github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-22 22:34:05 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding possibility to change DKIM selector for domain

Browse source
This commit is contained in:
Sergej 2014-03-05 15:21:59 +04:00
commit 0c6c3c713e
14 changed files with 100 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

9
bin/v-add-mail-domain
View file

@ -74,14 +74,7 @@ if [ "$dkim" = 'yes' ]; then
# Adding dkim dns records # Adding dkim dns records
check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain") check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain")
if [ "$?" -eq 0 ]; then if [ "$?" -eq 0 ]; then
p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n') add_mail_domain_dkim_dns $user $domain
record='_domainkey'
policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
record='mail._domainkey'
selector="\"k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
fi fi
fi fi

18
bin/v-add-mail-domain-dkim
View file

@ -48,21 +48,19 @@ chmod 660 $USER_DATA/mail/$domain.*
# Adding dkim to config # Adding dkim to config
cp $USER_DATA/mail/$domain.pem $HOMEDIR/$user/conf/mail/$domain/dkim.pem cp $USER_DATA/mail/$domain.pem $HOMEDIR/$user/conf/mail/$domain/dkim.pem
chown exim:mail $HOMEDIR/$user/conf/mail/$domain/dkim.pem if [ "$MAIL_SYSTEM" = 'exim' ]; then
mail_user=exim
fi
if [ "$MAIL_SYSTEM" = 'exim4' ]; then
mail_user=Debian-exim
fi
chown $mail_user:mail $HOMEDIR/$user/conf/mail/$domain/dkim.pem
chmod 660 $HOMEDIR/$user/conf/mail/$domain/dkim.pem chmod 660 $HOMEDIR/$user/conf/mail/$domain/dkim.pem
# Checking dns domain # Checking dns domain
check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain") check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain")
if [ "$?" -eq 0 ]; then if [ "$?" -eq 0 ]; then
# Adding dkim dns records add_mail_domain_dkim_dns $user $domain
p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n')
record='_domainkey'
policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
record='mail._domainkey'
selector="\"k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
fi fi

11
bin/v-list-mail-domain-dkim-dns
View file

@ -24,7 +24,7 @@ json_list_dkim_dns() {
echo " \"TTL\": \"3600\"," echo " \"TTL\": \"3600\","
echo " \"TXT\": \"'t=y; o=~;'\"" echo " \"TXT\": \"'t=y; o=~;'\""
echo -e "\t}," echo -e "\t},"
echo -e "\n\t\"mail._domainkey\": {" echo -e "\n\t\"$selector._domainkey\": {"
echo " \"TTL\": \"3600\"," echo " \"TTL\": \"3600\","
echo " \"TXT\": \"'$pub'\"" echo " \"TXT\": \"'$pub'\""
echo -e "\t}\n}" echo -e "\t}\n}"
@ -34,7 +34,7 @@ json_list_dkim_dns() {
# Shell function # Shell function
shell_list_dkim_dns() { shell_list_dkim_dns() {
echo "_domainkey 3600 IN TXT \"t=y; o=~;\"" echo "_domainkey 3600 IN TXT \"t=y; o=~;\""
echo "mail._domainkey 3600 IN TXT \"k=rsa; p=$pub\"" echo "$selector._domainkey 3600 IN TXT \"k=rsa; p=$pub\""
} }
@ -51,6 +51,13 @@ is_object_valid 'mail' 'DOMAIN' "$domain"
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Get DKIM selector for domain
selector=$(grep "^$domain:" $VESTA/data/dkim_selectors|cut -d\: -f2)
if [ -z $selector ]; then
selector=$(grep "^\*:" $VESTA/data/dkim_selectors|cut -d\: -f2)
if [ -z $selector ]; then selector=mail; fi
fi
# Check pub key # Check pub key
if [ -e "$USER_DATA/mail/$domain.pub" ]; then if [ -e "$USER_DATA/mail/$domain.pub" ]; then
pub=$(cat $USER_DATA/mail/$domain.pub | sed ':a;N;$!ba;s/\n/\\n/g') pub=$(cat $USER_DATA/mail/$domain.pub | sed ':a;N;$!ba;s/\n/\\n/g')

29
func/domain.sh
View file

@ -518,3 +518,32 @@ is_dns_nameserver_valid() {
fi fi
fi fi
} }
# Add mail domain DKIM DNS record
add_mail_domain_dkim_dns() {
user=$1
domain=$2
dkim_selector=$(grep "^$domain:" $VESTA/data/dkim_selectors|cut -d\: -f2)
if [ -z $dkim_selector ]; then
dkim_selector=$(grep "^\*:" $VESTA/data/dkim_selectors|cut -d\: -f2)
if [ -z $dkim_selector ]; then dkim_selector=mail; fi
fi
p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n')
record='_domainkey'
policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
record="$dkim_selector._domainkey"
selector="\"k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
if [ "$($BIN/v-list-dns-records $user $domain plain|grep -c '@ MX 10 mx.yandex.ru.')" == "1" ]; then
record='mail._domainkey'
selector=$(host -t TXT $record.$domain dns1.yandex.net|grep v\=DKIM1|cut -d\" -f2)
if [ -n "$selector" ]; then
$BIN/v-add-dns-record $user $domain $record TXT "\"$selector\""
fi
fi
}

11
func/rebuild.sh
View file

@ -455,7 +455,7 @@ rebuild_mail_domain_conf() {
U_MAIL_DKMI=$((U_MAIL_DKMI + 1)) U_MAIL_DKMI=$((U_MAIL_DKMI + 1))
pem="$USER_DATA/mail/$domain.pem" pem="$USER_DATA/mail/$domain.pem"
pub="$USER_DATA/mail/$domain.pub" pub="$USER_DATA/mail/$domain.pub"
openssl genrsa -out $pem 512 &>/dev/null openssl genrsa -out $pem 1024 &>/dev/null
openssl rsa -pubout -in $pem -out $pub &>/dev/null openssl rsa -pubout -in $pem -out $pub &>/dev/null
cp $pem $HOMEDIR/$user/conf/mail/$domain/dkim.pem cp $pem $HOMEDIR/$user/conf/mail/$domain/dkim.pem
@ -469,14 +469,7 @@ rebuild_mail_domain_conf() {
# Adding new dkim dns records # Adding new dkim dns records
check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain") check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain")
if [ "$?" -eq 0 ]; then if [ "$?" -eq 0 ]; then
record='_domainkey' add_mail_domain_dkim_dns $user $domain
policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
record='mail._domainkey'
p=$(cat $pub|grep -v ' KEY---'|tr -d '\n')
slct="\"k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$slct"
fi fi
fi fi

3
install/debian/exim4.conf.template
View file

@ -39,6 +39,7 @@ ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}} DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_SELECTOR = ${lookup{${lc:${domain:$h_from:}}}lsearch*{/usr/local/vesta/data/dkim_selectors}{$value}{mail}}
DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
@ -260,7 +261,7 @@ remote_smtp:
driver = smtp driver = smtp
#helo_data = $sender_address_domain #helo_data = $sender_address_domain
dkim_domain = DKIM_DOMAIN dkim_domain = DKIM_DOMAIN
dkim_selector = mail dkim_selector = DKIM_SELECTOR
dkim_private_key = DKIM_PRIVATE_KEY dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = relaxed dkim_canon = relaxed
dkim_strict = 0 dkim_strict = 0

3
install/rhel/exim.conf
View file

@ -39,6 +39,7 @@ ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}} DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_SELECTOR = ${lookup{${lc:${domain:$h_from:}}}lsearch*{/usr/local/vesta/data/dkim_selectors}{$value}{mail}}
DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
@ -260,7 +261,7 @@ remote_smtp:
driver = smtp driver = smtp
#helo_data = $sender_address_domain #helo_data = $sender_address_domain
dkim_domain = DKIM_DOMAIN dkim_domain = DKIM_DOMAIN
dkim_selector = mail dkim_selector = DKIM_SELECTOR
dkim_private_key = DKIM_PRIVATE_KEY dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = relaxed dkim_canon = relaxed
dkim_strict = 0 dkim_strict = 0

3
install/ubuntu/exim4.conf.template
View file

@ -39,6 +39,7 @@ ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}} DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_SELECTOR = ${lookup{${lc:${domain:$h_from:}}}lsearch*{/usr/local/vesta/data/dkim_selectors}{$value}{mail}}
DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
@ -260,7 +261,7 @@ remote_smtp:
driver = smtp driver = smtp
#helo_data = $sender_address_domain #helo_data = $sender_address_domain
dkim_domain = DKIM_DOMAIN dkim_domain = DKIM_DOMAIN
dkim_selector = mail dkim_selector = DKIM_SELECTOR
dkim_private_key = DKIM_PRIVATE_KEY dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = relaxed dkim_canon = relaxed
dkim_strict = 0 dkim_strict = 0

1
install/vst-install-debian.sh
View file

@ -644,6 +644,7 @@ mkdir -p $VESTA/data
mkdir -p $VESTA/data/ips mkdir -p $VESTA/data/ips
mkdir -p $VESTA/data/queue mkdir -p $VESTA/data/queue
mkdir -p $VESTA/data/users mkdir -p $VESTA/data/users
echo '*:mail' > $VESTA/data/dkim_selectors
touch $VESTA/data/queue/backup.pipe touch $VESTA/data/queue/backup.pipe
touch $VESTA/data/queue/disk.pipe touch $VESTA/data/queue/disk.pipe
touch $VESTA/data/queue/webstats.pipe touch $VESTA/data/queue/webstats.pipe

1
install/vst-install-rhel.sh
View file

@ -693,6 +693,7 @@ mkdir -p $VESTA/data
mkdir -p $VESTA/data/ips mkdir -p $VESTA/data/ips
mkdir -p $VESTA/data/queue mkdir -p $VESTA/data/queue
mkdir -p $VESTA/data/users mkdir -p $VESTA/data/users
echo '*:mail' > $VESTA/data/dkim_selectors
touch $VESTA/data/queue/backup.pipe touch $VESTA/data/queue/backup.pipe
touch $VESTA/data/queue/disk.pipe touch $VESTA/data/queue/disk.pipe
touch $VESTA/data/queue/webstats.pipe touch $VESTA/data/queue/webstats.pipe

1
install/vst-install-ubuntu.sh
View file

@ -657,6 +657,7 @@ mkdir -p $VESTA/data
mkdir -p $VESTA/data/ips mkdir -p $VESTA/data/ips
mkdir -p $VESTA/data/queue mkdir -p $VESTA/data/queue
mkdir -p $VESTA/data/users mkdir -p $VESTA/data/users
echo '*:mail' > $VESTA/data/dkim_selectors
touch $VESTA/data/queue/backup.pipe touch $VESTA/data/queue/backup.pipe
touch $VESTA/data/queue/disk.pipe touch $VESTA/data/queue/disk.pipe
touch $VESTA/data/queue/webstats.pipe touch $VESTA/data/queue/webstats.pipe

5
src/deb/vesta/postinst
View file

@ -4,3 +4,8 @@
if [ -x "/usr/local/vesta/upd/add_fwd_only.sh" ]; then if [ -x "/usr/local/vesta/upd/add_fwd_only.sh" ]; then
/usr/local/vesta/upd/add_fwd_only.sh /usr/local/vesta/upd/add_fwd_only.sh
fi fi
# Exim dkim config
if [ -x "/usr/local/vesta/upd/exim_dkim.sh" ]; then
/usr/local/vesta/upd/exim_dkim.sh
fi

3
src/rpm/specs/vesta.spec
View file

@ -40,6 +40,9 @@ if [ $1 -ge 2 ]; then
if [ -e /usr/local/vesta/upd/add_fwd_only.sh ]; then if [ -e /usr/local/vesta/upd/add_fwd_only.sh ]; then
/usr/local/vesta/upd/add_fwd_only.sh /usr/local/vesta/upd/add_fwd_only.sh
fi fi
if [ -e /usr/local/vesta/upd/exim_dkim.sh ]; then
/usr/local/vesta/upd/exim_dkim.sh
fi
fi fi
%files %files

34
upd/exim_dkim.sh Executable file
View file

@ -0,0 +1,34 @@
#/bin/bash
# Define exim config
if [ -e "/etc/exim/exim.conf" ]; then
# RHEL or CentOS
conf="/etc/exim/exim.conf"
else
# Debian or Ubuntu
conf="/etc/exim4/exim4.conf.template"
fi
# Check existance
if [ ! -e "$conf" ]; then
exit
fi
# Add default dkim selector
if [ ! -e /usr/local/vesta/data/dkim_selectors ]; then
echo '*:mail' > /usr/local/vesta/data/dkim_selectors
fi
dkim1='DKIM_SELECTOR = ${lookup{${lc:${domain:$h_from:}}}lsearch*{/usr/local/vesta/data/dkim_selectors}{$value}{mail}}'
dkim2='dkim_selector = DKIM_SELECTOR'
# Configure exim
if [ $(grep -c "^DKIM_SELECTOR = " $conf) == 0 ]; then
sed -i "/^DKIM_DOMAIN = /a $dkim1" $conf
sed -i "s/dkim_selector = mail/$dkim2/" $conf
fi
# Restart mail server
/usr/local/vesta/bin/v-restart-mail
exit