Postgrey Filter configurable

Author: Dominik

install/dist/lib/fedora.lib.php

@@ -152,6 +152,9 @@ function configure_postfix($options = '')
 		//* mysql-virtual_relayrecipientmaps.cf
 		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
 
+		//* mysql-virtual_policy_greylist.cf
+		$this->process_postfix_config('mysql-virtual_policy_greylist.cf');
+
 		//* postfix-dkim
 		$full_file_name=$config_dir.'/tag_as_originating.re';
 		if(is_file($full_file_name)) {
@@ -193,13 +196,21 @@ function configure_postfix($options = '')
 		}
 		unset($rbl_hosts);
 		unset($server_ini_array);
-
+		
+		//* If Postgrey is installed, configure it
+		$greylisting = '';
+		if($conf['postgrey']['installed'] == true) {
+			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
 		//* These postconf commands will be executed on installation and update
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
-			'{rbl_list}' => $rbl_list);
+			'{rbl_list}' => $rbl_list,
+			'{greylisting}' => $greylisting,
+		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);

install/dist/lib/opensuse.lib.php

@@ -168,6 +168,9 @@ function configure_postfix($options = '')
 		//* mysql-virtual_relayrecipientmaps.cf
 		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
 
+		//* mysql-virtual_policy_greylist.cf
+		$this->process_postfix_config('mysql-virtual_policy_greylist.cf');
+
 		//* postfix-dkim
 		$full_file_name=$config_dir.'/tag_as_originating.re';
 		if(is_file($full_file_name)) {
@@ -224,12 +227,20 @@ function configure_postfix($options = '')
 		unset($rbl_hosts);
 		unset($server_ini_array);
 
+		//* If Postgrey is installed, configure it
+		$greylisting = '';
+		if($conf['postgrey']['installed'] == true) {
+			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
 		//* These postconf commands will be executed on installation and update
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
-			'{rbl_list}' => $rbl_list);
+			'{rbl_list}' => $rbl_list,
+			'{greylisting}' => $greylisting,
+		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);

install/lib/installer_base.lib.php

@@ -135,6 +135,7 @@ public function find_installed_apps() {
 
 		if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
 		if(is_installed('postfix')) $conf['postfix']['installed'] = true;
+		if(is_installed('postgrey')) $conf['postgrey']['installed'] = true;
 		if(is_installed('mailman')) $conf['mailman']['installed'] = true;
 		if(is_installed('apache') || is_installed('apache2') || is_installed('httpd') || is_installed('httpd2')) $conf['apache']['installed'] = true;
 		if(is_installed('getmail')) $conf['getmail']['installed'] = true;
@@ -704,6 +705,9 @@ public function configure_postfix($options = '') {
 		//* mysql-virtual_outgoing_bcc.cf
 		$this->process_postfix_config('mysql-virtual_outgoing_bcc.cf');
 
+                //* mysql-virtual_policy_greylist.cf
+                $this->process_postfix_config('mysql-virtual_policy_greylist.cf');
+
 		//* postfix-dkim
 		$full_file_name=$config_dir.'/tag_as_originating.re';
 		if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
@@ -742,11 +746,19 @@ public function configure_postfix($options = '') {
 		unset($rbl_hosts);
 		unset($server_ini_array);
 
+		//* If Postgrey is installed, configure it
+		$greylisting = '';
+		if($conf['postgrey']['installed'] == true) {
+			$greylisting = 'check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
+		}
+		
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
 			'{vmail_userid}' => $cf['vmail_userid'],
 			'{vmail_groupid}' => $cf['vmail_groupid'],
-			'{rbl_list}' => $rbl_list);
+			'{rbl_list}' => $rbl_list,
+			'{greylisting}' => $greylisting,
+		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
@@ -841,6 +853,10 @@ public function configure_postfix($options = '') {
 		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 
 	}
+	
+	public function configure_postgrey() {
+		
+	}
 
 	public function configure_saslauthd() {
 		global $conf;

install/sql/incremental/upd_dev_collection.sql

@@ -34,3 +34,6 @@ TXT|{DOMAIN}.|v=spf1 mx a ~all|0|3600' WHERE `dns_template`.`template_id` = 1;
 
 ALTER TABLE `mail_backup` CHANGE `filesize` `filesize` VARCHAR(20) NOT NULL DEFAULT '';
 ALTER TABLE `web_backup` CHANGE `filesize` `filesize` VARCHAR(20) NOT NULL DEFAULT '';
+
+ALTER TABLE `mail_user` ADD `greylisting` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'n' AFTER `postfix`;
+ALTER TABLE `mail_forwarding` ADD `greylisting` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'n' AFTER `active`;

install/tpl/debian_postfix.conf.master

@@ -12,7 +12,9 @@ inet_protocols=all
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
+smtpd_restriction_classes = greylisting
+greylisting = check_policy_service inet:127.0.0.1:10023 
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

install/tpl/fedora_postfix.conf.master

@@ -9,7 +9,9 @@ sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
+smtpd_restriction_classes = greylisting
+greylisting = check_policy_service inet:127.0.0.1:10023
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

install/tpl/gentoo_postfix.conf.master

@@ -8,7 +8,9 @@ virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
+smtpd_restriction_classes = greylisting
+greylisting = check_policy_service inet:127.0.0.1:10023
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

install/tpl/mysql-virtual_policy_greylist.cf.master

@@ -0,0 +1,5 @@
+user = {mysql_server_ispconfig_user}
+password = {mysql_server_ispconfig_password}
+dbname = {mysql_server_database}
+query = SELECT 'greylisting' FROM mail_user WHERE email='%s' AND greylisting='y' and server_id = {server_id}
+hosts = {mysql_server_ip}

install/tpl/opensuse_postfix.conf.master

@@ -11,7 +11,9 @@ sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}
+smtpd_restriction_classes = greylisting
+greylisting = check_policy_service inet:127.0.0.1:10023
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

interface/web/mail/form/mail_alias.tform.php

@@ -124,6 +124,12 @@
 			'default' => 'y',
 			'value'  => array(0 => 'n', 1 => 'y')
 		),
+		'greylisting' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'n',
+			'value'  => array(1 => 'y', 0 => 'n')
+		),
 		//#################################
 		// ENDE Datatable fields
 		//#################################