mail filtering

diff --git a/brc2 b/brc2
index e2d9bce6ca6b38786d3bf6d99cbd7dbb56146f5b..5d20970f823d73c93285ff7c532f301667a727e3 100644 (file)
--- a/brc2
+++ b/brc2
@@ -257,6 +257,8 @@ bigclock() {
   xclock -digital -update 1 -face 'arial black-80:bold'
 }
 
+nnn() { /a/opt/nnn -H "$@"; }
+
 
 jrun() { # journal run. run args, log to journal, tail and grep the journal.
   # Note, an alternative without systemd would be something like ts.

diff --git a/mail-setup b/mail-setup
index c446bbb5a3ff7b495daed12eac9abdbca729f857..de8638f8236e4942db01d6ac5be5e9863946a4e0 100755 (executable)
--- a/mail-setup
+++ b/mail-setup
@@ -3,10 +3,9 @@
 # Copyright (C) 2019 Ian Kelling
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
-# todo: disable greylisting
+# todo: disable postgrey
 
-# todo: enable plus addressing and sort out mail filtering.
-# consider maildrop, procmail, etc.
+# todo: in testforward-check, we should also look
 
 # todo: test that bounces dont help create valid mailtest-check
 
@@ -29,7 +28,10 @@
 # And send an alert email if no alerts have been sent
 # in 2 or 3 days or something. todo, test cron mail on li.
 
-# todo: look at mailinabox extra dns records
+# todo: look at mailinabox extra dns records, note these changelogs:
+# * An MTA-STS policy for incoming mail is now published (in DNS and over HTTPS) when the primary hostname and email address domain both have a signed TLS certificate installed, allowing senders to know that an encrypted connection should be enforced.
+# * The per-IP connection limit to the IMAP server has been doubled to allow more devices to connect at once, especially with multiple users behind a NAT.
+#
 
 # todo: mailtest-check failure on remote hosts is not going to alert me.
 # sort that out.
@@ -862,7 +864,6 @@ warn
 
 EOF
 
-# see sender validation in /a/opt/mailinabox/setup/mail-users.sh
 i /etc/exim4/conf.d/router/900_exim4-config_local_user <<'EOF'
 ### router/900_exim4-config_local_user
 #################################
@@ -874,12 +875,16 @@ local_user:
   debug_print = "R: local_user for $local_part@$domain"
   driver = accept
   domains = +local_domains
-# ian: commented this, in conjunction with a dovecot lmtp
-# change so I get mail for all users.
-#  check_local_user
+# ian: default file except where mentioned.
+# ian: commented this. I get all local parts. for bk, an rcpt
+# check handles checking with dovecot, and the only router
+# after this is root.
   local_parts = ! root
   transport = LOCAL_DELIVERY
   cannot_route_message = Unknown user
+# ian: added for + addressing.
+  local_part_suffix = +*
+  local_part_suffix_optional
 EOF
 i /etc/exim4/conf.d/transport/30_exim4-config_dovecot_lmtp <<'EOF'
 dovecot_lmtp:
@@ -1025,6 +1030,7 @@ fi
 
 # * dovecot
 
+# ** $MAIL_HOST|bk|je)
 case $HOSTNAME in
   $MAIL_HOST|bk|je)
     # based on a little google and package search, just the dovecot
@@ -1085,6 +1091,7 @@ EOF
 
     ;;&
 
+# **  $MAIL_HOST)
   $MAIL_HOST)
     # If we changed 90-sieve.conf and removed the active part of the
     # sieve option, we wouldn\'t need this, but I\'d rather not modify a
@@ -1136,6 +1143,7 @@ protocol lmtp {
 }
 EOF
     ;;&
+# **  bk|je)
   bk|je)
     chown -R mail.mail /m/md
 
@@ -1273,6 +1281,13 @@ EOF
 
     # this should be at the end since it requires a valid dovecot config
     m sievec /etc/dovecot/sieve-spam.sieve
+    ;;&
+# **  bk)
+  bk)
+    # roundcube uses this
+    mkdir -p /m/sieve
+    chown mail.mail /m/sieve
+    m pi dovecot-managesieved
     ;;
 esac