X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=mail-setup;h=ae3aabbe9067365500861c500a77ae08c3f17a66;hb=7b47d6a266340223e78317cfe0570868f45a4cad;hp=f7f1fc56a853dc6c8ddc2a8b8e4e6e51f41cc859;hpb=5e45ae077e790c0e798f09ffad8ecd3cb6c3bb28;p=distro-setup diff --git a/mail-setup b/mail-setup index f7f1fc5..ae3aabb 100755 --- a/mail-setup +++ b/mail-setup @@ -369,7 +369,7 @@ fi bhost_t=false case $HOSTNAME in $MAIL_HOST) : ;; - kd|frodo|x2|x3|kw|sy) + kd|frodo|x2|x3|kw|sy|bo) bhost_t=true ;; esac @@ -1418,7 +1418,6 @@ ssl = required ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 ssl_protocols = TLSv1.2 ssl_prefer_server_ciphers = no -ssl_dh_parameters_length = 2048 protocol lmtp { #per https://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration @@ -1730,7 +1729,7 @@ if [[ $HOSTNAME == bk ]]; then #### begin dl roundcube # note, im r2e subbed to https://github.com/roundcube/roundcubemail/releases.atom - v=1.4.11; f=roundcubemail-$v-complete.tar.gz + v=1.4.13; f=roundcubemail-$v-complete.tar.gz cd /a/opt if [[ -e $f ]]; then timestamp=$(stat -c %Y $f) @@ -1969,7 +1968,7 @@ EOF m phpenmod -v php mcrypt imap # dpkg says this is required m a2enmod proxy_fcgi setenvif - fpm=$(dpkg-query -s php-fpm | sed -nr 's/^Depends:.* (php[^ ]*-fpm)( .*|$)/\1/p') # eg: php7.3-fpm + fpm=$(dpkg-query -s php-fpm | sed -nr 's/^Depends:.* (php[^ ]*-fpm)( .*|$)/\1/p') # eg: php7.4-fpm phpver=$(dpkg-query -s php-fpm | sed -nr 's/^Depends:.* php([^ ]*)-fpm( .*|$)/\1/p') m a2enconf $fpm # 3 useless guides on php fpm fcgi debian 10 later, i figure out from reading @@ -2242,7 +2241,6 @@ EOF CHECK_RCPT_VERIFY_SENDER = true # default config comment says: If you enable this, you might reject legitimate mail, # but eggs has had this a long time, so that seems unlikely. -CHECK_DATA_VERIFY_HEADER_SYNTAX = true CHECK_RCPT_SPF = true CHECK_RCPT_REVERSE_DNS = true CHECK_MAIL_HELO_ISSUED = true @@ -2372,6 +2370,7 @@ ignore_target_hosts = ${HOSTNAME}wg.b8.nz # note changes here also require change in passwd.client route_list = * eximbackup.b8.nz same_domain_copy_routing = yes +errors_to = alerts@iankelling.org no_more EOF @@ -2385,9 +2384,8 @@ backup_remote: .endif hosts_require_auth = * hosts_try_auth = * - return_path = alerts@iankelling.org envelope_to_add - # manual return path because we dont want it to be the envelope sender + # manual return path because we want it to be the envelope sender # we got not the one we are using in this smtp transport headers_add = "Return-path: $sender_address" .ifdef REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS @@ -2425,10 +2423,10 @@ EOF # this avoids some error. i cant remember what. todo: # test it out and document why/if its needed. - i /etc/exim4/host_local_deny_exceptions <<'EOF' -mail.fsf.org -*.posteo.de -EOF +# i /etc/exim4/host_local_deny_exceptions <<'EOF' +# mail.fsf.org +# *.posteo.de +# EOF # cron email from smarthost hosts will automatically be to # USER@FQDN. I redirect that to alerts@, on the smarthosts, but in @@ -2630,7 +2628,10 @@ EOF echo | /a/exe/cedit nn /etc/hosts || [[ $? == 1 ]] echo | /a/exe/cedit mail /etc/dnsmasq-servers.conf || [[ $? == 1 ]] + if $bhost_t; then + install -d /bu + install -d -g $u -o $u -m 771 /bu/md i /etc/exim4/conf.d/transport/30_backup_maildir <>/etc/exim4/update-exim4.conf.conf <>/etc/exim4/update-exim4.conf.conf <>/etc/exim4/conf.d/main/000_local-nn <<'EOF' +# spool_directory = /var/spool/myexim4 +# EOF cat >>/etc/myexim4/update-exim4.conf.conf <<'EOF' dc_eximconfig_configtype='smarthost' dc_smarthost='nn.b8.nz' @@ -2906,7 +2915,7 @@ EOF test_to="testignore@expertpathologyreview.com, testignore@je.b8.nz, testignore@amnimal.ninja, jtuttle@gnu.org" cat >>/etc/cron.d/mailtest <