Added LDAP support
This commit is contained in:
parent
e7cb2ced7c
commit
5be914ec97
72
Dockerfile
72
Dockerfile
@ -4,44 +4,66 @@
|
|||||||
FROM alpine
|
FROM alpine
|
||||||
|
|
||||||
# Change to http respositories, so they we can cache the install packages
|
# Change to http respositories, so they we can cache the install packages
|
||||||
RUN if [ -n ${HTTP_PROXY} ] ; then sed -ie s'/https/http/' /etc/apk/repositories; fi
|
RUN if [ -n ${HTTP_PROXY} ] ; then sed -i -e s'/https/http/' /etc/apk/repositories; fi
|
||||||
|
|
||||||
RUN apk add --no-cache postfix cyrus-sasl opendkim opendkim-utils
|
RUN apk add --no-cache postfix postfix-ldap cyrus-sasl cyrus-sasl-login opendkim opendkim-utils
|
||||||
|
|
||||||
# Config postfix
|
|
||||||
RUN sed -ie 's%^#mynetworks = hash:/etc/postfix/network_table%mynetworks = /etc/opendkim/signing/TrustedHosts%' /etc/postfix/main.cf \
|
|
||||||
&& sed -ie 's%^#relay_domains = %relay_domains = lmdb:/etc/postfix/custom/transport%' /etc/postfix/main.cf \
|
|
||||||
&& echo 'transport_maps = lmdb:/etc/postfix/custom/transport' >> /etc/postfix/main.cf \
|
|
||||||
&& echo -n 'bWVzc2FnZV9zaXplX2xpbWl0ID0gMjU2MDAwMDAKcXVldWVfbWluZnJlZSA9IDUxMjAwMDAwCg=='|base64 -d >> /etc/postfix/main.cf \
|
|
||||||
&& echo -n 'c210cF9zYXNsX2F1dGhfZW5hYmxlID0geWVzCnNtdHBfdGxzX3NlY3VyaXR5X2xldmVsID0gZW5j\
|
|
||||||
cnlwdApzbXRwX3Nhc2xfcGFzc3dvcmRfbWFwcyA9IGxtZGI6L2V0Yy9wb3N0Zml4L2N1c3RvbS9z\
|
|
||||||
YXNsX3Bhc3N3ZApzbXRwX3Nhc2xfc2VjdXJpdHlfb3B0aW9ucyA9CnNtdHBfdGxzX0NBZmlsZSA9\
|
|
||||||
IC9ldGMvc3NsL2NlcnRzL2NhLWNlcnRpZmljYXRlcy5jcnQKc210cF91c2VfdGxzID0geWVzCiNy\
|
|
||||||
ZWxheWhvc3QgPSAvZXRjL3Bvc3RmaXgvY3VzdG9tL3JlbGF5X2hvc3QK'|base64 -d >> /etc/postfix/main.cf
|
|
||||||
|
|
||||||
|
# SASL config
|
||||||
COPY smtpd.conf /etc/sasl2/
|
COPY smtpd.conf /etc/sasl2/
|
||||||
|
|
||||||
RUN apk add shadow && useradd -rc "HUB Mail Relay" -M relay -NG mail -s /sbin/nologin && echo relay:SmTpR3l2Y | chpasswd \
|
RUN apk add shadow && useradd -rc "HUB Mail Relay" -M relay -NG mail -s /sbin/nologin && echo relay:SmTpR3l2Y | chpasswd \
|
||||||
&& gpasswd -a postfix opendkim
|
&& gpasswd -a postfix opendkim
|
||||||
|
|
||||||
|
# Config postfix
|
||||||
|
RUN sed -i -e 's%^#mynetworks = hash:/etc/postfix/network_table%mynetworks = /etc/opendkim/signing/TrustedHosts%' /etc/postfix/main.cf
|
||||||
|
COPY include /etc/postfix/include
|
||||||
|
COPY ssl /etc/postfix/ssl
|
||||||
|
|
||||||
# Enable DKIM
|
# Enable DKIM
|
||||||
RUN mkdir /run/opendkim \
|
RUN mkdir /run/opendkim
|
||||||
&& echo -n 'IyBNaWx0ZXIgY29uZmlndXJhdGlvbiAtIG9wZW5ka2ltCiMgSWYgdGhlIE9wZW5ES0lNIG1pbHRl\
|
|
||||||
ciBpc24ndCBhdmFpbGFibGUsIGFjY2VwdCB0aGUgbWVzc2FnZSBhbnl3YXkuCm1pbHRlcl9kZWZh\
|
|
||||||
dWx0X2FjdGlvbiA9IGFjY2VwdAojIFdoYXQgbWlsdGVyIGNvbW11bmljYXRpb24gcHJvdG9jb2wg\
|
|
||||||
c2hvdWxkIGJlIHVzZWQgdG8gcGFzcyBtZXNzYWdlcwojIHRvIGFuZCBmcm9tIE9wZW5ES0lNPwpt\
|
|
||||||
aWx0ZXJfcHJvdG9jb2wgPSA2CiMgV2hlcmUgc2hvdWxkIHRoZSBPcGVuREtJTSBtaWx0ZXIgYmUg\
|
|
||||||
Y29udGFjdCB0aHJvdWdoPyAgTm90ZSB0aGF0IHRoaXMKIyBpcyBpbnNpZGUgdGhlIC92YXIvc3Bv\
|
|
||||||
b2wvcG9zdGZpeCBjaHJvb3QuCnNtdHBkX21pbHRlcnMgPSBpbmV0OjEyNy4wLjAuMTo4ODkxCiMg\
|
|
||||||
U2VuZCBtYWlsIHRoYXQgZG9lc24ndCBhcnJpdmUgZnJvbSB0aGUgbmV0d29yayB0aHJvdWdoIHRo\
|
|
||||||
ZSBzYW1lIG1pbHRlcgojIGFzIG91dGJvdW5kIG1haWwuCm5vbl9zbXRwZF9taWx0ZXJzID0gJHNt\
|
|
||||||
dHBkX21pbHRlcnMK' |base64 -d >> /etc/postfix/main.cf
|
|
||||||
COPY opendkim.conf /etc/opendkim/
|
COPY opendkim.conf /etc/opendkim/
|
||||||
COPY signing /etc/opendkim/signing/
|
COPY signing /etc/opendkim/signing/
|
||||||
|
COPY defaults /defaults/
|
||||||
|
|
||||||
COPY init /sbin/
|
COPY init /sbin/
|
||||||
|
|
||||||
VOLUME ["/var/spool/postfix","/etc/postfix/custom"]
|
VOLUME [ "/var/spool/postfix","/etc/postfix/custom","/var/mail/vhosts" ]
|
||||||
EXPOSE 25
|
EXPOSE 25
|
||||||
|
|
||||||
# Starting
|
# Starting
|
||||||
ENTRYPOINT [ "/sbin/init" ]
|
ENTRYPOINT [ "/sbin/init" ]
|
||||||
|
|
||||||
|
|
||||||
|
# Control
|
||||||
|
#* add require EHLO - DONE
|
||||||
|
#* mydestination
|
||||||
|
#* ldap hostname via init in where clauses
|
||||||
|
#* virtual_alias_domain ? (Dont list in mydestination) OR (for unix accounts - DONT NEED?)
|
||||||
|
#* virtual_mailbox_domain (Dont list in mydestination)
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# 1 /etc/postfix/main.cf:
|
||||||
|
# 2 virtual_mailbox_domains = example.com ...more domains...
|
||||||
|
# 3 virtual_mailbox_base = /var/mail/vhosts
|
||||||
|
# 4 virtual_mailbox_maps = hash:/etc/postfix/vmailbox
|
||||||
|
# 5 virtual_minimum_uid = 100
|
||||||
|
# 6 virtual_uid_maps = static:5000
|
||||||
|
# 7 virtual_gid_maps = static:5000
|
||||||
|
# 8 virtual_alias_maps = hash:/etc/postfix/virtual
|
||||||
|
# 9
|
||||||
|
# 10 /etc/postfix/vmailbox:
|
||||||
|
# 11 info@example.com example.com/info
|
||||||
|
# 12 sales@example.com example.com/sales/
|
||||||
|
# 13 # Comment out the entry below to implement a catch-all.
|
||||||
|
# 14 # @example.com example.com/catchall
|
||||||
|
# 15 ...virtual mailboxes for more domains...
|
||||||
|
# 16
|
||||||
|
# 17 /etc/postfix/virtual:
|
||||||
|
# 18 postmaster@example.com postmaster
|
||||||
|
#
|
||||||
|
#TEST Environement:
|
||||||
|
#* dege.lan - virtual
|
||||||
|
#* dege.au - virtual
|
||||||
|
#* dlcm.co - virtual
|
||||||
|
#* bbs.dege.au - sync
|
||||||
|
#* dcml.au - axigen
|
||||||
|
13
defaults/ldap_relay_domains
Normal file
13
defaults/ldap_relay_domains
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
server_host = ldap
|
||||||
|
search_base = @LDAP_SEARCH_BASE@
|
||||||
|
version = 3
|
||||||
|
bind = no
|
||||||
|
#bind_dn = cn=admin,dc=example,dc=com
|
||||||
|
#bind_pw = password
|
||||||
|
query_filter = (&(objectClass=inetLocalMailRecipient) (!(mailHost=@THIS_HOST@)) (|(mail=%s) (mailLocalAddress=%s)))
|
||||||
|
#domain = example.com, hash:/etc/postfix/searchdomains
|
||||||
|
#expansion_limit = 1
|
||||||
|
#recursion_limit = 1
|
||||||
|
#size_limit = $expansion_limit
|
||||||
|
result_attribute = mailHost
|
||||||
|
result_format = relay:[%s]
|
13
defaults/ldap_relay_recipient_maps
Normal file
13
defaults/ldap_relay_recipient_maps
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
server_host = ldap
|
||||||
|
search_base = @LDAP_SEARCH_BASE@
|
||||||
|
version = 3
|
||||||
|
bind = no
|
||||||
|
#bind_dn = cn=admin,dc=example,dc=com
|
||||||
|
#bind_pw = password
|
||||||
|
query_filter = (&(objectClass=inetLocalMailRecipient) (|(mail=%s)(mailLocalAddress=%s)))
|
||||||
|
#domain = example.com, hash:/etc/postfix/searchdomains
|
||||||
|
#expansion_limit = 1
|
||||||
|
#recursion_limit = 1
|
||||||
|
#size_limit = $expansion_limit
|
||||||
|
result_attribute = uidNumber
|
||||||
|
# result_format = %s
|
13
defaults/ldap_virtual_alias_maps
Normal file
13
defaults/ldap_virtual_alias_maps
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
server_host = ldap
|
||||||
|
search_base = @LDAP_SEARCH_BASE@
|
||||||
|
version = 3
|
||||||
|
bind = no
|
||||||
|
#bind_dn = cn=admin,dc=example,dc=com
|
||||||
|
#bind_pw = password
|
||||||
|
query_filter = (&(objectClass=inetLocalMailRecipient) (mailHost=@THIS_HOST@) (|(mail=%s)(mailLocalAddress=%s)))
|
||||||
|
#domain = example.com, hash:/etc/postfix/searchdomains
|
||||||
|
#expansion_limit = 1
|
||||||
|
#recursion_limit = 1
|
||||||
|
#size_limit = $expansion_limit
|
||||||
|
result_attribute = mailRoutingAddress
|
||||||
|
# result_format = %s
|
13
defaults/ldap_virtual_mailbox_maps
Normal file
13
defaults/ldap_virtual_mailbox_maps
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
server_host = ldap
|
||||||
|
search_base = @LDAP_SEARCH_BASE@
|
||||||
|
version = 3
|
||||||
|
bind = no
|
||||||
|
#bind_dn = cn=admin,dc=example,dc=com
|
||||||
|
#bind_pw = password
|
||||||
|
query_filter = (&(objectClass=inetLocalMailRecipient) (|(mail=%s)(mailLocalAddress=%s)))
|
||||||
|
#domain = example.com, hash:/etc/postfix/searchdomains
|
||||||
|
#expansion_limit = 1
|
||||||
|
#recursion_limit = 1
|
||||||
|
#size_limit = $expansion_limit
|
||||||
|
result_attribute = uidNumber
|
||||||
|
result_format = %D/%U
|
1
defaults/relay_domains
Normal file
1
defaults/relay_domains
Normal file
@ -0,0 +1 @@
|
|||||||
|
#example.com relay:[host.example.com]:port
|
1
defaults/relay_recipient_maps
Normal file
1
defaults/relay_recipient_maps
Normal file
@ -0,0 +1 @@
|
|||||||
|
#user@example.com -
|
0
defaults/virtual_alias_maps
Normal file
0
defaults/virtual_alias_maps
Normal file
1
defaults/virtual_mailbox_maps
Normal file
1
defaults/virtual_mailbox_maps
Normal file
@ -0,0 +1 @@
|
|||||||
|
#user@example.com com.example/user
|
@ -1,2 +1,4 @@
|
|||||||
message_size_limit = 25600000
|
message_size_limit = 25600000
|
||||||
queue_minfree = 51200000
|
queue_minfree = 51200000
|
||||||
|
smtpd_helo_required = yes
|
||||||
|
recipient_delimiter = +
|
11
include/10-ssl.cf
Normal file
11
include/10-ssl.cf
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
smtp_use_tls = yes
|
||||||
|
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
||||||
|
smtp_tls_security_level = may
|
||||||
|
smtpd_tls_auth_only = yes
|
||||||
|
smtpd_tls_chain_files =
|
||||||
|
/etc/postfix/custom/ssl/server.crts,
|
||||||
|
/etc/postfix/ssl/ca.crts
|
||||||
|
smtpd_tls_key_file = $smtpd_tls_cert_file
|
||||||
|
smtpd_tls_security_level = may
|
||||||
|
smtpd_tls_session_cache_database = lmdb:/var/lib/postfix/smtpd_scache
|
||||||
|
smtpd_tls_session_cache_timeout = 1d
|
4
include/20-sasl.cf
Normal file
4
include/20-sasl.cf
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
smtp_sasl_auth_enable = yes
|
||||||
|
smtp_sasl_password_maps = lmdb:/etc/postfix/custom/sasl_passwd
|
||||||
|
smtp_sasl_security_options =
|
||||||
|
smtpd_sasl_auth_enable = yes
|
10
include/40-relay.cf
Normal file
10
include/40-relay.cf
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
#relayhost = /etc/postfix/custom/relay_host
|
||||||
|
relay_domains = lmdb:/etc/postfix/custom/relay_domains
|
||||||
|
ldap:/etc/postfix/custom/ldap_relay_domains
|
||||||
|
relay_recipient_maps = lmdb:/etc/postfix/custom/relay_recipient_maps
|
||||||
|
ldap:/etc/postfix/custom/ldap_relay_recipient_maps
|
||||||
|
transport_maps = lmdb:/etc/postfix/custom/relay_domains
|
||||||
|
#transport_maps = $relay_domains
|
||||||
|
#relay_transport = lmdb:/etc/postfix/custom/relay_domains <-- THIS DOESNT WORK?
|
||||||
|
#relay_transport = relay:[c-8-2.leenooks.lan]:1025 <-- THIS DOES WORK
|
||||||
|
#relay_transport = relay
|
16
include/41-virtual.cf
Normal file
16
include/41-virtual.cf
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
#virtual_alias_domains = @VIRTUAL_ALIAS_DOMAINS@
|
||||||
|
##virtual_alias_domains = lmdb:/etc/postfix/custom/virtual_alias_domains
|
||||||
|
## ldap:/etc/postfix/custom/ldap_virtual_mailbox_domains
|
||||||
|
virtual_alias_maps = lmdb:/etc/postfix/custom/virtual_alias_maps
|
||||||
|
ldap:/etc/postfix/custom/ldap_virtual_alias_maps
|
||||||
|
virtual_mailbox_base = /var/mail/vhosts
|
||||||
|
#virtual_mailbox_domains = @VIRTUAL_DOMAINS@
|
||||||
|
## @note virtual_mailbox_domains cannot be a map, so the below two definitions *WONT* work
|
||||||
|
##virtual_mailbox_domains = lmdb:/etc/postfix/custom/virtual_mailbox_domains
|
||||||
|
## ldap:/etc/postfix/custom/ldap_virtual_mailbox_domains
|
||||||
|
virtual_mailbox_maps = lmdb:/etc/postfix/custom/virtual_mailbox_maps
|
||||||
|
ldap:/etc/postfix/custom/ldap_virtual_mailbox_maps
|
||||||
|
#virtual_transport = virtual
|
||||||
|
virtual_minimum_uid = 100
|
||||||
|
virtual_uid_maps = static:5000
|
||||||
|
virtual_gid_maps = static:5000
|
71
init
71
init
@ -1,12 +1,19 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
|
# @NOTE: Directories in /var/mail/vhosts/* need to be owned by the UID/GID defined in custom/41-virtual.cf
|
||||||
|
|
||||||
|
DEFAULTS=/defaults
|
||||||
|
POSTFIX=/etc/postfix
|
||||||
|
CUSTOM=${POSTFIX}/custom
|
||||||
|
INCLUDE_DIR=${POSTFIX}/include
|
||||||
NAME="SMTP"
|
NAME="SMTP"
|
||||||
|
|
||||||
function stop {
|
function stop {
|
||||||
echo "Stopping ${NAME}"
|
echo "Stopping ${NAME}"
|
||||||
|
postfix stop
|
||||||
kill $(cat /run/saslauthd/saslauthd.pid)
|
kill $(cat /run/saslauthd/saslauthd.pid)
|
||||||
kill $(cat /run/sendmail/mta/sendmail.pid|head -1)
|
kill $(cat /run/opendkim/opendkim.pid)
|
||||||
}
|
}
|
||||||
|
|
||||||
trap 'stop' SIGTERM
|
trap 'stop' SIGTERM
|
||||||
@ -17,16 +24,66 @@ if [ -z "$@" ]; then
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
touch /etc/postfix/custom/relay_host
|
# Start some supporting daemons
|
||||||
touch /etc/postfix/custom/sasl_passwd
|
|
||||||
postmap -o lmdb:/etc/postfix/custom/sasl_passwd
|
|
||||||
touch /etc/postfix/custom/transport
|
|
||||||
postmap -o lmdb:/etc/postfix/custom/transport
|
|
||||||
/usr/sbin/saslauthd -m /run/saslauthd -ca shadow
|
/usr/sbin/saslauthd -m /run/saslauthd -ca shadow
|
||||||
|
/usr/sbin/opendkim -u opendkim -P /run/opendkim/opendkim.pid
|
||||||
|
|
||||||
|
# Setup our postfix environment
|
||||||
|
if [ -d ${INCLUDE_DIR} ]; then
|
||||||
|
if ls -1 ${INCLUDE_DIR}/*.cf >/dev/null 2>&1; then
|
||||||
|
echo "* Adding to main.cf"
|
||||||
|
echo '##### CUSTOM CONFIGURATION ####' >> ${POSTFIX}/main.cf
|
||||||
|
|
||||||
|
for i in ${INCLUDE_DIR}/*.cf; do
|
||||||
|
echo "* Adding [${i}] to main.cf"
|
||||||
|
echo "# - ${i}" >> ${POSTFIX}/main.cf
|
||||||
|
cat $i >> ${POSTFIX}/main.cf
|
||||||
|
done
|
||||||
|
|
||||||
|
echo '##### END CUSTOM CONFIGURATION ####' >> ${POSTFIX}/main.cf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
[ ! -f ${CUSTOM}/relay_domains ] && cp ${DEFAULTS}/relay_domains ${CUSTOM}/
|
||||||
|
postmap -o lmdb:${CUSTOM}/relay_domains
|
||||||
|
|
||||||
|
[ ! -f ${CUSTOM}/relay_recipient_maps ] && cp ${DEFAULTS}/relay_recipient_maps ${CUSTOM}/
|
||||||
|
postmap -o lmdb:${CUSTOM}/relay_recipient_maps
|
||||||
|
|
||||||
|
touch ${CUSTOM}/sasl_passwd
|
||||||
|
postmap -o lmdb:${CUSTOM}/sasl_passwd
|
||||||
|
|
||||||
|
[ -n "${VIRTUAL_ALIAS_DOMAINS}" ] && sed -i -e "s%#virtual_alias_domains = @VIRTUAL_ALIAS_DOMAINS@%virtual_alias_domains = ${VIRTUAL_ALIAS_DOMAINS}%" ${POSTFIX}/main.cf
|
||||||
|
[ ! -f ${CUSTOM}/virtual_alias_maps ] && cp ${DEFAULTS}/virtual_alias_maps ${CUSTOM}/
|
||||||
|
postmap -o lmdb:${CUSTOM}/virtual_alias_maps
|
||||||
|
|
||||||
|
[ -n "${VIRTUAL_DOMAINS}" ] && sed -i -e "s%#virtual_mailbox_domains = @VIRTUAL_DOMAINS@%virtual_mailbox_domains = ${VIRTUAL_DOMAINS}%" ${POSTFIX}/main.cf
|
||||||
|
[ ! -f ${CUSTOM}/virtual_mailbox_maps ] && cp ${DEFAULTS}/virtual_mailbox_maps ${CUSTOM}/
|
||||||
|
postmap -o lmdb:${CUSTOM}/virtual_mailbox_maps
|
||||||
|
|
||||||
|
# Create some default LDAP templates
|
||||||
|
if [ ! -f ${CUSTOM}/ldap_virtual_alias_maps -a -n "${LDAP_SEARCH_BASE}" ]; then
|
||||||
|
cp ${DEFAULTS}/ldap_virtual_alias_maps ${CUSTOM}/
|
||||||
|
sed -i -e "s%@THIS_HOST@%${HOSTNAME}%" -e "s%@LDAP_SEARCH_BASE@%${LDAP_SEARCH_BASE}%" ${CUSTOM}/ldap_virtual_alias_maps
|
||||||
|
fi
|
||||||
|
if [ ! -f ${CUSTOM}/ldap_virtual_mailbox_maps -a -n "${LDAP_SEARCH_BASE}" ]; then
|
||||||
|
cp ${DEFAULTS}/ldap_virtual_mailbox_maps ${CUSTOM}/
|
||||||
|
sed -i -e "s%@THIS_HOST@%${HOSTNAME}%" -e "s%@LDAP_SEARCH_BASE@%${LDAP_SEARCH_BASE}%" ${CUSTOM}/ldap_virtual_mailbox_maps
|
||||||
|
fi
|
||||||
|
if [ ! -f ${CUSTOM}/ldap_relay_domains -a -n "${LDAP_SEARCH_BASE}" ]; then
|
||||||
|
cp ${DEFAULTS}/ldap_relay_domains ${CUSTOM}/
|
||||||
|
sed -i -e "s%@THIS_HOST@%${HOSTNAME}%" -e "s%@LDAP_SEARCH_BASE@%${LDAP_SEARCH_BASE}%" ${CUSTOM}/ldap_relay_domains
|
||||||
|
fi
|
||||||
|
if [ ! -f ${CUSTOM}/ldap_relay_recipient_maps -a -n "${LDAP_SEARCH_BASE}" ]; then
|
||||||
|
cp ${DEFAULTS}/ldap_relay_recipient_maps ${CUSTOM}/
|
||||||
|
sed -i -e "s%@THIS_HOST@%${HOSTNAME}%" -e "s%@LDAP_SEARCH_BASE@%${LDAP_SEARCH_BASE}%" ${CUSTOM}/ldap_relay_recipient_maps
|
||||||
|
fi
|
||||||
|
|
||||||
newaliases
|
newaliases
|
||||||
postfix start
|
postfix start
|
||||||
/usr/sbin/opendkim -P /run/opendkim.pid -u opendkim -f
|
|
||||||
|
|
||||||
|
# Sleep,enabling our SIGTERM to shut us down gracefully
|
||||||
|
(while true; do sleep 3600; done) &
|
||||||
wait
|
wait
|
||||||
else
|
else
|
||||||
exec $@
|
exec $@
|
||||||
|
@ -1,7 +0,0 @@
|
|||||||
smtp_sasl_auth_enable = yes
|
|
||||||
smtp_tls_security_level = encrypt
|
|
||||||
smtp_sasl_password_maps = lmdb:/etc/postfix/custom/sasl_passwd
|
|
||||||
smtp_sasl_security_options =
|
|
||||||
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
|
||||||
smtp_use_tls = yes
|
|
||||||
#relayhost = /etc/postfix/custom/relay_host
|
|
@ -1,3 +1,2 @@
|
|||||||
/etc/sasl2/smtpd.conf:
|
|
||||||
pwcheck_method: saslauthd
|
pwcheck_method: saslauthd
|
||||||
mech_list: PLAIN LOGIN
|
mech_list: PLAIN LOGIN
|
||||||
|
183
ssl/ca.crts
Normal file
183
ssl/ca.crts
Normal file
@ -0,0 +1,183 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIG5DCCBMygAwIBAgIJAObaLjRg5aFaMA0GCSqGSIb3DQEBCwUAMGUxCzAJBgNV
|
||||||
|
BAYTAkFVMQwwCgYDVQQIEwNWSUMxEjAQBgNVBAcTCU1lbGJvdXJuZTEUMBIGA1UE
|
||||||
|
ChMLTWFzdGVyIFJvb3QxDDAKBgNVBAsTA1NTTDEQMA4GA1UEAxMHUm9vdCBDQTAe
|
||||||
|
Fw0xNzA3MDMwNTEyMjlaFw0yNzA3MDEwNTEyMjlaMGUxCzAJBgNVBAYTAkFVMQww
|
||||||
|
CgYDVQQIEwNWSUMxEjAQBgNVBAcTCU1lbGJvdXJuZTEUMBIGA1UEChMLTWFzdGVy
|
||||||
|
IFJvb3QxDDAKBgNVBAsTA1NTTDEQMA4GA1UEAxMHUm9vdCBDQTCCAiIwDQYJKoZI
|
||||||
|
hvcNAQEBBQADggIPADCCAgoCggIBANFHF+DuvWHjiOv9VSL1DvLLKf7TNnnBLIzN
|
||||||
|
AgpPZiky83k/GyowFZWvE0S0CJj4eUMU4xYwOvAOPK5XSQhulDTydLzoKwGBiLvi
|
||||||
|
1JO469fDCbMEvmuIHfgHJmGnsvNkgEJX7ZKg9VTUdxB6nJ0fZUXiAYj0svi0g8xw
|
||||||
|
bGzpBvh1WNQ2SH3i4wqeIH+cNWRzY8oYjdk2wG4EXqMDsghHA93Sp2Mh4z/pjoO0
|
||||||
|
bZds89JI6QKXqpxDLqzyAQ/+VSOUs+bMLShZjFEa21YF7SrPt5ozvI9/pf8jm3n2
|
||||||
|
bT49CDVEmroMS/jA7tfmP9Erly9MQtrEdVTDZXZIUHaGKIcFM1SEBMmekkDpgJJD
|
||||||
|
J1miJUVceGMKKWg673YnDOZTfrrWI9QAM9tEKXT2gCflJBe3eWl6ZPsgue1WrEQf
|
||||||
|
Y3wEwYUGnqMnQN/bSzfuvhD/PHWR2rDB+vQYwyFddanQ1npd2qixht7BZLOpUb+S
|
||||||
|
7yc+hlbaiukR9nlp9FTw8ZK+c2DQcGqHiD5qXJ0zgfGInsKt8yWSL8kGHVPj77zF
|
||||||
|
6DBix9zTb/wj65az16lMpEVf4WRtmz2mu7J5H/aUIuEaMAWbDEQP7zS6xlxJurPx
|
||||||
|
wmZ+4r5pVZLN8W3/nTYZN+iJ2nOR0nVdd0OLfDOrLYAHFoydvtW/TPv83OqGbqnH
|
||||||
|
haUtevPxAgMBAAGjggGVMIIBkTASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1UdDgQW
|
||||||
|
BBQqNnYk4S28QyQn7pu2URFS9abjnTCBlwYDVR0jBIGPMIGMgBQqNnYk4S28QyQn
|
||||||
|
7pu2URFS9abjnaFppGcwZTELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1ZJQzESMBAG
|
||||||
|
A1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtNYXN0ZXIgUm9vdDEMMAoGA1UECxMD
|
||||||
|
U1NMMRAwDgYDVQQDEwdSb290IENBggkA5touNGDloVowCwYDVR0PBAQDAgEGMBEG
|
||||||
|
CWCGSAGG+EIBAQQEAwIBBjAeBgNVHRIEFzAVhhNodHRwczovL3NzbC5kbGNtLmNv
|
||||||
|
MFgGCCsGAQUFBwEBBEwwSjAkBggrBgEFBQcwAYYYaHR0cHM6Ly9zc2wuZGxjbS5j
|
||||||
|
by9vY3NwMCIGCCsGAQUFBzAChhZodHRwczovL3NzbC5kbGNtLmNvL2NhMCgGA1Ud
|
||||||
|
HwQhMB8wHaAboBmGF2h0dHBzOi8vc3NsLmRsY20uY28vY3JsMA0GCSqGSIb3DQEB
|
||||||
|
CwUAA4ICAQBZxX0jgHY64eLGgsbiMPF9SH4sW8QmhLoUoAkBZlj8Qi4oLfm1zu1E
|
||||||
|
vglqe5LWPvAY1PVl6XMM0oNcWiZiuwLOIssZmwasnAUzX0y+ZEfJPLG2r1HW+oUH
|
||||||
|
ns273eU0uZ9Xzglzv44lSkhX0D2tKrsmrVGjDcCeLZ9Ga/ORpgug5eBofxkv2pRr
|
||||||
|
abK7XU6T5zPA9cssAQxKi6KcCfuXu85/9+Fu29uB5dOVZJP98FoAp40FHRTXZqV+
|
||||||
|
u28ZmJNl+6omExOCEZVaMvWtfSc8GAz4I9IuUJimjIMlJXnZLOcXE7F+F5vhQ2NH
|
||||||
|
TT+sma786LO41ybcW1HHVx2bf3XFkSIAzenZbFCO1UU8mwOaihuLHL0c05JanHil
|
||||||
|
hAlUNcrDyTdfxO6K6720fZKUvjalsMDVLehZU1pqb50HI//2p9kf7V+2HALkgGkj
|
||||||
|
ppMezJ7VUmFrIQOSYZQI/eHQWWBZUDWb+Hxil4Biu4WPmq/ieY60e3LEeNU5bGDT
|
||||||
|
A9l4o9V+lqqCcW1NGkJKx9TkL0NoV0NmwR8ggHGRvtIrZywLsy9I2jm88kQESADR
|
||||||
|
whIf0wlwqT11jbJ2zyw+vHt8ji2MiDPCiRpwB6LTMrmOIJNmxLIzcb9otObouA73
|
||||||
|
l6/odR4xISk0/xUqQLmfZHkb0sLdAC0HZ+RE1UKBZ2neA6yW5z0cMA==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
Certificate:
|
||||||
|
Data:
|
||||||
|
Version: 3 (0x2)
|
||||||
|
Serial Number: 100 (0x64)
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Issuer: C=AU, ST=VIC, L=Melbourne, O=Master Root, OU=SSL, CN=Root CA
|
||||||
|
Validity
|
||||||
|
Not Before: Jan 14 02:24:43 2023 GMT
|
||||||
|
Not After : Jan 11 02:24:43 2033 GMT
|
||||||
|
Subject: C=AU, ST=VIC, O=DEGE, OU=SSL, CN=DEGE Root CA
|
||||||
|
Subject Public Key Info:
|
||||||
|
Public Key Algorithm: rsaEncryption
|
||||||
|
RSA Public-Key: (4096 bit)
|
||||||
|
Modulus:
|
||||||
|
00:d7:9b:5f:27:b7:ba:18:d4:cd:0c:19:92:bb:99:
|
||||||
|
77:42:44:39:40:31:9f:71:00:cb:9a:51:41:90:66:
|
||||||
|
3d:d3:34:e2:92:cf:df:af:55:c5:2a:02:9b:3e:b6:
|
||||||
|
01:64:7a:0c:a7:6f:81:a6:95:5d:5b:43:39:a0:91:
|
||||||
|
d3:2f:14:26:bd:ac:89:54:84:83:6e:71:a0:28:30:
|
||||||
|
b5:cc:31:01:06:38:b6:87:d1:dc:ff:01:03:23:d5:
|
||||||
|
8b:00:0f:dd:b2:96:7d:e8:64:e4:7a:a7:34:d6:7c:
|
||||||
|
63:a9:46:ed:5e:b6:55:4f:c5:e7:5b:06:11:1c:39:
|
||||||
|
15:97:ee:c7:81:48:ff:27:fe:ad:ba:fa:31:5b:7c:
|
||||||
|
89:56:84:ba:3a:63:8a:c8:c2:4c:db:71:a5:29:1d:
|
||||||
|
83:cf:8e:e0:b2:ae:63:4b:62:2c:e8:18:0f:c4:d2:
|
||||||
|
5f:2f:27:73:d8:f2:78:d8:6c:d6:aa:b8:ec:9e:87:
|
||||||
|
aa:22:aa:f3:69:47:51:24:51:2b:b2:14:69:5b:d6:
|
||||||
|
82:1f:19:b0:a1:15:f9:a4:e7:57:9f:45:e0:7d:35:
|
||||||
|
ec:67:6c:0e:21:3a:72:2c:f0:83:46:9c:37:43:17:
|
||||||
|
30:51:7d:5f:c9:0c:70:fa:19:52:a0:ba:68:8d:dd:
|
||||||
|
cf:34:45:2a:cb:29:5e:fc:2c:13:d2:bf:d7:8b:5a:
|
||||||
|
93:11:84:67:e8:90:74:fc:6a:71:89:bd:a8:57:16:
|
||||||
|
9d:68:3e:54:7b:40:cd:83:dd:da:63:dd:7f:a2:e2:
|
||||||
|
e6:6e:ad:b8:05:83:e1:30:f5:94:42:9e:19:98:71:
|
||||||
|
cc:a2:6d:0a:9b:5d:59:39:99:83:1a:95:6e:83:7b:
|
||||||
|
64:5b:48:51:cc:cc:ae:84:e0:8d:f6:61:fe:e7:60:
|
||||||
|
26:db:0f:e9:ae:37:d0:27:80:4a:b5:8c:c7:0b:e4:
|
||||||
|
c9:43:80:fd:a0:f0:f8:6d:ab:df:6d:da:ef:e9:cf:
|
||||||
|
71:54:d6:75:6d:3f:56:de:20:a6:fa:43:d5:36:84:
|
||||||
|
91:e5:5c:4e:6d:bf:a8:7d:40:20:6e:7f:a8:8b:3f:
|
||||||
|
d3:1b:a9:39:9d:c3:ca:62:18:07:49:8f:ee:ae:5a:
|
||||||
|
e3:d6:29:75:9b:7b:4b:63:80:b2:d0:21:d3:15:3e:
|
||||||
|
a8:34:cf:f7:3d:48:37:80:4d:d9:cc:7c:c7:cc:e6:
|
||||||
|
00:50:80:8d:9c:3f:b2:5d:7b:1d:85:86:cc:0c:38:
|
||||||
|
e0:cc:50:0d:be:cb:f8:91:00:4b:bc:e3:c7:fd:8d:
|
||||||
|
a9:8c:3d:77:24:4e:c9:fa:1a:ff:8d:fe:c1:58:47:
|
||||||
|
2d:54:49:91:35:c0:8e:a9:52:0e:99:4d:5e:26:de:
|
||||||
|
e1:88:11:af:56:9c:31:c7:ee:58:42:26:39:ce:48:
|
||||||
|
7a:de:8f
|
||||||
|
Exponent: 65537 (0x10001)
|
||||||
|
X509v3 extensions:
|
||||||
|
X509v3 Basic Constraints: critical
|
||||||
|
CA:TRUE, pathlen:1
|
||||||
|
X509v3 Subject Key Identifier:
|
||||||
|
02:FB:C5:FF:04:42:04:E9:61:F8:A0:D8:FE:D7:D3:75:E8:CC:FE:7F
|
||||||
|
X509v3 Authority Key Identifier:
|
||||||
|
keyid:2A:36:76:24:E1:2D:BC:43:24:27:EE:9B:B6:51:11:52:F5:A6:E3:9D
|
||||||
|
DirName:/C=AU/ST=VIC/L=Melbourne/O=Master Root/OU=SSL/CN=Root CA
|
||||||
|
serial:E6:DA:2E:34:60:E5:A1:5A
|
||||||
|
|
||||||
|
X509v3 Key Usage:
|
||||||
|
Certificate Sign, CRL Sign
|
||||||
|
Netscape Cert Type:
|
||||||
|
SSL CA, S/MIME CA
|
||||||
|
X509v3 Issuer Alternative Name:
|
||||||
|
URI:https://ssl.dlcm.co
|
||||||
|
Authority Information Access:
|
||||||
|
OCSP - URI:https://ssl.dlcm.co/ocsp
|
||||||
|
CA Issuers - URI:https://ssl.dlcm.co/ca
|
||||||
|
|
||||||
|
X509v3 CRL Distribution Points:
|
||||||
|
|
||||||
|
Full Name:
|
||||||
|
URI:https://ssl.dlcm.co/crl
|
||||||
|
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
ab:ad:2f:d2:a1:00:5a:ee:df:ae:13:72:1e:c6:78:ea:fe:b1:
|
||||||
|
67:ec:2e:cc:cf:60:d7:6d:2a:10:c6:ff:11:96:9c:71:08:a6:
|
||||||
|
4f:03:89:ad:a5:2b:a2:3b:ad:0c:c5:9f:3b:66:5e:56:10:87:
|
||||||
|
9f:e4:d4:3c:fb:ec:cb:0d:a4:38:3f:cd:b4:de:7e:d6:94:8a:
|
||||||
|
c6:33:49:9a:f9:be:b9:b3:c6:3c:3b:ed:46:fd:0a:50:79:bf:
|
||||||
|
0e:da:9e:74:0f:51:31:cd:29:a7:d0:97:42:f6:65:0b:7e:5b:
|
||||||
|
3b:c2:20:89:c5:99:9d:eb:fc:01:3a:55:1d:f0:03:4b:7c:81:
|
||||||
|
35:87:b1:0d:39:91:b8:8d:3d:19:5d:1d:79:bf:e7:c9:79:47:
|
||||||
|
95:8b:ca:14:53:c3:a0:3c:7d:c3:77:13:8c:02:44:3c:61:4b:
|
||||||
|
4b:4a:ee:90:77:0e:62:61:dd:43:46:ef:1e:fd:8a:e5:bb:91:
|
||||||
|
61:42:8a:21:7f:0f:b7:a8:6d:94:36:5e:df:c5:9e:ed:85:f8:
|
||||||
|
1a:dd:64:00:06:d5:27:0a:b9:57:86:e5:dd:59:09:51:75:c9:
|
||||||
|
44:dd:a3:a3:75:3a:fa:61:d9:ac:51:c6:bf:e8:9b:3f:2e:94:
|
||||||
|
bc:2e:9d:8d:94:d9:03:dc:ef:31:7d:23:15:98:fe:74:72:8a:
|
||||||
|
8a:0b:3b:2a:d0:38:fd:c1:20:f6:e5:69:2d:1c:08:bd:a4:26:
|
||||||
|
3d:f9:d7:82:c5:c5:41:c9:ad:98:26:9d:81:aa:2b:3e:54:1b:
|
||||||
|
37:d4:2e:a8:eb:97:6d:4e:a6:47:1d:95:c9:49:22:58:ab:b2:
|
||||||
|
26:0d:86:11:61:28:02:8d:87:21:93:19:7d:46:cc:4c:40:60:
|
||||||
|
93:77:7e:11:2e:31:9c:b5:5c:62:72:79:08:25:ac:3c:af:83:
|
||||||
|
4c:e4:20:89:c4:80:e9:d8:e0:a6:c7:3a:5e:91:6d:d8:79:11:
|
||||||
|
d9:0d:24:1d:e7:ca:86:e8:ee:73:9e:ad:3d:94:7a:98:38:a9:
|
||||||
|
76:1a:42:3e:b5:8b:a4:0d:b9:46:5f:47:b3:a0:05:f8:74:d6:
|
||||||
|
5a:85:7a:6c:4b:7e:74:01:30:a5:18:6c:94:3b:46:21:5d:46:
|
||||||
|
18:fc:18:e9:fb:ae:3e:c4:75:56:6f:50:d7:52:20:b6:f0:52:
|
||||||
|
55:a7:d0:f1:c8:04:d6:b8:a6:08:2c:68:1e:fa:fd:c3:37:5b:
|
||||||
|
75:d8:27:64:47:a6:0b:16:f5:d7:1a:63:41:1a:d2:c1:4e:b3:
|
||||||
|
97:72:18:3d:bb:43:45:ac:3a:6c:55:5d:ce:fc:aa:51:9f:02:
|
||||||
|
b4:06:80:38:a0:76:c1:fc:79:89:1b:b1:72:c8:a2:f6:e3:1d:
|
||||||
|
ee:11:fc:a7:65:fe:b8:d2
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIGxjCCBK6gAwIBAgIBZDANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJBVTEM
|
||||||
|
MAoGA1UECBMDVklDMRIwEAYDVQQHEwlNZWxib3VybmUxFDASBgNVBAoTC01hc3Rl
|
||||||
|
ciBSb290MQwwCgYDVQQLEwNTU0wxEDAOBgNVBAMTB1Jvb3QgQ0EwHhcNMjMwMTE0
|
||||||
|
MDIyNDQzWhcNMzMwMTExMDIyNDQzWjBPMQswCQYDVQQGEwJBVTEMMAoGA1UECBMD
|
||||||
|
VklDMQ0wCwYDVQQKEwRERUdFMQwwCgYDVQQLEwNTU0wxFTATBgNVBAMTDERFR0Ug
|
||||||
|
Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANebXye3uhjU
|
||||||
|
zQwZkruZd0JEOUAxn3EAy5pRQZBmPdM04pLP369VxSoCmz62AWR6DKdvgaaVXVtD
|
||||||
|
OaCR0y8UJr2siVSEg25xoCgwtcwxAQY4tofR3P8BAyPViwAP3bKWfehk5HqnNNZ8
|
||||||
|
Y6lG7V62VU/F51sGERw5FZfux4FI/yf+rbr6MVt8iVaEujpjisjCTNtxpSkdg8+O
|
||||||
|
4LKuY0tiLOgYD8TSXy8nc9jyeNhs1qq47J6HqiKq82lHUSRRK7IUaVvWgh8ZsKEV
|
||||||
|
+aTnV59F4H017GdsDiE6cizwg0acN0MXMFF9X8kMcPoZUqC6aI3dzzRFKsspXvws
|
||||||
|
E9K/14takxGEZ+iQdPxqcYm9qFcWnWg+VHtAzYPd2mPdf6Li5m6tuAWD4TD1lEKe
|
||||||
|
GZhxzKJtCptdWTmZgxqVboN7ZFtIUczMroTgjfZh/udgJtsP6a430CeASrWMxwvk
|
||||||
|
yUOA/aDw+G2r323a7+nPcVTWdW0/Vt4gpvpD1TaEkeVcTm2/qH1AIG5/qIs/0xup
|
||||||
|
OZ3DymIYB0mP7q5a49YpdZt7S2OAstAh0xU+qDTP9z1IN4BN2cx8x8zmAFCAjZw/
|
||||||
|
sl17HYWGzAw44MxQDb7L+JEAS7zjx/2NqYw9dyROyfoa/43+wVhHLVRJkTXAjqlS
|
||||||
|
DplNXibe4YgRr1acMcfuWEImOc5Iet6PAgMBAAGjggGVMIIBkTASBgNVHRMBAf8E
|
||||||
|
CDAGAQH/AgEBMB0GA1UdDgQWBBQC+8X/BEIE6WH4oNj+19N16Mz+fzCBlwYDVR0j
|
||||||
|
BIGPMIGMgBQqNnYk4S28QyQn7pu2URFS9abjnaFppGcwZTELMAkGA1UEBhMCQVUx
|
||||||
|
DDAKBgNVBAgTA1ZJQzESMBAGA1UEBxMJTWVsYm91cm5lMRQwEgYDVQQKEwtNYXN0
|
||||||
|
ZXIgUm9vdDEMMAoGA1UECxMDU1NMMRAwDgYDVQQDEwdSb290IENBggkA5touNGDl
|
||||||
|
oVowCwYDVR0PBAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIBBjAeBgNVHRIEFzAVhhNo
|
||||||
|
dHRwczovL3NzbC5kbGNtLmNvMFgGCCsGAQUFBwEBBEwwSjAkBggrBgEFBQcwAYYY
|
||||||
|
aHR0cHM6Ly9zc2wuZGxjbS5jby9vY3NwMCIGCCsGAQUFBzAChhZodHRwczovL3Nz
|
||||||
|
bC5kbGNtLmNvL2NhMCgGA1UdHwQhMB8wHaAboBmGF2h0dHBzOi8vc3NsLmRsY20u
|
||||||
|
Y28vY3JsMA0GCSqGSIb3DQEBCwUAA4ICAQCrrS/SoQBa7t+uE3Iexnjq/rFn7C7M
|
||||||
|
z2DXbSoQxv8RlpxxCKZPA4mtpSuiO60MxZ87Zl5WEIef5NQ8++zLDaQ4P8203n7W
|
||||||
|
lIrGM0ma+b65s8Y8O+1G/QpQeb8O2p50D1ExzSmn0JdC9mULfls7wiCJxZmd6/wB
|
||||||
|
OlUd8ANLfIE1h7ENOZG4jT0ZXR15v+fJeUeVi8oUU8OgPH3DdxOMAkQ8YUtLSu6Q
|
||||||
|
dw5iYd1DRu8e/Yrlu5FhQoohfw+3qG2UNl7fxZ7thfga3WQABtUnCrlXhuXdWQlR
|
||||||
|
dclE3aOjdTr6YdmsUca/6Js/LpS8Lp2NlNkD3O8xfSMVmP50coqKCzsq0Dj9wSD2
|
||||||
|
5WktHAi9pCY9+deCxcVBya2YJp2Bqis+VBs31C6o65dtTqZHHZXJSSJYq7ImDYYR
|
||||||
|
YSgCjYchkxl9RsxMQGCTd34RLjGctVxicnkIJaw8r4NM5CCJxIDp2OCmxzpekW3Y
|
||||||
|
eRHZDSQd58qG6O5znq09lHqYOKl2GkI+tYukDblGX0ezoAX4dNZahXpsS350ATCl
|
||||||
|
GGyUO0YhXUYY/Bjp+64+xHVWb1DXUiC28FJVp9DxyATWuKYILGge+v3DN1t12Cdk
|
||||||
|
R6YLFvXXGmNBGtLBTrOXchg9u0NFrDpsVV3O/KpRnwK0BoA4oHbB/HmJG7FyyKL2
|
||||||
|
4x3uEfynZf640g==
|
||||||
|
-----END CERTIFICATE-----
|
Loading…
Reference in New Issue
Block a user