aboutsummaryrefslogtreecommitdiffstats
path: root/config/postfix/postfix.inc
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2013-05-13 17:09:43 -0400
committerbmeeks8 <bmeeks8@bellsouth.net>2013-05-13 17:09:43 -0400
commit4a38b4b1a48b67baf997453227c9d4a1bb810523 (patch)
tree0321c07f5267806b55ad025df8c13968ac17ba94 /config/postfix/postfix.inc
parent080fb922c15c959be4f0bd101d0cf3f529f0e866 (diff)
parent3eddd42b1d0da5bdf5faec0e5036ef30347fa0a3 (diff)
downloadpfsense-packages-4a38b4b1a48b67baf997453227c9d4a1bb810523.tar.gz
pfsense-packages-4a38b4b1a48b67baf997453227c9d4a1bb810523.tar.bz2
pfsense-packages-4a38b4b1a48b67baf997453227c9d4a1bb810523.zip
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'config/postfix/postfix.inc')
-rw-r--r--config/postfix/postfix.inc44
1 files changed, 32 insertions, 12 deletions
diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc
index 83fc46e2..b564fd47 100644
--- a/config/postfix/postfix.inc
+++ b/config/postfix/postfix.inc
@@ -278,7 +278,7 @@ function check_cron(){
}
-function sync_package_postfix() {
+function sync_package_postfix($via_rpc=false) {
global $config;
# detect boot process
@@ -289,7 +289,7 @@ function sync_package_postfix() {
$boot_process="on";
}
- if(is_process_running("master") && isset($boot_process))
+ if(is_process_running("master") && isset($boot_process) && $via_rpc==false)
return;
#check patch in /etc/inc/config.
@@ -360,7 +360,7 @@ function sync_package_postfix() {
$copyright=<<<ABOUT
#Part of the Postfix package for pfSense
#Copyright (C) 2010 Erik Fonnesbeck
-#Copyright (C) 2011 Marcello Coutinho
+#Copyright (C) 2011-2013 Marcello Coutinho
#All rights reserved.
#DO NOT EDIT THIS FILE
@@ -372,6 +372,11 @@ $pf_dir=POSTFIX_LOCALBASE;
{$copyright}
mynetworks = {$pf_dir}/etc/postfix/mynetwork_table
mynetworks_style = host
+access_map_reject_code= 554
+access_map_defer_code = 451
+unverified_recipient_reject_code = 550
+unknown_client_reject_code = 550
+unknown_hostname_reject_code = 550
EOF;
#Header Maps
@@ -385,6 +390,10 @@ EOF;
$postfix_main .= "header_size_limit = 1024000\n";
$header_check = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['header_maps']);
}
+ #Helo Maps
+ if ($config['installedpackages']['postfixacl']['config'][0]['helo_maps']){
+ $helo_check = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['helo_maps']);
+ }
#Sender access
if ($config['installedpackages']['postfixacl']['config'][0]['sender_access']){
$sender_access = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['sender_access']);
@@ -452,7 +461,16 @@ EOF;
break;
}
}
- $reject_unknown_helo_hostname=($antispam['reject_unknown_helo_hostname']?"reject_unknown_helo_hostname":"");
+ if ($antispam['reject_unknown_helo_hostname']){
+ $reject_unknown_helo_hostname = <<<EOF
+smtpd_helo_restrictions = check_helo_access pcre:{$pf_dir}/etc/postfix/helo_check,
+ reject_unknown_helo_hostname,
+ reject_invalid_helo_hostname,
+ reject_non_fqdn_helo_hostname,
+ permit
+
+EOF;
+ }
if ($antispam['header_check'] == "strong")
{
$postfix_main .= <<<EOF
@@ -464,7 +482,7 @@ smtpd_delay_reject = yes
# Don't talk to mail systems that don't know their own hostname.
smtpd_helo_required = yes
-smtpd_helo_restrictions ={$reject_unknown_helo_hostname}
+{$reject_unknown_helo_hostname}
smtpd_sender_restrictions = reject_non_fqdn_sender,
reject_unknown_sender_domain,
@@ -488,11 +506,11 @@ smtpd_recipient_restrictions = permit_mynetworks,
check_client_access pcre:{$pf_dir}/etc/postfix/cal_pcre,
check_client_access cidr:{$pf_dir}/etc/postfix/cal_cidr,
check_sender_access hash:{$pf_dir}/etc/postfix/sender_access,
- reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname,
reject_unknown_recipient_domain,
reject_non_fqdn_recipient,
reject_multi_recipient_bounce,
+ reject_unverified_recipient,
SPFSPFSPFRBLRBLRBL
EOF;
@@ -505,7 +523,7 @@ smtpd_delay_reject = yes
# Don't talk to mail systems that don't know their own hostname.
smtpd_helo_required = yes
-smtpd_helo_restrictions = {$reject_unknown_helo_hostname}
+{$reject_unknown_helo_hostname}
smtpd_sender_restrictions = reject_unknown_sender_domain,
RBLRBLRBL
@@ -685,6 +703,7 @@ MASTEREOF2;
file_put_contents(POSTFIX_LOCALBASE."/etc/postfix/cal_cidr", $cal_cidr, LOCK_EX);
file_put_contents(POSTFIX_LOCALBASE."/etc/postfix/cal_pcre", $cal_pcre, LOCK_EX);
file_put_contents(POSTFIX_LOCALBASE."/etc/postfix/header_check", $header_check, LOCK_EX);
+ file_put_contents(POSTFIX_LOCALBASE."/etc/postfix/helo_check", $helo_check, LOCK_EX);
file_put_contents(POSTFIX_LOCALBASE."/etc/postfix/mime_check", $mime_check, LOCK_EX);
file_put_contents(POSTFIX_LOCALBASE."/etc/postfix/body_check", $body_check, LOCK_EX);
file_put_contents(POSTFIX_LOCALBASE."/etc/postfix/mynetwork_table", $mynetworks, LOCK_EX);
@@ -733,10 +752,8 @@ EOF;
log_error("Writing rc_file");
write_rcfile(array("file" => "postfix.sh", "start" => $start, "stop" => $stop));
- conf_mount_ro();
-
sleep(1);
- if ($config['installedpackages']['postfix']['config'][0]['enable_postfix']){
+ if (is_array($config['installedpackages']['postfix']) && $config['installedpackages']['postfix']['config'][0]['enable_postfix']){
log_error("Reloading/starting postfix");
system('/bin/chmod +x /usr/local/etc/rc.d/postfix.sh');
mwexec_bg(POSTFIX_LOCALBASE."/sbin/postfix reload || /usr/local/etc/rc.d/postfix.sh start");
@@ -747,6 +764,8 @@ EOF;
mwexec("/usr/local/etc/rc.d/postfix.sh stop");
system('/bin/chmod -x /usr/local/etc/rc.d/postfix.sh');
}
+
+ conf_mount_ro();
}
function postfix_validate_input($post, &$input_errors) {
@@ -782,7 +801,8 @@ function postfix_php_install_command() {
function postfix_php_deinstall_command() {
global $config;
#disable service
- $config['installedpackages']['postfix']['config'][0]['enable_postfix']="";
+ if (is_array($config['installedpackages']['postfix']))
+ $config['installedpackages']['postfix']['config'][0]['enable_postfix']="";
write_config();
sync_package_postfix();
conf_mount_rw();
@@ -924,7 +944,7 @@ function postfix_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$sync
/* tell postfix to reload our settings on the destionation sync host. */
$method = 'pfsense.exec_php';
$execcmd = "require_once('/usr/local/pkg/postfix.inc');\n";
- $execcmd .= "sync_package_postfix();";
+ $execcmd .= "sync_package_postfix(true);";
/* assemble xmlrpc payload */
$params = array(