Fixes, working rspamd settings, generate DKIM keys in PHP
This commit is contained in:
andryyy
@@ -9,10 +9,4 @@ trap "postfix reload" SIGHUP
|
||||
# start postfix
|
||||
postfix -c /opt/postfix/conf start
|
||||
|
||||
# lets give postfix some time to start
|
||||
sleep 3
|
||||
|
||||
# wait until postfix is dead (triggered by trap)
|
||||
while kill -0 $(cat /var/spool/postfix/pid/master.pid); do
|
||||
sleep 5
|
||||
done
|
||||
sleep infinity
|
||||
|
||||
@@ -9,6 +9,8 @@ RUN apt-get update \
|
||||
&& apt-get update \
|
||||
&& apt-get --no-install-recommends -y --force-yes install rspamd
|
||||
|
||||
RUN echo '.include $LOCAL_CONFDIR/local.d/rspamd.conf.local' > /etc/rspamd/rspamd.conf.local
|
||||
|
||||
CMD ["/usr/bin/rspamd","-f", "-u", "_rspamd", "-g", "_rspamd"]
|
||||
|
||||
USER _rspamd
|
||||
|
||||
@@ -1,3 +1,8 @@
|
||||
actions {
|
||||
reject = 15;
|
||||
add_header = 5;
|
||||
greylist = 4;
|
||||
}
|
||||
symbol "MAILCOW_AUTH" {
|
||||
description = "mailcow authenticated";
|
||||
score = -20.0;
|
||||
|
||||
1
data/conf/rspamd/local.d/rspamd.conf.local
Normal file
1
data/conf/rspamd/local.d/rspamd.conf.local
Normal file
@@ -0,0 +1 @@
|
||||
settings = "http://nginx:8081/settings.php";
|
||||
@@ -10,5 +10,3 @@ rspamd_config.MAILCOW_AUTH = {
|
||||
rspamd_config.MAILCOW_MOO = function (task)
|
||||
return true
|
||||
end
|
||||
|
||||
rspamd_config:add_map('http://nginx:8081/settings.php', "settings map", process_map)
|
||||
|
||||
@@ -160,7 +160,7 @@ function dkim_table($action, $item) {
|
||||
case "add":
|
||||
$domain = preg_replace('/[^A-Za-z0-9._\-]/', '_', $item['dkim']['domain']);
|
||||
$selector = preg_replace('/[^A-Za-z0-9._\-]/', '_', $item['dkim']['selector']);
|
||||
$key_length = $item['dkim']['key_size'];
|
||||
$key_length = intval($item['dkim']['key_size']);
|
||||
if (!ctype_alnum($selector) || !is_valid_domain_name($domain) || !is_numeric($key_length)) {
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'danger',
|
||||
@@ -178,13 +178,22 @@ function dkim_table($action, $item) {
|
||||
break;
|
||||
}
|
||||
|
||||
// Should be done native in PHP soon
|
||||
$privKey = shell_exec("openssl genrsa -out /tmp/dkim-private.pem " . escapeshellarg($key_length) . " -outform PEM && cat /tmp/dkim-private.pem");
|
||||
$pubKey = shell_exec('openssl rsa -in /tmp/dkim-private.pem -pubout -outform PEM 2>/dev/null | sed -e "1d" -e "\$d" | tr -d "\n"');
|
||||
shell_exec('rm /tmp/dkim-private.pem');
|
||||
|
||||
$config = array(
|
||||
"digest_alg" => "sha256",
|
||||
"private_key_bits" => $key_length,
|
||||
"private_key_type" => OPENSSL_KEYTYPE_RSA,
|
||||
);
|
||||
$keypair_ressource = openssl_pkey_new($config);
|
||||
$key_details = openssl_pkey_get_details($keypair_ressource);
|
||||
$pubKey = implode(array_slice(
|
||||
array_filter(
|
||||
explode(PHP_EOL, $key_details['key'])
|
||||
), 1, -1)
|
||||
);
|
||||
// Save public key to file
|
||||
file_put_contents($GLOBALS['MC_DKIM_TXTS'] . '/' . $selector . '_' . $domain, $pubKey);
|
||||
file_put_contents($GLOBALS['MC_DKIM_KEYS'] . '/' . $domain . '.' . $selector, $privKey);
|
||||
// Save private key to file
|
||||
openssl_pkey_export_to_file($keypair_ressource, $GLOBALS['MC_DKIM_KEYS'] . '/' . $domain . '.' . $selector);
|
||||
|
||||
$_SESSION['return'] = array(
|
||||
'type' => 'success',
|
||||
|
||||
Reference in New Issue
Block a user