Keep reject-sender-mismatch-setting also when updating

Fixed missing parts for greylist, rbl in gentoo

Author: Dominik

install/dist/lib/fedora.lib.php

@@ -198,23 +198,28 @@ function configure_postfix($options = '')
 			}
 		}
 		unset($rbl_hosts);
-		unset($server_ini_array);
 
 		//* If Postgrey is installed, configure it
 		$greylisting = '';
 		if($conf['postgrey']['installed'] == true) {
-			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
 		}
 
-		//* These postconf commands will be executed on installation and update
+		$reject_sender_login_mismatch = '';
+		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+		}
+		unset($server_ini_array);
+		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
+			'{reject_slm}' => $reject_sender_login_mismatch,
 		);
-
+		
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
 		$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines

install/dist/lib/gentoo.lib.php

@@ -81,11 +81,40 @@ public function configure_postfix($options = '')
 		}
 
 		//* These postconf commands will be executed on installation and update
+		$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM `" . $this->db->quote($conf["mysql"]["database"]) . "`.`server` WHERE server_id = ".$conf['server_id']);
+		$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
+		unset($server_ini_rec);
+
+		//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
+		$rbl_list = '';
+		if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
+			$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
+			foreach ($rbl_hosts as $key => $value) {
+				$rbl_list .= ", reject_rbl_client ". $value;
+			}
+		}
+		unset($rbl_hosts);
+
+		//* If Postgrey is installed, configure it
+		$greylisting = '';
+		if($conf['postgrey']['installed'] == true) {
+			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
+		$reject_sender_login_mismatch = '';
+		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+		}
+		unset($server_ini_array);
+		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
-			'{rbl_list}' => $rbl_list);
+			'{rbl_list}' => $rbl_list,
+			'{greylisting}' => $greylisting,
+			'{reject_slm}' => $reject_sender_login_mismatch,
+		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_postfix.conf.master', 'tpl/gentoo_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);

install/dist/lib/opensuse.lib.php

@@ -228,23 +228,28 @@ function configure_postfix($options = '')
 			}
 		}
 		unset($rbl_hosts);
-		unset($server_ini_array);
 
 		//* If Postgrey is installed, configure it
 		$greylisting = '';
 		if($conf['postgrey']['installed'] == true) {
-			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
 		}
 
-		//* These postconf commands will be executed on installation and update
+		$reject_sender_login_mismatch = '';
+		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+		}
+		unset($server_ini_array);
+		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
+			'{reject_slm}' => $reject_sender_login_mismatch,
 		);
-
+		
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
 		$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines

install/lib/installer_base.lib.php

@@ -748,20 +748,26 @@ public function configure_postfix($options = '') {
 			}
 		}
 		unset($rbl_hosts);
-		unset($server_ini_array);
 
 		//* If Postgrey is installed, configure it
 		$greylisting = '';
 		if($conf['postgrey']['installed'] == true) {
-			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
+		$reject_sender_login_mismatch = '';
+		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
 		}
+		unset($server_ini_array);
 
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
+			'{reject_slm}' => $reject_sender_login_mismatch,
 		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');

install/tpl/debian_postfix.conf.master

@@ -24,7 +24,7 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
-smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
+smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1

install/tpl/fedora_postfix.conf.master

@@ -21,7 +21,7 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
-smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
+smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1

install/tpl/gentoo_postfix.conf.master

@@ -20,7 +20,7 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
-smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
+smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1

install/tpl/opensuse_postfix.conf.master

@@ -23,7 +23,7 @@ relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
-smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
+smtpd_sender_restrictions = check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf regexp:{config_dir}/tag_as_originating.re{reject_slm}, permit_mynetworks, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1