mirror of
https://github.com/serghey-rodin/vesta.git
synced 2025-08-22 14:24:07 -07:00
Merge 93b8a24911 into d87f3f6340
This commit is contained in:
kinolaev
commit
16573152f9
17 changed files with 127 additions and 32 deletions
|
|
@ -74,14 +74,7 @@ if [ "$dkim" = 'yes' ]; then
|
|||
# Adding dkim dns records
|
||||
check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain")
|
||||
if [ "$?" -eq 0 ]; then
|
||||
p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n')
|
||||
record='_domainkey'
|
||||
policy="\"t=y; o=~;\""
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
|
||||
|
||||
record='mail._domainkey'
|
||||
selector="\"k=rsa\; p=$p\""
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
|
||||
add_mail_domain_dkim_dns $user $domain
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -48,21 +48,19 @@ chmod 660 $USER_DATA/mail/$domain.*
|
|||
|
||||
# Adding dkim to config
|
||||
cp $USER_DATA/mail/$domain.pem $HOMEDIR/$user/conf/mail/$domain/dkim.pem
|
||||
chown exim:mail $HOMEDIR/$user/conf/mail/$domain/dkim.pem
|
||||
if [ "$MAIL_SYSTEM" = 'exim' ]; then
|
||||
mail_user=exim
|
||||
fi
|
||||
if [ "$MAIL_SYSTEM" = 'exim4' ]; then
|
||||
mail_user=Debian-exim
|
||||
fi
|
||||
chown $mail_user:mail $HOMEDIR/$user/conf/mail/$domain/dkim.pem
|
||||
chmod 660 $HOMEDIR/$user/conf/mail/$domain/dkim.pem
|
||||
|
||||
# Checking dns domain
|
||||
check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain")
|
||||
if [ "$?" -eq 0 ]; then
|
||||
# Adding dkim dns records
|
||||
p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n')
|
||||
record='_domainkey'
|
||||
policy="\"t=y; o=~;\""
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
|
||||
|
||||
record='mail._domainkey'
|
||||
selector="\"k=rsa\; p=$p\""
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
|
||||
add_mail_domain_dkim_dns $user $domain
|
||||
fi
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ json_list_dkim_dns() {
|
|||
echo " \"TTL\": \"3600\","
|
||||
echo " \"TXT\": \"'t=y; o=~;'\""
|
||||
echo -e "\t},"
|
||||
echo -e "\n\t\"mail._domainkey\": {"
|
||||
echo -e "\n\t\"$selector._domainkey\": {"
|
||||
echo " \"TTL\": \"3600\","
|
||||
echo " \"TXT\": \"'$pub'\""
|
||||
echo -e "\t}\n}"
|
||||
|
|
@ -34,7 +34,7 @@ json_list_dkim_dns() {
|
|||
# Shell function
|
||||
shell_list_dkim_dns() {
|
||||
echo "_domainkey 3600 IN TXT \"t=y; o=~;\""
|
||||
echo "mail._domainkey 3600 IN TXT \"k=rsa; p=$pub\""
|
||||
echo "$selector._domainkey 3600 IN TXT \"k=rsa; p=$pub\""
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -51,6 +51,13 @@ is_object_valid 'mail' 'DOMAIN' "$domain"
|
|||
# Action #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
# Get DKIM selector for domain
|
||||
selector=$(grep "^$domain:" $VESTA/data/dkim_selectors|cut -d\: -f2)
|
||||
if [ -z $selector ]; then
|
||||
selector=$(grep "^\*:" $VESTA/data/dkim_selectors|cut -d\: -f2)
|
||||
if [ -z $selector ]; then selector=mail; fi
|
||||
fi
|
||||
|
||||
# Check pub key
|
||||
if [ -e "$USER_DATA/mail/$domain.pub" ]; then
|
||||
pub=$(cat $USER_DATA/mail/$domain.pub | sed ':a;N;$!ba;s/\n/\\n/g')
|
||||
|
|
|
|||
|
|
@ -518,3 +518,32 @@ is_dns_nameserver_valid() {
|
|||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Add mail domain DKIM DNS record
|
||||
add_mail_domain_dkim_dns() {
|
||||
user=$1
|
||||
domain=$2
|
||||
|
||||
dkim_selector=$(grep "^$domain:" $VESTA/data/dkim_selectors|cut -d\: -f2)
|
||||
if [ -z $dkim_selector ]; then
|
||||
dkim_selector=$(grep "^\*:" $VESTA/data/dkim_selectors|cut -d\: -f2)
|
||||
if [ -z $dkim_selector ]; then dkim_selector=mail; fi
|
||||
fi
|
||||
|
||||
p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n')
|
||||
record='_domainkey'
|
||||
policy="\"t=y; o=~;\""
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
|
||||
|
||||
record="$dkim_selector._domainkey"
|
||||
selector="\"k=rsa\; p=$p\""
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
|
||||
|
||||
if [ "$($BIN/v-list-dns-records $user $domain plain|grep -c '@ MX 10 mx.yandex.ru.')" == "1" ]; then
|
||||
record='mail._domainkey'
|
||||
selector=$(host -t TXT $record.$domain dns1.yandex.net|grep v\=DKIM1|cut -d\" -f2)
|
||||
if [ -n "$selector" ]; then
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "\"$selector\""
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
|
|
|||
|
|
@ -455,7 +455,7 @@ rebuild_mail_domain_conf() {
|
|||
U_MAIL_DKMI=$((U_MAIL_DKMI + 1))
|
||||
pem="$USER_DATA/mail/$domain.pem"
|
||||
pub="$USER_DATA/mail/$domain.pub"
|
||||
openssl genrsa -out $pem 512 &>/dev/null
|
||||
openssl genrsa -out $pem 1024 &>/dev/null
|
||||
openssl rsa -pubout -in $pem -out $pub &>/dev/null
|
||||
cp $pem $HOMEDIR/$user/conf/mail/$domain/dkim.pem
|
||||
|
||||
|
|
@ -469,14 +469,7 @@ rebuild_mail_domain_conf() {
|
|||
# Adding new dkim dns records
|
||||
check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain")
|
||||
if [ "$?" -eq 0 ]; then
|
||||
record='_domainkey'
|
||||
policy="\"t=y; o=~;\""
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "$policy"
|
||||
|
||||
record='mail._domainkey'
|
||||
p=$(cat $pub|grep -v ' KEY---'|tr -d '\n')
|
||||
slct="\"k=rsa\; p=$p\""
|
||||
$BIN/v-add-dns-record $user $domain $record TXT "$slct"
|
||||
add_mail_domain_dkim_dns $user $domain
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -39,6 +39,7 @@ ignore_bounce_errors_after = 2d
|
|||
timeout_frozen_after = 7d
|
||||
|
||||
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
|
||||
DKIM_SELECTOR = ${lookup{${lc:${domain:$h_from:}}}lsearch*{/usr/local/vesta/data/dkim_selectors}{$value}{mail}}
|
||||
DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
|
||||
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
|
||||
|
||||
|
|
@ -260,7 +261,7 @@ remote_smtp:
|
|||
driver = smtp
|
||||
#helo_data = $sender_address_domain
|
||||
dkim_domain = DKIM_DOMAIN
|
||||
dkim_selector = mail
|
||||
dkim_selector = DKIM_SELECTOR
|
||||
dkim_private_key = DKIM_PRIVATE_KEY
|
||||
dkim_canon = relaxed
|
||||
dkim_strict = 0
|
||||
|
|
|
|||
9
install/debian/templates/dns/yandex-mail.tpl
Normal file
9
install/debian/templates/dns/yandex-mail.tpl
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='4' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='domain.mail.yandex.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mx.yandex.ru.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a ip4:%ip% include:_spf.yandex.ru ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
|
|
@ -39,6 +39,7 @@ ignore_bounce_errors_after = 2d
|
|||
timeout_frozen_after = 7d
|
||||
|
||||
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
|
||||
DKIM_SELECTOR = ${lookup{${lc:${domain:$h_from:}}}lsearch*{/usr/local/vesta/data/dkim_selectors}{$value}{mail}}
|
||||
DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem
|
||||
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
|
||||
|
||||
|
|
@ -260,7 +261,7 @@ remote_smtp:
|
|||
driver = smtp
|
||||
#helo_data = $sender_address_domain
|
||||
dkim_domain = DKIM_DOMAIN
|
||||
dkim_selector = mail
|
||||
dkim_selector = DKIM_SELECTOR
|
||||
dkim_private_key = DKIM_PRIVATE_KEY
|
||||
dkim_canon = relaxed
|
||||
dkim_strict = 0
|
||||
|
|
|
|||
9
install/rhel/templates/dns/yandex-mail.tpl
Normal file
9
install/rhel/templates/dns/yandex-mail.tpl
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='4' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='domain.mail.yandex.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mx.yandex.ru.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a ip4:%ip% include:_spf.yandex.ru ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
|
|
@ -39,6 +39,7 @@ ignore_bounce_errors_after = 2d
|
|||
timeout_frozen_after = 7d
|
||||
|
||||
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
|
||||
DKIM_SELECTOR = ${lookup{${lc:${domain:$h_from:}}}lsearch*{/usr/local/vesta/data/dkim_selectors}{$value}{mail}}
|
||||
DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
|
||||
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
|
||||
|
||||
|
|
@ -260,7 +261,7 @@ remote_smtp:
|
|||
driver = smtp
|
||||
#helo_data = $sender_address_domain
|
||||
dkim_domain = DKIM_DOMAIN
|
||||
dkim_selector = mail
|
||||
dkim_selector = DKIM_SELECTOR
|
||||
dkim_private_key = DKIM_PRIVATE_KEY
|
||||
dkim_canon = relaxed
|
||||
dkim_strict = 0
|
||||
|
|
|
|||
9
install/ubuntu/templates/dns/yandex-mail.tpl
Normal file
9
install/ubuntu/templates/dns/yandex-mail.tpl
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='4' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='domain.mail.yandex.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mx.yandex.ru.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a ip4:%ip% include:_spf.yandex.ru ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
|
|
@ -644,6 +644,7 @@ mkdir -p $VESTA/data
|
|||
mkdir -p $VESTA/data/ips
|
||||
mkdir -p $VESTA/data/queue
|
||||
mkdir -p $VESTA/data/users
|
||||
echo '*:mail' > $VESTA/data/dkim_selectors
|
||||
touch $VESTA/data/queue/backup.pipe
|
||||
touch $VESTA/data/queue/disk.pipe
|
||||
touch $VESTA/data/queue/webstats.pipe
|
||||
|
|
|
|||
|
|
@ -693,6 +693,7 @@ mkdir -p $VESTA/data
|
|||
mkdir -p $VESTA/data/ips
|
||||
mkdir -p $VESTA/data/queue
|
||||
mkdir -p $VESTA/data/users
|
||||
echo '*:mail' > $VESTA/data/dkim_selectors
|
||||
touch $VESTA/data/queue/backup.pipe
|
||||
touch $VESTA/data/queue/disk.pipe
|
||||
touch $VESTA/data/queue/webstats.pipe
|
||||
|
|
|
|||
|
|
@ -657,6 +657,7 @@ mkdir -p $VESTA/data
|
|||
mkdir -p $VESTA/data/ips
|
||||
mkdir -p $VESTA/data/queue
|
||||
mkdir -p $VESTA/data/users
|
||||
echo '*:mail' > $VESTA/data/dkim_selectors
|
||||
touch $VESTA/data/queue/backup.pipe
|
||||
touch $VESTA/data/queue/disk.pipe
|
||||
touch $VESTA/data/queue/webstats.pipe
|
||||
|
|
|
|||
|
|
@ -4,3 +4,8 @@
|
|||
if [ -x "/usr/local/vesta/upd/add_fwd_only.sh" ]; then
|
||||
/usr/local/vesta/upd/add_fwd_only.sh
|
||||
fi
|
||||
|
||||
# Exim dkim config
|
||||
if [ -x "/usr/local/vesta/upd/exim_dkim.sh" ]; then
|
||||
/usr/local/vesta/upd/exim_dkim.sh
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -40,6 +40,9 @@ if [ $1 -ge 2 ]; then
|
|||
if [ -e /usr/local/vesta/upd/add_fwd_only.sh ]; then
|
||||
/usr/local/vesta/upd/add_fwd_only.sh
|
||||
fi
|
||||
if [ -e /usr/local/vesta/upd/exim_dkim.sh ]; then
|
||||
/usr/local/vesta/upd/exim_dkim.sh
|
||||
fi
|
||||
fi
|
||||
|
||||
%files
|
||||
|
|
|
|||
34
upd/exim_dkim.sh
Executable file
34
upd/exim_dkim.sh
Executable file
|
|
@ -0,0 +1,34 @@
|
|||
#/bin/bash
|
||||
|
||||
# Define exim config
|
||||
if [ -e "/etc/exim/exim.conf" ]; then
|
||||
# RHEL or CentOS
|
||||
conf="/etc/exim/exim.conf"
|
||||
else
|
||||
# Debian or Ubuntu
|
||||
conf="/etc/exim4/exim4.conf.template"
|
||||
fi
|
||||
|
||||
# Check existance
|
||||
if [ ! -e "$conf" ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
# Add default dkim selector
|
||||
if [ ! -e /usr/local/vesta/data/dkim_selectors ]; then
|
||||
echo '*:mail' > /usr/local/vesta/data/dkim_selectors
|
||||
fi
|
||||
|
||||
dkim1='DKIM_SELECTOR = ${lookup{${lc:${domain:$h_from:}}}lsearch*{/usr/local/vesta/data/dkim_selectors}{$value}{mail}}'
|
||||
dkim2='dkim_selector = DKIM_SELECTOR'
|
||||
|
||||
# Configure exim
|
||||
if [ $(grep -c "^DKIM_SELECTOR = " $conf) == 0 ]; then
|
||||
sed -i "/^DKIM_DOMAIN = /a $dkim1" $conf
|
||||
sed -i "s/dkim_selector = mail/$dkim2/" $conf
|
||||
fi
|
||||
|
||||
# Restart mail server
|
||||
/usr/local/vesta/bin/v-restart-mail
|
||||
|
||||
exit
|
||||
Loading…
Add table
Add a link
Reference in a new issue