailserver/pull/4147))
|
||||
- Fixed a regression introduced in DMS v14 to better support running `start-mailserver.sh` with container restarts, which now only skip calling `_setup()` ([#4323](https://github.com/docker-mailserver/docker-mailserver/pull/4323#issuecomment-2629559254))
|
||||
- Fixed a regression introduced in DMS v14 to better support running `start-mailserver.sh` with container restarts, which now only skip calling `_setup()` ([#4323](https://github.com/docker-mailserver/docker-mailserver/pull/4323#issuecomment-2629559254), [#4374](https://github.com/docker-mailserver/docker-mailserver/pull/4374))
|
||||
- The command `swaks --help` is now functional ([#4282](https://github.com/docker-mailserver/docker-mailserver/pull/4282))
|
||||
- **Rspamd:**
|
||||
- DKIM private key path checking is now performed only on paths that do not contain `$` ([#4201](https://github.com/docker-mailserver/docker-mailserver/pull/4201))
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
# Docs: https://docker-mailserver.github.io/docker-mailserver/v14.0/config/advanced/mail-fetchmail
|
||||
# Docs: https://docker-mailserver.github.io/docker-mailserver/v15.0/config/advanced/mail-fetchmail
|
||||
# Additional context, with CLI commands for verification:
|
||||
# https://github.com/orgs/docker-mailserver/discussions/3994#discussioncomment-9290570
|
||||
|
||||
services:
|
||||
dms-fetch:
|
||||
image: ghcr.io/docker-mailserver/docker-mailserver:latest # :14.0
|
||||
image: ghcr.io/docker-mailserver/docker-mailserver:latest # :15.0
|
||||
hostname: mail.example.test
|
||||
environment:
|
||||
ENABLE_FETCHMAIL: 1
|
||||
|
|
@ -26,7 +26,7 @@ services:
|
|||
target: /tmp/docker-mailserver/fetchmail.cf
|
||||
|
||||
dms-remote:
|
||||
image: ghcr.io/docker-mailserver/docker-mailserver:latest # :14.0
|
||||
image: ghcr.io/docker-mailserver/docker-mailserver:latest # :15.0
|
||||
hostname: mail.remote.test
|
||||
environment:
|
||||
# Allows for us send a test mail easily by trusting any mail client run within this container (`swaks`):
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
# Docs: https://docker-mailserver.github.io/docker-mailserver/v14.0/config/advanced/mail-forwarding/relay-hosts/
|
||||
# Docs: https://docker-mailserver.github.io/docker-mailserver/v15.0/config/advanced/mail-forwarding/relay-hosts/
|
||||
# Additional context, with CLI commands for verification:
|
||||
# https://github.com/docker-mailserver/docker-mailserver/issues/4136#issuecomment-2253693490
|
||||
|
||||
services:
|
||||
# This would represent your actual DMS container:
|
||||
dms-sender:
|
||||
image: mailserver/docker-mailserver:latest # :14.0
|
||||
image: mailserver/docker-mailserver:latest # :15.0
|
||||
hostname: mail.example.test
|
||||
environment:
|
||||
# All outbound mail will be relayed through this host
|
||||
|
|
@ -37,7 +37,7 @@ services:
|
|||
|
||||
# Pretend this is your third-party relay service:
|
||||
dms-relay:
|
||||
image: mailserver/docker-mailserver:latest # :14.0
|
||||
image: mailserver/docker-mailserver:latest # :15.0
|
||||
hostname: smtp.relay-service.test
|
||||
environment:
|
||||
# WORKAROUND: Bypass security checks from the mail-client (dms-sender container)
|
||||
|
|
@ -58,7 +58,7 @@ services:
|
|||
|
||||
# Pretend this is another mail server that your target recipient belongs to (like Gmail):
|
||||
dms-destination:
|
||||
image: mailserver/docker-mailserver:latest # :14.0
|
||||
image: mailserver/docker-mailserver:latest # :15.0
|
||||
hostname: mail.destination.test
|
||||
# WORKAROUND: dms-relay must be able to resolve DNS for `@destination.test` to the IP of this container:
|
||||
# Normally a MX record would direct mail to the MTA (eg: `mail.destination.test`)
|
||||
|
|
|
|||
|
|
@ -151,6 +151,6 @@ We provide this support via two config files:
|
|||
[wikipedia::smarthost]: https://en.wikipedia.org/wiki/Smart_host
|
||||
|
||||
[docs::env-relay]: ../../environment.md#relay-host
|
||||
[dms-repo::helpers-relay]: https://github.com/docker-mailserver/docker-mailserver/blob/v14.0.0/target/scripts/helpers/relay.sh
|
||||
[dms-repo::helpers-relay]: https://github.com/docker-mailserver/docker-mailserver/blob/v15.0.0/target/scripts/helpers/relay.sh
|
||||
[dms-gh::pr-3607]: https://github.com/docker-mailserver/docker-mailserver/issues/3607
|
||||
[dms-gh::relay-example]: https://github.com/docker-mailserver/docker-mailserver/issues/3842#issuecomment-1913380639
|
||||
|
|
|
|||
|
|
@ -139,7 +139,7 @@ To use the web interface you will need to configure a password, [otherwise you w
|
|||
|
||||
---
|
||||
|
||||
**Related:** A minimal Rspamd `compose.yaml` [example with a reverse-proxy for web access][gh-dms:guide::rspamd-web].
|
||||
**Related:** A minimal Rspamd `compose.yaml` [example with a reverse-proxy for web access][gh-dms::guide::rspamd-web].
|
||||
|
||||
### DNS
|
||||
|
||||
|
|
@ -353,8 +353,8 @@ While _Abusix_ can be integrated into Postfix, Postscreen and a multitude of oth
|
|||
[abusix-docs::rspamd-integration]: https://abusix.com/docs/rspamd/
|
||||
[spamhaus::faq::dnsbl-usage]: https://www.spamhaus.org/faq/section/DNSBL%20Usage#365
|
||||
|
||||
[dms-repo::rspamd-actions-config]: https://github.com/docker-mailserver/docker-mailserver/tree/v14.0.0/target/rspamd/local.d/actions.conf
|
||||
[dms-repo::default-rspamd-configuration]: https://github.com/docker-mailserver/docker-mailserver/tree/v14.0.0/target/rspamd
|
||||
[dms-repo::rspamd-actions-config]: https://github.com/docker-mailserver/docker-mailserver/tree/v15.0.0/target/rspamd/local.d/actions.conf
|
||||
[dms-repo::default-rspamd-configuration]: https://github.com/docker-mailserver/docker-mailserver/tree/v15.0.0/target/rspamd
|
||||
[gh-dms::guide::valkey]: https://github.com/docker-mailserver/docker-mailserver/issues/4001#issuecomment-2652596692
|
||||
[gh-dms::guide::rspamd-web]: https://github.com/orgs/docker-mailserver/discussions/4269#discussioncomment-11329588
|
||||
|
||||
|
|
|
|||
|
|
@ -44,19 +44,21 @@ As the official DMS image does not provide `dovecot-solr`, you'll need to includ
|
|||
mailserver:
|
||||
hostname: mail.example.com
|
||||
# The `image` setting now represents the tag for the local build configured below:
|
||||
image: local/dms:14.0
|
||||
image: local/dms:${DMS_TAG?Must set DMS image tag}
|
||||
# Local build (no need to try pull `image` remotely):
|
||||
pull_policy: build
|
||||
# Add this `build` section to your real `compose.yaml` for your DMS service:
|
||||
build:
|
||||
dockerfile_inline: |
|
||||
FROM docker.io/mailserver/docker-mailserver:14.0
|
||||
FROM docker.io/mailserver/docker-mailserver:${DMS_TAG?Must set DMS image tag}
|
||||
RUN apt-get update && apt-get install dovecot-solr
|
||||
```
|
||||
|
||||
- Just run `docker compose up` and it will pull DMS and build your custom image to run a container.
|
||||
- Updating to a new DMS release is straight-forward, just adjust the version tag as you normally would. If you make future changes that don't apply, you may need to force a rebuild.
|
||||
- This approach only needs to install the package once with the image build itself. This minimizes delay of container startup.
|
||||
This approach only needs to install the package once with the image build itself which minimizes the delay of container startup.
|
||||
|
||||
- Just run `DMS_TAG='14.0' docker compose up` and it will pull the DMS image, then build your custom DMS image to run a new container instance.
|
||||
- Updating to a new DMS release is straight-forward, just adjust the `DMS_TAG` ENV value or change the image tag directly in `compose.yaml` as you normally would to upgrade an image.
|
||||
- If you make future changes to the `dockerfile_inline` that don't seem to be applied, you may need to force a rebuild with `DMS_TAG='14.0' docker compose up --build`.
|
||||
|
||||
!!! note "Why doesn't DMS include `dovecot-solr`?"
|
||||
|
||||
|
|
|
|||
|
|
@ -68,9 +68,10 @@ smtpd_forbid_bare_newline = yes
|
|||
# smtpd_forbid_bare_newline_exclusions = $mynetworks
|
||||
|
||||
# Custom defined parameters for DMS:
|
||||
# reject_unknown_sender_domain: https://github.com/docker-mailserver/docker-mailserver/issues/3716#issuecomment-1868033234
|
||||
# Custom sender restrictions overview: https://github.com/docker-mailserver/docker-mailserver/pull/4379#issuecomment-2670365917
|
||||
# `reject_unknown_sender_domain`: https://github.com/docker-mailserver/docker-mailserver/issues/3716#issuecomment-1868033234
|
||||
dms_smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain
|
||||
# Submission ports 587 and 465 support for SPOOF_PROTECTION=1
|
||||
# `SPOOF_PROTECTION=1` support requires prepending `reject_authenticated_sender_login_mismatch`
|
||||
mua_sender_restrictions = reject_authenticated_sender_login_mismatch, $dms_smtpd_sender_restrictions
|
||||
|
||||
# Postscreen settings to drop zombies/open relays/spam early
|
||||
|
|
|
|||
|
|
@ -111,14 +111,6 @@ function _rspamd_handle_user_modules_adjustments() {
|
|||
fi
|
||||
}
|
||||
|
||||
# We check for usage of the previous location of the commands file.
|
||||
# TODO This can be removed after the release of v14.0.0.
|
||||
local RSPAMD_DMS_CUSTOM_COMMANDS_F_OLD="${RSPAMD_DMS_D}-modules.conf"
|
||||
readonly RSPAMD_DMS_CUSTOM_COMMANDS_F_OLD
|
||||
if [[ -f ${RSPAMD_DMS_CUSTOM_COMMANDS_F_OLD} ]]; then
|
||||
_dms_panic__general "Old custom command file location '${RSPAMD_DMS_CUSTOM_COMMANDS_F_OLD}' is deprecated (use '${RSPAMD_DMS_CUSTOM_COMMANDS_F}' now)" 'Rspamd setup'
|
||||
fi
|
||||
|
||||
if [[ -f "${RSPAMD_DMS_CUSTOM_COMMANDS_F}" ]]; then
|
||||
__rspamd__log 'debug' "Found file '${RSPAMD_DMS_CUSTOM_COMMANDS_F}' - parsing and applying it"
|
||||
|
||||
|
|
|
|||
|
|
@ -43,7 +43,6 @@ function _register_functions() {
|
|||
# ? >> Setup
|
||||
|
||||
_register_setup_function '_setup_vmail_id'
|
||||
_register_setup_function '_setup_logs_general'
|
||||
_register_setup_function '_setup_timezone'
|
||||
|
||||
if [[ ${SMTP_ONLY} -ne 1 ]]; then
|
||||
|
|
|
|||
|
|
@ -82,6 +82,8 @@ function _setup_timezone() {
|
|||
fi
|
||||
}
|
||||
|
||||
# Misc checks and fixes migrated here until next refactor:
|
||||
# NOTE: `start-mailserver.sh` runs this along with `mail-state.sh` during container restarts
|
||||
function _setup_directory_and_file_permissions() {
|
||||
_log 'trace' 'Removing leftover PID files from a stop/start'
|
||||
find /var/run/ -not -name 'supervisord.pid' -name '*.pid' -delete
|
||||
|
|
@ -101,6 +103,8 @@ function _setup_directory_and_file_permissions() {
|
|||
_log 'debug' "Ensuring '${RSPAMD_DMS_DKIM_D}' is owned by '_rspamd:_rspamd'"
|
||||
chown -R _rspamd:_rspamd "${RSPAMD_DMS_DKIM_D}"
|
||||
fi
|
||||
|
||||
__log_fixes
|
||||
}
|
||||
|
||||
function _setup_run_user_patches() {
|
||||
|
|
@ -113,3 +117,32 @@ function _setup_run_user_patches() {
|
|||
_log 'trace' "No optional '${USER_PATCHES}' provided"
|
||||
fi
|
||||
}
|
||||
|
||||
function __log_fixes() {
|
||||
_log 'debug' 'Ensuring /var/log/mail owneership + permissions are correct'
|
||||
|
||||
# File/folder permissions are fine when using docker volumes, but may be wrong
|
||||
# when file system folders are mounted into the container.
|
||||
# Set the expected values and create missing folders/files just in case.
|
||||
mkdir -p /var/log/{mail,supervisor}
|
||||
|
||||
# TODO: Remove these lines in a future release once concerns are resolved:
|
||||
# https://github.com/docker-mailserver/docker-mailserver/pull/4370#issuecomment-2661762043
|
||||
chown syslog:root /var/log/mail
|
||||
|
||||
if [[ ${ENABLE_CLAMAV} -eq 1 ]]; then
|
||||
# TODO: Consider assigning /var/log/mail a writable non-root group for other processes like ClamAV?
|
||||
# - Check if ClamAV is capable of creating files itself when they're missing?
|
||||
# - Alternatively a symlink to /var/log/mail from the original intended location would allow write access
|
||||
# as a user to the symlink location, while keeping ownership as root at /var/log/mail
|
||||
# - `LogSyslog false` for clamd.conf + freshclam.conf could possibly be enabled instead of log files?
|
||||
# However without better filtering in place (once Vector is adopted), this should be avoided.
|
||||
touch /var/log/mail/{clamav,freshclam}.log
|
||||
chown clamav:adm /var/log/mail/{clamav,freshclam}.log
|
||||
fi
|
||||
|
||||
# Volume permissions should be corrected:
|
||||
# https://github.com/docker-mailserver/docker-mailserver-helm/issues/137
|
||||
chmod 755 /var/log/mail/
|
||||
find /var/log/mail/ -type f -exec chmod 640 {} +
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,15 +1,5 @@
|
|||
#!/bin/bash
|
||||
|
||||
function _setup_logs_general() {
|
||||
_log 'debug' 'Setting up general log files'
|
||||
|
||||
# File/folder permissions are fine when using docker volumes, but may be wrong
|
||||
# when file system folders are mounted into the container.
|
||||
# Set the expected values and create missing folders/files just in case.
|
||||
mkdir -p /var/log/{mail,supervisor}
|
||||
chown syslog:root /var/log/mail
|
||||
}
|
||||
|
||||
function _setup_logrotate() {
|
||||
_log 'debug' 'Setting up logrotate'
|
||||
|
||||
|
|
|
|||
|
|
@ -93,13 +93,17 @@ EOF
|
|||
function _setup_postfix_late() {
|
||||
_log 'debug' 'Configuring Postfix (late setup)'
|
||||
|
||||
# These two config files are `access` database tables managed via `setup email restrict`:
|
||||
# NOTE: Prepends to existing restrictions, thus has priority over other permit/reject policies that follow.
|
||||
# https://www.postfix.org/postconf.5.html#smtpd_sender_restrictions
|
||||
# https://www.postfix.org/access.5.html
|
||||
__postfix__log 'trace' 'Configuring user access'
|
||||
if [[ -f /tmp/docker-mailserver/postfix-send-access.cf ]]; then
|
||||
sed -i -E 's|(smtpd_sender_restrictions =)|\1 check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf,|' /etc/postfix/main.cf
|
||||
sed -i -E 's|^(dms_smtpd_sender_restrictions =)|\1 check_sender_access texthash:/tmp/docker-mailserver/postfix-send-access.cf,|' /etc/postfix/main.cf
|
||||
fi
|
||||
|
||||
if [[ -f /tmp/docker-mailserver/postfix-receive-access.cf ]]; then
|
||||
sed -i -E 's|(smtpd_recipient_restrictions =)|\1 check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf,|' /etc/postfix/main.cf
|
||||
sed -i -E 's|^(dms_smtpd_recipient_restrictions =)|\1 check_recipient_access texthash:/tmp/docker-mailserver/postfix-receive-access.cf,|' /etc/postfix/main.cf
|
||||
fi
|
||||
|
||||
__postfix__log 'trace' 'Configuring relay host'
|
||||
|
|
|
|||
|
|
@ -155,13 +155,6 @@ function __setup__security__clamav() {
|
|||
if [[ ${ENABLE_CLAMAV} -eq 1 ]]; then
|
||||
_log 'debug' 'Enabling and configuring ClamAV'
|
||||
|
||||
local FILE
|
||||
for FILE in /var/log/mail/{clamav,freshclam}.log; do
|
||||
touch "${FILE}"
|
||||
chown clamav:adm "${FILE}"
|
||||
chmod 640 "${FILE}"
|
||||
done
|
||||
|
||||
if [[ ${CLAMAV_MESSAGE_SIZE_LIMIT} != '25M' ]]; then
|
||||
_log 'trace' "Setting ClamAV message scan size limit to '${CLAMAV_MESSAGE_SIZE_LIMIT}'"
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue