Browse Source

added postsrs

feature/postsrs
Robin Thoni 4 years ago
parent
commit
80586fb16c

+ 9
- 0
docker-compose.yml View File

@@ -81,6 +81,15 @@ services:
81 81
                   - milter-sasl.mx.internal.docker
82 82
         env_file:
83 83
             - env
84
+    postsrs:
85
+        build: ./postsrs
86
+        container_name: mx-postsrs
87
+        networks:
88
+            mx.internal.docker:
89
+                aliases:
90
+                  - postsrs.mx.internal.docker
91
+        env_file:
92
+            - env
84 93
 
85 94
 networks:
86 95
     mx.internal.docker:

+ 4
- 0
dovecot/vars-vars View File

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18
 MILTER_SASL_HOST
19 19
 MILTER_SASL_PORT
20 20
 
21
+POSTSRS_HOST
22
+POSTSRS_PORT_FORWARD
23
+POSTSRS_PORT_REVERSE
24
+
21 25
 EXIM_SMARTHOST_HOST
22 26
 EXIM_SMARTHOST_USER
23 27
 EXIM_SMARTHOST_PASSWORD

+ 4
- 0
env View File

@@ -18,6 +18,10 @@ OPENDKIM_PORT=12345
18 18
 MILTER_SASL_HOST=milter-sasl.mx.internal.docker
19 19
 MILTER_SASL_PORT=12345
20 20
 
21
+POSTSRS_HOST=postsrs.mx.internal.docker
22
+POSTSRS_PORT_FORWARD=10001
23
+POSTSRS_PORT_REVERSE=10002
24
+
21 25
 EXIM_SMARTHOST_HOST=test-mx.rthoni.com
22 26
 EXIM_SMARTHOST_USER=smarthost@test-mx.rthoni.com
23 27
 EXIM_SMARTHOST_PASSWORD=smarthost

+ 4
- 0
milter-sasl/vars-vars View File

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18
 MILTER_SASL_HOST
19 19
 MILTER_SASL_PORT
20 20
 
21
+POSTSRS_HOST
22
+POSTSRS_PORT_FORWARD
23
+POSTSRS_PORT_REVERSE
24
+
21 25
 EXIM_SMARTHOST_HOST
22 26
 EXIM_SMARTHOST_USER
23 27
 EXIM_SMARTHOST_PASSWORD

+ 4
- 0
opendkim/vars-vars View File

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18
 MILTER_SASL_HOST
19 19
 MILTER_SASL_PORT
20 20
 
21
+POSTSRS_HOST
22
+POSTSRS_PORT_FORWARD
23
+POSTSRS_PORT_REVERSE
24
+
21 25
 EXIM_SMARTHOST_HOST
22 26
 EXIM_SMARTHOST_USER
23 27
 EXIM_SMARTHOST_PASSWORD

+ 5
- 0
postfix/config/main.cf View File

@@ -91,3 +91,8 @@ smtpd_relay_restrictions = permit_mynetworks,
91 91
         reject_unknown_recipient_domain,
92 92
         reject_unauth_pipelining,
93 93
         reject_unauth_destination
94
+
95
+sender_canonical_maps = tcp:POSTSRS_HOST:POSTSRS_PORT_FORWARD
96
+sender_canonical_classes = envelope_sender
97
+recipient_canonical_maps = tcp:POSTSRS_HOST:POSTSRS_PORT_REVERSE
98
+recipient_canonical_classes = envelope_recipient

+ 4
- 0
postfix/vars-vars View File

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18
 MILTER_SASL_HOST
19 19
 MILTER_SASL_PORT
20 20
 
21
+POSTSRS_HOST
22
+POSTSRS_PORT_FORWARD
23
+POSTSRS_PORT_REVERSE
24
+
21 25
 EXIM_SMARTHOST_HOST
22 26
 EXIM_SMARTHOST_USER
23 27
 EXIM_SMARTHOST_PASSWORD

+ 4
- 0
postfixadmin/vars-vars View File

@@ -18,6 +18,10 @@ OPENDKIM_PORT
18 18
 MILTER_SASL_HOST
19 19
 MILTER_SASL_PORT
20 20
 
21
+POSTSRS_HOST
22
+POSTSRS_PORT_FORWARD
23
+POSTSRS_PORT_REVERSE
24
+
21 25
 EXIM_SMARTHOST_HOST
22 26
 EXIM_SMARTHOST_USER
23 27
 EXIM_SMARTHOST_PASSWORD

+ 30
- 0
postsrs/Dockerfile View File

@@ -0,0 +1,30 @@
1
+FROM debian:jessie
2
+
3
+MAINTAINER Robin Thoni <robin@rthoni.com>
4
+
5
+RUN apt-get update &&\
6
+    apt-get install -y gcc cmake make git &&\
7
+    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
8
+
9
+RUN git clone https://git.rthoni.com/robin.thoni/roehling-postsrsd &&\
10
+    cd roehling-postsrsd &&\
11
+    git checkout 1.4 &&\
12
+    make &&\
13
+    make install
14
+
15
+RUN rm -rf /var/log/* &&\
16
+    mkfifo /var/log/syslog &&\
17
+    ln -s /dev/null /var/log/mail.log &&\
18
+    ln -s /dev/null /var/log/mail.err &&\
19
+    ln -s /dev/null /var/log/main.info &&\
20
+    ln -s /dev/null /var/log/messages
21
+
22
+COPY ./config/postsrs.conf /etc/default/postsrsd
23
+
24
+COPY ./vars-vars /etc/vars-vars
25
+
26
+COPY ./vars-files /etc/vars-files
27
+
28
+COPY ./run.sh /run.sh
29
+
30
+CMD ["/run.sh"]

+ 41
- 0
postsrs/config/postsrs.conf View File

@@ -0,0 +1,41 @@
1
+# Default settings for postsrsd
2
+
3
+# Local domain name.
4
+# Addresses are rewritten to originate from this domain. The default value
5
+# is taken from `postconf -h mydomain` and probably okay.
6
+#
7
+SRS_DOMAIN=MAIL_DOMAIN
8
+
9
+# Exclude additional domains.
10
+# You may list domains which shall not be subjected to address rewriting.
11
+# If a domain name starts with a dot, it matches all subdomains, but not
12
+# the domain itself. Separate multiple domains by space or comma.
13
+#
14
+#SRS_EXCLUDE_DOMAINS=.example.com,example.org
15
+
16
+# First separator character after SRS0 or SRS1.
17
+# Can be one of: -+=
18
+SRS_SEPARATOR==
19
+
20
+# Secret key to sign rewritten addresses.
21
+# When postsrsd is installed for the first time, a random secret is generated
22
+# and stored in /etc/postsrsd.secret. For most installations, that's just fine.
23
+#
24
+SRS_SECRET=/etc/postsrsd.secret
25
+
26
+# Local ports for TCP list.
27
+# These ports are used to bind the TCP list for postfix. If you change
28
+# these, you have to modify the postfix settings accordingly. The ports
29
+# are bound to the loopback interface, and should never be exposed on
30
+# the internet.
31
+#
32
+SRS_FORWARD_PORT=10001
33
+SRS_REVERSE_PORT=10002
34
+
35
+# Drop root privileges and run as another user after initialization.
36
+# This is highly recommended as postsrsd handles untrusted input.
37
+#
38
+RUN_AS=nobody
39
+
40
+# Jail daemon in chroot environment
41
+CHROOT=/usr/local/lib/postsrsd

+ 31
- 0
postsrs/run.sh View File

@@ -0,0 +1,31 @@
1
+#! /usr/bin/env bash
2
+
3
+replace_var()
4
+{
5
+  file="${1}"
6
+  var="${2}"
7
+  sed -e "s?${var}?${!var}?g" -i "${file}"
8
+}
9
+
10
+replace_vars()
11
+{
12
+  file="${1}"
13
+  for var in $(cat /etc/vars-vars)
14
+  do
15
+    replace_var "${file}" "${var}"
16
+  done
17
+}
18
+
19
+replace_files()
20
+{
21
+  for file in $(cat /etc/vars-files)
22
+  do
23
+    replace_vars "${file}"
24
+  done
25
+}
26
+
27
+replace_files
28
+
29
+. /etc/default/postsrsd
30
+
31
+postsrsd -f "${SRS_FORWARD_PORT}" -r "${SRS_REVERSE_PORT}" -d "${SRS_DOMAIN}" -s "${SRS_SECRET}" -a "${SRS_SEPARATOR}" -u "${RUN_AS}" -c "${CHROOT}" -X"${SRS_EXCLUDE_DOMAINS}"

+ 1
- 0
postsrs/vars-files View File

@@ -0,0 +1 @@
1
+/etc/default/postsrsd

+ 27
- 0
postsrs/vars-vars View File

@@ -0,0 +1,27 @@
1
+POSTGRES_HOST
2
+POSTGRES_USER
3
+POSTGRES_PASSWORD
4
+POSTGRES_DB
5
+
6
+MAIL_DOMAIN
7
+MAIL_HOSTNAME
8
+
9
+DOVECOT_HOST
10
+DOVECOT_SASL_PORT
11
+DOVECOT_LMTP_PORT
12
+
13
+POSTFIX_HOST
14
+
15
+OPENDKIM_HOST
16
+OPENDKIM_PORT
17
+
18
+MILTER_SASL_HOST
19
+MILTER_SASL_PORT
20
+
21
+POSTSRS_HOST
22
+POSTSRS_PORT_FORWARD
23
+POSTSRS_PORT_REVERSE
24
+
25
+EXIM_SMARTHOST_HOST
26
+EXIM_SMARTHOST_USER
27
+EXIM_SMARTHOST_PASSWORD

+ 1
- 1
update_vars.sh View File

@@ -1,7 +1,7 @@
1 1
 #! /usr/bin/env sh
2 2
 
3 3
 vars=$(cat env | cut -d= -f1)
4
-for docker in dovecot opendkim postfix postfixadmin
4
+for docker in dovecot opendkim postfix postfixadmin milter-sasl postsrs
5 5
 do
6 6
   echo "${vars}" > "./${docker}/vars-vars"
7 7
 done

Loading…
Cancel
Save