[Postfix] Remove smtpd_last_auth service; replaced by SASL logging in Dovecot LUA auth process

master
andryyy 2021-06-04 14:29:28 +02:00
parent 6d22ae8d02
commit 51e3521aac
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
5 changed files with 0 additions and 30 deletions

View File

@ -45,7 +45,6 @@ COPY postfix.sh /opt/postfix.sh
COPY rspamd-pipe-ham /usr/local/bin/rspamd-pipe-ham COPY rspamd-pipe-ham /usr/local/bin/rspamd-pipe-ham
COPY rspamd-pipe-spam /usr/local/bin/rspamd-pipe-spam COPY rspamd-pipe-spam /usr/local/bin/rspamd-pipe-spam
COPY whitelist_forwardinghosts.sh /usr/local/bin/whitelist_forwardinghosts.sh COPY whitelist_forwardinghosts.sh /usr/local/bin/whitelist_forwardinghosts.sh
COPY smtpd_last_login.sh /usr/local/bin/smtpd_last_login.sh
COPY stop-supervisor.sh /usr/local/sbin/stop-supervisor.sh COPY stop-supervisor.sh /usr/local/sbin/stop-supervisor.sh
COPY docker-entrypoint.sh /docker-entrypoint.sh COPY docker-entrypoint.sh /docker-entrypoint.sh
@ -53,7 +52,6 @@ RUN chmod +x /opt/postfix.sh \
/usr/local/bin/rspamd-pipe-ham \ /usr/local/bin/rspamd-pipe-ham \
/usr/local/bin/rspamd-pipe-spam \ /usr/local/bin/rspamd-pipe-spam \
/usr/local/bin/whitelist_forwardinghosts.sh \ /usr/local/bin/whitelist_forwardinghosts.sh \
/usr/local/bin/smtpd_last_login.sh \
/usr/local/sbin/stop-supervisor.sh /usr/local/sbin/stop-supervisor.sh
RUN rm -rf /tmp/* /var/tmp/* RUN rm -rf /tmp/* /var/tmp/*

View File

@ -395,9 +395,6 @@ if [[ ! -f /opt/postfix/conf/custom_postscreen_whitelist.cidr ]]; then
EOF EOF
fi fi
# Fix SMTP last login on slaves
sed -i "s/__REDIS_SLAVEOF_IP__/${REDIS_SLAVEOF_IP}/g" /usr/local/bin/smtpd_last_login.sh
# Fix Postfix permissions # Fix Postfix permissions
chown -R root:postfix /opt/postfix/conf/sql/ /opt/postfix/conf/custom_transport.pcre chown -R root:postfix /opt/postfix/conf/sql/ /opt/postfix/conf/custom_transport.pcre
chmod 640 /opt/postfix/conf/sql/*.cf /opt/postfix/conf/custom_transport.pcre chmod 640 /opt/postfix/conf/sql/*.cf /opt/postfix/conf/custom_transport.pcre

View File

@ -1,23 +0,0 @@
#!/bin/bash
REDIS_SLAVEOF_IP=__REDIS_SLAVEOF_IP__
# Do not attempt to write to slave
if [[ ! -z ${REDIS_SLAVEOF_IP} ]]; then
REDIS_CMDLINE="redis-cli -h ${REDIS_SLAVEOF_IP} -p ${REDIS_SLAVEOF_PORT}"
else
REDIS_CMDLINE="redis-cli -h redis -p 6379"
fi
while read QUERY; do
QUERY=($QUERY)
# If nothing matched, end here - Postfix last line will be empty
if [[ -z "$(echo ${QUERY[0]} | tr -d '\040\011\012\015')" ]]; then
echo -ne "action=dunno\n\n"
# We found a username, log and return
elif [[ "${QUERY[0]}" =~ sasl_username ]]; then
MUSER=$(printf "%q" ${QUERY[0]#sasl_username=})
${REDIS_CMDLINE} SET "last-login/smtp/$MUSER" "$(date +%s)"
echo -ne "action=dunno\n\n"
fi
done

View File

@ -193,7 +193,6 @@ smtp_sasl_auth_soft_bounce = no
postscreen_discard_ehlo_keywords = silent-discard, dsn postscreen_discard_ehlo_keywords = silent-discard, dsn
compatibility_level = 2 compatibility_level = 2
smtputf8_enable = no smtputf8_enable = no
smtpd_last_auth = check_policy_service inet:127.0.0.1:10028
# Define protocols for SMTPS and submission service # Define protocols for SMTPS and submission service
submission_smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 submission_smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtps_smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 smtps_smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1

View File

@ -125,7 +125,6 @@ smtp_sender_cleanup unix n - y - 0 cleanup
# start whitelist_fwd # start whitelist_fwd
127.0.0.1:10027 inet n n n - 0 spawn user=nobody argv=/usr/local/bin/whitelist_forwardinghosts.sh 127.0.0.1:10027 inet n n n - 0 spawn user=nobody argv=/usr/local/bin/whitelist_forwardinghosts.sh
127.0.0.1:10028 inet n n n - 0 spawn user=nobody argv=/usr/local/bin/smtpd_last_login.sh
# end whitelist_fwd # end whitelist_fwd
# start watchdog-specific # start watchdog-specific