From: Ian Kelling <ian@iankelling.org>
Date: Fri, 14 Apr 2017 11:44:42 +0000 (-0700)
Subject: fix mail setup
X-Git-Url: https://iankelling.org/git/?p=distro-setup;a=commitdiff_plain;h=2b593e68820d1ed7911cecdbf495aff3749b15e3

fix mail setup
---

diff --git a/mail-setup b/mail-setup
index 3bd6b21..e02d859 100755
--- a/mail-setup
+++ b/mail-setup
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash -l
 # Copyright (C) 2016 Ian Kelling
 
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,7 +19,7 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 ####### begin perstent password instructions ######
 # # exim passwords:
 # # for hosts which have all private files I just use the same user
-# # for other hosts, each one get's their own password.
+# # for other hosts, each one get\'s their own password.
 # # for generating secure pass, and storing for server too:
 # # user=USUALLY_SAME_AS_HOSTNAME
 # user=li
@@ -30,7 +30,7 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 # echo "mail.iankelling.org:$user:$(<$f)" >> /p/c/machine_specific/$user/filesystem/etc/mailpass
 # # then run this script, or part of it which uses /etc/mailpass
 
-# # dovecot password, i just need 1 as I'm the only user
+# # dovecot password, i just need 1 as I\'m the only user
 # mkdir /p/c/filesystem/etc/dovecot
 # echo "ian:$(doveadm pw -s ssha256)::::::" >/p/c/filesystem/etc/dovecot/users
 # conflink
@@ -62,7 +62,7 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 # # I dun do that, so just use a static one: li
 # echo "txt record name: li._domainkey.$domain"
 # # Debadmin page does not have v=, fastmail does, and this
-# # says it's recommended in 3.6.1, default is DKIM1 anyways.
+# # says it\'s recommended in 3.6.1, default is DKIM1 anyways.
 # # https://www.ietf.org/rfc/rfc6376.txt
 # # Join and print all but first and last line.
 # # last line: swap hold & pattern, remove newlines, print.
@@ -84,9 +84,9 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 
 # # 2017-02 spf policies:
 # # google ~all, hotmail -all, yahoo: ?all, fastmail ?all
-# # i include fastmail's settings, per their instructions,
+# # i include fastmail\'s settings, per their instructions,
 # # and follow their policy. In mail in a box, or similar instructions,
-# # I've seen recommended to not use a restrictive policy.
+# # I\'ve seen recommended to not use a restrictive policy.
 # echo "spf dns: name is empty, value: v=spf1 a include:spf.messagingengine.com ?all"
 
 # # to check if dns has updated, you do
@@ -160,19 +160,30 @@ smarthost="$host::25" # exim
 forward=ian@$local_mx
 
 
-# background: This also works instead of ~/.forward
-# s sed -i --follow-symlinks '/^root/d' /etc/aliases ||:
-#echo "root: $HOSTNAME@$SOME_DOMAIN" | s tee -a /etc/aliases
-# this can't be a symlink and has permission restrictions
-# it might work in /etc/aliases, but this seems more proper.
-e $forward > ~/.forward
-e $forward | s tee /root/.forward
-# exim log complains about 664 permissions.
-s chmod 644 ~/.forward /root/.forward
+if [[ $HOSTNAME == $MAIL_HOST ]]; then
+    # if we are MAIL_HOST, exim config sets up an /etc/alias from
+    # root to the postmaster, which i config to ian, as long as there
+    # exists an entry for root, or there was no preexisting aliases file.
+    # based on the postinst file.
+    s rm -f /etc/aliases
+else
+    # linode image has a root alias, I think it might override our .forward
+    sudo sed -i '/^root:/d' /etc/aliases
+    s newaliases
 
+    # background: This also works instead of ~/.forward
+    # s sed -i --follow-symlinks '/^root/d' /etc/aliases ||:
+    #echo "root: $HOSTNAME@$SOME_DOMAIN" | s tee -a /etc/aliases
+    # this can\'t be a symlink and has permission restrictions
+    # it might work in /etc/aliases, but this seems more proper.
+    e $forward > ~/.forward
+    e $forward | s tee /root/.forward
+    # 644 is required. shouldn\'t need changing, but set it just in case.
+    s chmod 644 ~/.forward /root/.forward
+fi
 
 # offlineimap uses this too, it is much easier to use one location than to
-# condition it's config and postfix's config
+# condition it\'s config and postfix\'s config
 case $distro in
     fedora) s lnf -T ca-certificates.crt /etc/ssl/ca-bundle.trust.crt ;;
     *) :
@@ -205,7 +216,7 @@ EOF
         s systemctl enable postfix
         s systemctl start postfix
     fi
-    # i'm assuming mail just won't work on systems without the sasl_passwd.
+    # i\'m assuming mail just won\'t work on systems without the sasl_passwd.
     postconfin <<'EOF'
 smtp_sasl_auth_enable = yes
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
@@ -302,7 +313,7 @@ exim4-config exim4/dc_eximconfig_configtype select internet site; mail is sent a
 # Thus, if a mail address on the local host is foo@example.org, the correct value for
 # this option would be example.org.
 
-# This name won't appear on From: lines of outgoing messages if rewriting is enabled.
+# This name won\'t appear on From: lines of outgoing messages if rewriting is enabled.
 
 # System mail name:
 exim4-config exim4/mailname string li.iankelling.org
@@ -323,7 +334,7 @@ exim4-config exim4/mailname string li.iankelling.org
 # Other destinations for which mail is accepted:
 # iank.bid is for testing
 # mail.iankelling.org is for machines i own
-exim4-config exim4/dc_other_hostnames string mail.iankelling.org;iank.bid;iankelling.org;zroe.org
+exim4-config exim4/dc_other_hostnames string *.iankelling.org;iankelling.org;*iank.bid;iank.bid;*zroe.org;zroe.org
 
 
 
@@ -352,7 +363,7 @@ exim4-config exim4/dc_local_interfaces	string
 # If this value is left empty, such mail will be saved in /var/mail/mail, which is not
 # recommended.
 
-# Note that postmaster's mail should be read on the system to which it is directed,
+# Note that postmaster\'s mail should be read on the system to which it is directed,
 # rather than being forwarded elsewhere, so (at least one of) the users listed here
 # should not redirect their mail off this machine. A 'real-' prefix can be used to
 # force local delivery.
@@ -406,8 +417,7 @@ MAIN_HARDCODE_PRIMARY_HOSTNAME = li.iankelling.org
 # when doing mail redelivery to invoke filters
 MAIN_TRUSTED_GROUPS = ian
 
-# disabled, didn't finished configuring
-#LOCAL_DELIVERY = dovecot_lmtp
+LOCAL_DELIVERY = dovecot_lmtp
 
 CHECK_RCPT_LOCAL_ACL_FILE = /etc/exim4/rcpt_local_acl
 EOF
@@ -444,7 +454,7 @@ EOF
         #
         #
         # would only exist because I wrote it i the previous condition,
-        # it's not part of exim
+        # it\'s not part of exim
         s rm -f $exim_main_dir/000_localmacros
         s debconf-set-selections <<EOF
 exim4-config exim4/dc_eximconfig_configtype select mail sent by smarthost; no local mail
@@ -453,8 +463,11 @@ EOF
     fi
 
     # if we already have it installed, need to reconfigure, without being prompted
-    if ! dpkg -s exim4-config &>/dev/null; then
-        s dpkg-reconfigure -u -pcritical exim4-config
+    if dpkg -s exim4-config &>/dev/null; then
+        # gotta remove this, otherwise the set-selections are completely
+        # ignored. It woulda been nice if this was documented somewhere!
+        s rm -f /etc/exim4/update-exim4.conf.conf
+        s dpkg-reconfigure -u -fnoninteractive exim4-config
     fi
     # light version does not have sasl auth support.
     pi exim4-daemon-heavy spamassassin
@@ -525,8 +538,8 @@ EOF
     # packages we need instead of dovecot-common.
     #
     # dovecot-lmtpd is for exim to deliver to dovecot instead of maildir
-    # directly.  The reason to do this is to use dovecot's sieve, which
-    # has extensions that allow it to be almost equivalent to exim's
+    # directly.  The reason to do this is to use dovecot\'s sieve, which
+    # has extensions that allow it to be almost equivalent to exim\'s
     # filter capabilities, some ways probably better, some worse, and
     # sieve has the benefit of being supported in postfix and
     # proprietary/weird environments, so there is more examples on the
@@ -534,8 +547,8 @@ EOF
     pi dovecot-core dovecot-imapd dovecot-sieve dovecot-lmtpd
 
     # if we changed 90-sieve.conf and removed the active part of the
-    # sieve option, we wouldn't need this, but I'd rather not modify a
-    # default config if not needed. This won't work as a symlink in /a/c
+    # sieve option, we wouldn\'t need this, but I\'d rather not modify a
+    # default config if not needed. This won\'t work as a symlink in /a/c
     # unfortunately.
     lnf -T sieve/main.sieve ~/.dovecot.sieve
 
@@ -573,31 +586,27 @@ EOF
 
     ser restart exim4
 
-    fi
-
+fi
 
 
-    # linode image has a root alias. completely useless, remove it.
-    sudo sed -i '/^root:/d' /etc/aliases
 
-    s newaliases
 
 
-    # based on http://www.postfix.org/qmgr.8.html and my notes in gnus
-    dir=/nocow/$type
-    sdir=/var/spool/$type
-    if [[ $(readlink -f $sdir) != $dir ]]; then
-        ser stop $type
-        if [[ ! -e $dir && -d $sdir ]]; then
-            s mv $sdir $dir
-        fi
-        s lnf -T $dir $sdir
+# based on http://www.postfix.org/qmgr.8.html and my notes in gnus
+dir=/nocow/$type
+sdir=/var/spool/$type
+if [[ $(readlink -f $sdir) != $dir ]]; then
+    ser stop $type
+    if [[ ! -e $dir && -d $sdir ]]; then
+        s mv $sdir $dir
     fi
+    s lnf -T $dir $sdir
+fi
 
-    sgo $type
+sgo $type
 
 
-    # if I wanted the from address to be renamed and sent to a different address,
-    # echo "sdx@localhost development@localhost" | sudo dd of=/etc/postfix/recipient_canonical
-    # sudo postmap hash:/etc/postfix/recipient_canonical
-    # sudo service postfix reload
+# if I wanted the from address to be renamed and sent to a different address,
+# echo "sdx@localhost development@localhost" | sudo dd of=/etc/postfix/recipient_canonical
+# sudo postmap hash:/etc/postfix/recipient_canonical
+# sudo service postfix reload