#!/bin/bash -l
# Copyright (C) 2016 Ian Kelling
-# This program is under GPL v. 3 or later, see <http://www.gnu.org/licenses/>
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# misc exim notes:
+# useful exim docs:
+# /usr/share/doc/exim4-base/README.Debian.gz
+# /usr/share/doc/exim4-base/spec.txt.gz
+
+# routers, transports, and authenticators are sections, and you define
+# driver instances in those sections, and the manual calls them driver
+# types but there is also a more specific "type" of driver, which is specified
+# with the driver = some_module setting in the driver.
+
+# the driver option must precede and private options (options that are
+# specific to that driver), so follow example of putting it at beginning.
+
+# The full list of option settings for any particular driver instance,
+# including all the defaulted values, can be extracted by making use of
+# the -bP command line option.
+
+# exim clear out message queue. as root:
+# adapted from somewhere on stackoverflow.
+# ser stop exim4; sleep 1; exim -bp | exiqgrep -i | xargs exim -Mrm; ser start exim4
+
+# fastmail has changed their smtp server, but the old one still works,
+# I see no reason to bother changing.
+# New one is smtp.fastmail.com
+
+# test delivery & rewrite settings:
+#exim4 -bt ian@localhost
+
+
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
-# dunno why debian installed postfix with builddep emacs
-# but I will just explicitly install it here since
-# I use it for sending mail in emacs.
+type=$1
+postfix() { [[ $type == postfix ]]; }
+exim() { [[ $type == exim ]]; }
+if ! exim && ! postfix; then
+ echo "$1: error: expected exim or postfix as first arg"
+ exit 1
+fi
+
if private-host; then
- relayhost="[mail.messagingengine.com]:587"
+ host=mail.messagingengine.com
+ forward=$HOSTNAME@$PERSONAL_DOMAIN
else
# ses initially suggests port 25, but I had problems connecting to that.
- relayhost="[email-smtp.us-west-2.amazonaws.com]:587"
+ host=email-smtp.us-west-2.amazonaws.com
+ forward=$HOSTNAME@$IMPERSONAL_DOMAIN
fi
-if isdeb; then
- s debconf-set-selections<<EOF
+
+relayhost="[$host]:587" # postfix
+smarthost="$host::587" # exim
+
+# background: This also works instead of ~/.forward
+# s sed -i --follow-symlinks '/^root/d' /etc/aliases ||:
+#echo "root: $HOSTNAME@$SOME_DOMAIN" | s tee -a /etc/aliases
+# this can't be a symlink and has permission restrictions
+# it might work in /etc/aliases, but this seems more proper.
+e $forward > ~/.forward
+e $forward | s tee /root/.forward
+
+# linode image has a root alias. completely useless, remove it.
+sudo sed -i '/^root:/d' /etc/aliases
+
+s newaliases
+
+
+# offlineimap uses this too, it is much easier to use one location than to
+# condition it's config and postfix's config
+case $distro in
+ fedora) s lnf -T ca-certificates.crt /etc/ssl/ca-bundle.trust.crt ;;
+ *) :
+esac
+
+read -r domain pass < <(s cat /etc/mailpass)
+if postfix; then
+ # dunno why, but debian installed postfix with builddep emacs
+ # but I will just explicitly install it here since
+ # I use it for sending mail in emacs.
+ if isdeb; then
+ s debconf-set-selections <<EOF
postfix postfix/main_mailer_type select Satellite system
-postfix postfix/mailname string $host
+postfix postfix/mailname string $HOSTNAME
postfix postfix/relayhost string $relayhost
EOF
- pi postfix
-else
- pi postfix
- # Settings from reading the output when installing on debian,
- # then seeing which were different in a default install on arch.
- # I assume the same works for fedora.
- postconfin <<EOF
+ pi postfix
+ else
+ pi postfix
+ # Settings from reading the output when installing on debian,
+ # then seeing which were different in a default install on arch.
+ # I assume the same works for fedora.
+ postconfin <<EOF
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
relayhost = $relayhost
inet_interfaces = loopback-only
EOF
- s systemctl enable postfix
- s systemctl start postfix
-fi
+ s systemctl enable postfix
+ s systemctl start postfix
+ fi
+ # i'm assuming mail just won't work on systems without the sasl_passwd.
+ postconfin <<'EOF'
+smtp_sasl_auth_enable = yes
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+smtp_sasl_security_options = noanonymous
+smtp_tls_security_level = secure
+message_size_limit = 20480000
+smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+inet_protocols = ipv4
+EOF
+ # msg_size_limit: I ran into a log file not sending cuz of size. double from 10 to 20 meg limit
+ # inet_protocols: without this, postfix tries an ipv6 lookup then gives
+ # up and fails. snippet from syslog: type=AAAA: Host not found, try again
-# note, previously, the rest of setup was done separately.
+ # mailpass is just a name i made up, since postfix and
+ # exim both use a slightly crazy format to translate to
+ # each other, it's easier to use my own format.
+ f=/etc/postfix/sasl_passwd
+ s touch $f
+ s chmod 600 $f
+ echo "[$domain]:587 ${pass/@/#}" | s dd of=/etc/postfix/sasl_passwd >/dev/null
+ s postmap hash:/etc/postfix/sasl_passwd
+ s service postfix reload
+else
+ # wording of question from dpkg-reconfigure exim4-config
+ # 1. internet site; mail is sent and received directly using SMTP
+ # 2. mail sent by smarthost; received via SMTP or fetchmail
+ # 3. mail sent by smarthost; no local mail
+ # 4. local delivery only; not on a network
+ # 5. no configuration at this time
+
+ # default mailname is $HOSTNAME.lan,
+ # mailname makes addresses like "root" be root@mailname
+ # and a qualified domain does not get forwarded per
+ # .forward. whatever, this fixes that.
+ s debconf-set-selections <<EOF
+exim4-config exim4/dc_eximconfig_configtype select mail sent by smarthost; no local mail
+exim4-config exim4/dc_smarthost string $smarthost
+exim4-config exim4/use_split_config boolean true
+exim4-config exim4/mailname string $HOSTNAME
+EOF
+ # light version does not have sasl auth support.
+ pi exim4-daemon-heavy
-# based on,http://www.postfix.org/qmgr.8.html and my notes in gnus
-# originally tried moving specific directories under /var/spool/postfix,
-# but postfix didn't like that
-if [[ ! -L /var/spool/postfix ]]; then
- ser stop postfix
- n=/q/postfix-`distro-name``debian-archive`
- if [[ -e $n ]]; then
- echo "$0: warning: $n already exists before we do the link, removing it"
- s rm -rf $n
+ f=/etc/exim4/passwd.client
+ s touch $f
+ s chmod 600 $f # make it 600 before writing sensitive info
+ echo "$domain:${pass/:/::}" | s dd of=$f >/dev/null
+ # https://blog.dhampir.no/content/make-exim4-on-debian-respect-forward-and-etcaliases-when-using-a-smarthost
+ # i only need .forwards, so just doing that one.
+ cd /etc/exim4/conf.d/router
+ a=userforward
+ b=${a}_higher_priority
+ tmp=$(mktemp)
+ of=175_$b
+ # sed to make the router name unique
+ sed -r s/^\\S+:/$b:/ 600_exim4-config_$a >$tmp
+ if diff -q >/dev/null $tmp $of; then
+ s dd if=$tmp of=$of >/dev/null
+ ser restart exim4
fi
- s mv /var/spool/postfix $n
- s lnf -T $n /var/spool/postfix
- ser start postfix
- s journalctl -n 20 | cat # sudo as we may not have journal reading rights yet
fi
+# based on http://www.postfix.org/qmgr.8.html and my notes in gnus
+dir=/nocow/$type
+sdir=/var/spool/$type
+if [[ $(readlink -f $sdir) != $dir ]]; then
+ ser stop $type
+ if [[ ! -e $dir && -d $sdir ]]; then
+ s mv $sdir $dir
+ fi
+ s lnf -T $dir $sdir
+fi
-# This also works instead of ~/.forward
-# s sed -i '/^root/d' /etc/aliases ||:
-#echo "root: $HOSTNAME@$SOME_DOMAIN" | s tee -a /etc/aliases
-# this can't be a symlink and has permission restrictions
-# it might work in /etc/aliases, but this seems more proper.
+sgo $type
-if s grep amazonaws /etc/postfix/sasl_passwd &>/dev/null; then
- forward=$HOSTNAME@$PERSONAL_DOMAIN
-else
- forward=$HOSTNAME@$IMPERSONAL_DOMAIN
-fi
-e $forward > ~/.forward
-e $forward | s tee /root/.forward
-s newaliases
# if I wanted the from address to be renamed and sent to a different address,
# echo "sdx@localhost development@localhost" | sudo dd of=/etc/postfix/recipient_canonical
# sudo postmap hash:/etc/postfix/recipient_canonical
# sudo service postfix reload
-
-
-# i'm assuming mail just won't work on systems without the sasl_passwd.
-postconfin <<'EOF'
-smtp_sasl_auth_enable = yes
-smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
-smtp_sasl_security_options = noanonymous
-smtp_tls_security_level = secure
-message_size_limit = 20480000
-smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
-EOF
-# ^ I ran into a log file not sending cuz of size. double from 10 to 20 meg limit
-
-s postmap hash:/etc/postfix/sasl_passwd
-# offlineimap uses this too, it is much easier to use one location than to
-# condition it's config and postfix's config
-case $distro in
- fedora) s lnf -T ca-certificates.crt /etc/ssl/ca-bundle.trust.crt ;;
- *) :
-esac
-
-s service postfix reload
-sgo postfix