iankelling.org Git - distro-setup/blob - postfix-setup

   1 #!/bin/bash -l
   2 # Copyright (C) 2016 Ian Kelling
   3 # This program is under GPL v. 3 or later, see <http://www.gnu.org/licenses/>
   4 set -eE -o pipefail
   5 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
   6
   7 # dunno why debian installed postfix with builddep emacs
   8 # but I will just explicitly install it here since
   9 # I use it for sending mail in emacs.
  10 if private-host; then
  11     relayhost="[mail.messagingengine.com]:587"
  12 else
  13     # ses initially suggests port 25, but I had problems connecting to that.
  14     relayhost="[email-smtp.us-west-2.amazonaws.com]:587"
  15 fi
  16 if isdeb; then
  17     s debconf-set-selections<<EOF
  18 postfix postfix/main_mailer_type select Satellite system
  19 postfix postfix/mailname string $host
  20 postfix postfix/relayhost string $relayhost
  21 EOF
  22
  23     pi postfix
  24 else
  25     pi postfix
  26     # Settings from reading the output when installing on debian,
  27     # then seeing which were different in a default install on arch.
  28     # I assume the same works for fedora.
  29     postconfin <<EOF
  30 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
  31 mailbox_size_limit = 0
  32 relayhost = $relayhost
  33 inet_interfaces = loopback-only
  34 EOF
  35
  36     s systemctl enable postfix
  37     s systemctl start postfix
  38 fi
  39
  40
  41 # note, previously, the rest of setup was done separately.
  42
  43
  44 # based on,http://www.postfix.org/qmgr.8.html and my notes in gnus
  45 # originally tried moving specific directories under /var/spool/postfix,
  46 # but postfix didn't like that
  47 if [[ ! -L /var/spool/postfix ]]; then
  48     ser stop postfix
  49     n=/q/postfix-`distro-name``debian-archive`
  50     if [[ -e $n ]]; then
  51         echo "$0: warning: $n already exists before we do the link, removing it"
  52         s rm -rf $n
  53     fi
  54     s mv /var/spool/postfix $n
  55     s lnf -T $n /var/spool/postfix
  56     ser start postfix
  57     s journalctl -n 20 | cat # sudo as we may not have journal reading rights yet
  58 fi
  59
  60
  61 # This also works instead of ~/.forward
  62 # s sed -i '/^root/d' /etc/aliases ||:
  63 #echo "root: $HOSTNAME@$SOME_DOMAIN" | s tee -a /etc/aliases
  64 # this can't be a symlink and has permission restrictions
  65 # it might work in /etc/aliases, but this seems more proper.
  66
  67 if s grep amazonaws /etc/postfix/sasl_passwd &>/dev/null; then
  68     forward=$HOSTNAME@$PERSONAL_DOMAIN
  69 else
  70     forward=$HOSTNAME@$IMPERSONAL_DOMAIN
  71 fi
  72 e $forward > ~/.forward
  73 e $forward | s tee /root/.forward
  74 s newaliases
  75
  76 # if I wanted the from address to be renamed and sent to a different address,
  77 # echo "sdx@localhost development@localhost" | sudo dd of=/etc/postfix/recipient_canonical
  78 # sudo postmap hash:/etc/postfix/recipient_canonical
  79 # sudo service postfix reload
  80
  81
  82 # i'm assuming mail just won't work on systems without the sasl_passwd.
  83 postconfin <<'EOF'
  84 smtp_sasl_auth_enable = yes
  85 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
  86 smtp_sasl_security_options = noanonymous
  87 smtp_tls_security_level = secure
  88 message_size_limit =  20480000
  89 smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
  90 EOF
  91 # ^ I ran into a log file not sending cuz of size. double from 10 to 20 meg limit
  92
  93 s postmap hash:/etc/postfix/sasl_passwd
  94 # offlineimap uses this too, it is much easier to use one location than to
  95 # condition it's config and postfix's config
  96 case $distro in
  97     fedora) s lnf -T ca-certificates.crt /etc/ssl/ca-bundle.trust.crt ;;
  98     *) :
  99 esac
 100
 101 s service postfix reload
 102 sgo postfix