-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathqmail-shcfg.sh
More file actions
283 lines (271 loc) · 10.8 KB
/
qmail-shcfg.sh
File metadata and controls
283 lines (271 loc) · 10.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
# use less to show output page by page
[ "$1" = "-l" ] && qmail-shcfg | less && exit 0
QMAILDIR="QPRFX"
# get it from qmail-print shouldn't give an error
TLS=`qmail-print | grep TLS | cut -d\ -f3`
# some escape sequences to format output
OFF=$'\e[0m' # all attributes off
BLD=$'\e[1m' # bold
ULN=$'\e[4m' # underlined
YLW=$'\e[33m' # yellow foreground
RED=$'\e[91m' # light red foreground
CONFDIR=$QMAILDIR/etc
if [ ! -d $CONFDIR ] ; then echo "error reading controls directory!" ; exit 1 ; fi
#
FILES="me defaultdomain locals defaulthost plusdomain rcpthosts morercpthosts \
virtualdomains helohost localiphost envnoathost idhost \
smtpgreeting concurrencylocal concurrencyremote queuelifetime \
timeoutconnect timeoutremote timeoutsmtpd databytes \
bouncefrom bouncehost doublebouncehost doublebounceto \
defaultdelivery smtproutes qmqpservers \
badmailfrom badmailto percenthack \
smtpplugins checkpwtools \
"
# These config files will be shown only if TLS is enabled
if [ "$TLS" = "Yes" ] ; then
FILES=" $FILES servercert clientcert tlsserverciphers tlsclientciphers \
dh2048.pem rsa2048.pem"
fi
#********************************************************************************
# print output
QPRFX/bin/qmail-print
printContent() {
printf "\033[1m%s\033[0m" "$f:"
printf " %s\n" "$COMMENT"
# the format string $FMT can contain different values
case "$FMT" in
# print the default value and the related comment
"0") printf "\t\033[33m%s\033[0m %s\n" "$DEFAULT" "$DEFCMNT";;
# read the first line only
"1") printf "\t\033[33m%s\033[0m\n" "`head -1 $CONFDIR/$f`" ;;
# read multiple lines w/o having spaces, exclude comments ('#')
"2") printf "\t\033[33m%s\n" $(cat $CONFDIR/$f | grep -v ^'\#' | cut -d\ -f1)
printf "\033[0m";;
#
"3") VALUE=$(openssl x509 -enddate -noout -in $CONFDIR/$f.pem | cut -d= -f2)
DEFAULT="valid until expire date on $VALUE"
TODAY=`date +%s`
case `uname | tr '[A-Z]' '[a-z]'` in # check expiration date
freebsd)
EDATE=`date -j -f '%B %d %H:%M:%S %Y %Z' "$VALUE" '+%_s'`;;
netbsd|openbsd)
EDATE=`date -j -d "$VALUE" +%s`
;;
*) EDATE=$(date +%_s -d "$VALUE");;
esac
# EDATE=`date -j -f '%B %d %H:%M:%S %Y' 'May 19 12:38:03 2017' +%s`
if [ "$TODAY" -gt "$EDATE" ] ; then DEFAULT="$DEFAULT$RED (expired)" ; fi
printf "\t\033[33m%s\033[0m\n" "$DEFAULT";;
# read the first valid value (first line w/o '#'
"4") printf "\t\033[33m%s\n" $(cat $CONFDIR/$f | grep -m 1 -v ^'\#')
printf "\033[0m";;
# print more in the future?
"5") ;;
esac
FMT=0 ; COMMENT="" ; DEFCMNT=""
}
#********************************************************************************
# each config file requires a short definition for parsing:
printf "\033[1m\033[4m""Configuration files:""\033[0m\n\n"
for f in $FILES
do
case $f in
badmailfrom)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
DEFAULT="Any 'MAIL FROM' is allowed."
printContent;;
beforequeue)
;;
beforemote)
;;
bouncefrom)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
COMMENT="bounce user name is:"
DEFAULT="MAILER-DAEMON" ; DEFCMNT="(default)"
printContent;;
bouncehost)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
COMMENT="bounce host name is:"
DEFAULT="$ME" ; DEFCMNT="(default: me)"
printContent;;
checkpwtools) # don't show if not present
if [ ! -f "$CONFDIR/$f" ] ; then continue ; else FMT="2" ; fi
COMMENT="these checkpassword programs are given for (smtp) auth:"
printContent;;
concurrencylocal)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="local concurrency limit is:"
DEFAULT="10" ; DEFCMNT="(default)"
printContent;;
concurrencyremote)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="remote concurrency limit is:"
DEFAULT="20" ; DEFCMNT="(default)"
printContent;;
databytes)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="SMTP DATA SIZE limit of messages:"
DEFAULT="not set here" ; DEFCMNT="(default: 0)"
printContent;;
defaultdelivery)
if [ ! -f "$CONFDIR/$f" ] ; then continue ; else FMT="4" ; fi
COMMENT="default instructions for all '.qmail' files:"
DEFAULT=""
printContent;;
defaultdomain)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="default domain name is:"
DEFAULT="not set!"
printContent;;
defaulthost)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="default host name is:"
DEFAULT="$ME" ; DEFCMNT="(default: me)"
printContent;;
doublebouncehost)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
COMMENT="double bounce recipient host is:"
DEFAULT="$ME" ; DEFCMNT="(default: me)"
printContent;;
doublebounceto)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
COMMENT="double bounce recipient name is:"
DEFAULT="postmaster" ; DEFCMNT="(default)"
printContent;;
envnoathost)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="presumed domain name is:"
DEFAULT="$ME" ; DEFCMNT="(default: me)"
printContent;;
helohost)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="SMTP client HELO host name is:"
DEFAULT="$ME" ; DEFCMNT="(default: me)"
printContent;;
idhost)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="Message-ID host name is:"
DEFAULT="$ME" ; DEFCMNT="(default: me)"
printContent;;
localiphost)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="local IP address becomes:"
DEFAULT="$ME" ; DEFCMNT="(default: me)"
printContent;;
locals)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
COMMENT="messages to these domains will be delivered local:"
DEFAULT=""
printContent;;
me)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="Our hostname:"
DEFAULT="`cat $CONFDIR/$f`" ; ME="$DEFAULT"
printContent;;
morercpthosts) # this is a bit more complex
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
DEFAULT="(doesn't exists - no effect)"
COMMENT=" these additional domains are allowed to send mails to us:"
# if file exists then check for morercpthosts.cdb
if [ "$FMT" = "2" ] && [ ! -f "$CONFDIR/$f".cdb ] ; then
DEFAULT="file exists, but database 'morercpthosts.cdb' doesn't - no effect!" ; FMT="X"
else
# check if morercpthosts.cdb is older than morercpthosts
if [ "$CONFDIR/$f" -nt "$CONFDIR/$f".cdb ] ; then
DEFAULT="database 'morercpthosts.cdb' exists, but is older than source file!" ; FMT="X"
fi
#DEFAULT="morercpthost exists, but morercpthost.cdb doesn't - no effect"
fi
# morercpthosts.cdb (database) exists but not morercpthosts (textfile)
if [ "$FMT" = "0" ] && [ -f "$CONFDIR/$f".cdb ] ; then
DEFAULT="database exists, but config file 'morercpthosts' doesn't - undefined behavior " ; FMT="X"
fi
if [ "$FMT" = "X" ] ; then FMT=0 ; fi
if [ "$FMT" = "0" ] ; then COMMENT="" ; fi
printContent;;
percenthack)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
DEFAULT="The percent hack is not allowed."
printContent;;
plusdomain)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="this domain name will be added to addresses w/o a domain: "
DEFAULT="not set"
printContent;;
qmqpservers)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
DEFAULT="no QMQP servers" ; DEFCMNT="(default)"
printContent;;
queuelifetime)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="Messages will be hold in the queue for max:"
DEFAULT="604800 seconds (7 days)" ; DEFCMNT="(default)"
printContent;;
rcpthosts)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
COMMENT="these domains are allowed to send mails to us:"
DEFAULT="none"
printContent;;
smtpgreeting)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="our SMTP greeting is:"
DEFAULT="'220 `head -1 $CONFDIR/me` ESMTP'" ; DEFCMNT="(default: me)"
printContent;;
smtproutes)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
COMMENT="(potential auth credentials are not shown)"
DEFAULT="(doesn't exists - no effect)"
printContent;;
timeoutconnect)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="client connection timeout is (seconds):"
DEFAULT="60" ; DEFCMNT="(default)"
printContent;;
timeoutremote)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="SMTP client data timeout is (seconds):"
DEFAULT="1200" ; DEFCMNT="(default)"
printContent;;
timeoutsmtpd)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="SMTP server data timeout is (seconds):"
DEFAULT="1200" ; DEFCMNT="(default)"
printContent;;
virtualdomains)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
DEFAULT="No virtual domains defined."
printContent;;
clientcert|servercert)
if [ ! -f "$CONFDIR/$f".pem ] ; then
printf "\033[1m%s\n\t\033[91m%s\033[0m%s\n" "$f:" "Critical" ": not found!"
else FMT="3" ; printContent ; fi
;;
tlsclientciphers)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
DEFAULT="(not defined)"
printContent;;
tlsserverciphers)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="2" ; fi
DEFAULT="(not defined)"
printContent;;
dh*.pem|rsa*.pem)
if [ ! -f "$CONFDIR/$f" ] ; then FMT="0" ; else FMT="1" ; fi
COMMENT="keyfile:"
DEFAULT="not found - keys will be generated on the fly (slow)"
if [ "$FMT" != "0" ] ; then
DEFAULT="present: "$(file -b $CONFDIR/$f) ; FMT="0" ; fi
printContent;;
smtpplugins)
if [ ! -f "$CONFDIR"/$f ] ; then FMT="0" ; else FMT="2" ; fi
COMMENT="used by qmail-spp:"
DEFAULT="not present"
printContent;;
esac
done
echo
printf "\033[1m%s\033[0m" "Hint: "
echo "Some of the above could be set through an"
echo "environment variable too. This isn't considered!"
#tlshosts: I have no idea what this file does.
#servercert.cnf: I have no idea what this file do
#beforemote: I have no idea what this file does.