X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;ds=sidebyside;f=mail-setup;h=de9db482acad97f7c8cb4b23e4b856c7a8d87994;hb=ea108a03dfa2d7f73447c0b14210d766e5ee5d9b;hp=b53530a2a9c9ab2610aa18d82b194c74e8c26a8e;hpb=606cd070ab0d88f45dae54ae960fef7245894373;p=distro-setup

diff --git a/mail-setup b/mail-setup
index b53530a..de9db48 100755
--- a/mail-setup
+++ b/mail-setup
@@ -347,7 +347,6 @@ stopifactive() {
 
 mxhost=mx.iankelling.org
 mxport=587
-forward=$u@$mxhost
 
 # old setup. left as comment for example
 # mxhost=mail.messagingengine.com
@@ -1622,7 +1621,7 @@ EOF
       cat <<'EOF'
 # https://ssl-config.mozilla.org
 ssl = required
-# this is the same as the certbot list, in my cert cronjob, I check if that has changed upstream.
+# this is the same as the certbot list, i check changes in /a/bin/ds/filesystem/usr/local/bin/check-lets-encrypt-ssl-settings
 ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
 ssl_protocols = TLSv1.2
 ssl_prefer_server_ciphers = no
@@ -1633,7 +1632,7 @@ protocol lmtp {
   mail_plugins = $mail_plugins sieve
 }
 EOF
-      if dpkg --compare-versions $(dpkg-query -f='${Version}\n' --show dovecot-core) ge 1:2.3; then
+      if dpkg --compare-versions "$(dpkg-query -f='${Version}\n' --show dovecot-core)" ge 1:2.3; then
         cat <<EOF
 ssl_dh = </etc/dovecot/dhparam
 EOF
@@ -3161,7 +3160,7 @@ case $HOSTNAME in
   $MAIL_HOST)
     # < 2.1 (eg: in t9), uses a different data format which required manual
     # migration. dont start if we are running an old version.
-    if dpkg --compare-versions $(dpkg -s radicale | awk '$1 == "Version:" { print $2 }') ge 2.1; then
+    if dpkg --compare-versions "$(dpkg -s radicale | awk '$1 == "Version:" { print $2 }')" ge 2.1; then
       m systemctl --now enable radicale
     fi
     ;;&