From 1ead9453f3dfc28cf797aafbcc7b6e56b69c4770 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 12 Jul 2012 21:13:27 -0700 Subject: small improvements --- tools/makefile | 3 ++ tools/qmail | 8 ++-- tools/qmail-tls-check_certs | 18 ++++++++- tools/spamassassin | 89 +++++++++++++++++++++++++++++++++++++++++++++ tools/spamassassin.default | 31 ++++++++++++++++ 5 files changed, 144 insertions(+), 5 deletions(-) create mode 100755 tools/spamassassin create mode 100644 tools/spamassassin.default (limited to 'tools') diff --git a/tools/makefile b/tools/makefile index dbe4806..d1c91ae 100644 --- a/tools/makefile +++ b/tools/makefile @@ -25,6 +25,9 @@ install: cp pop3.conf /etc/stunnel/ chmod 640 /var/qmail/control/*.crtkey chown qmaild /var/qmail/control/*.crtkey + install qmail-tls-check_certs /var/qmail/bin/ + install spamassassin /etc/init.d/ + install spamassassin.default /etc/default/spamassassin /etc/tcpserver/smtp.rules : ./mk_smtp_rules diff --git a/tools/qmail b/tools/qmail index 73a872c..f58a5c7 100755 --- a/tools/qmail +++ b/tools/qmail @@ -16,6 +16,8 @@ nofiles=$(id -g qmaild ) filters=/var/qmail/control/filters.conf smtpconf=/etc/stunnel/smtp.conf pop3conf=/etc/stunnel/pop3.conf +PEM=/etc/stunnel/stunnel.pem +CDB=/etc/tcpserver/smtp.cdb ## Plain smtp never asks for a password, ## and will not relay except from inside the firewall. @@ -159,8 +161,7 @@ case "$verb" in HI_Q_CONF="$filters" \ QMAILQUEUE="/var/qmail/bin/hi-q" \ $PIDO /var/run/$proc.pid \ - $tcps -R -x/etc/tcpserver/smtp.cdb \ - -u$qmaild -g$nofiles $mailhost smtp \ + $tcps -R -x$CDB -u$qmaild -g$nofiles $mailhost smtp \ qmail-smtpd 2>&1 \ | splogger smtp & proc_ok $proc @@ -247,11 +248,12 @@ case "$verb" in fi done for file in $pop3conf $smtpconf $filters \ - /etc/tcpserver/smtp.cdb ; do + $CDB $PEM ; do if ! test -r "$file" ; then echo "Beware: file '$file' is missing." fi done + /var/qmail/bin/qmail-tls-check_certs -server ;; *) echo "Usage: $0 {start|stop|reload|zap|restart|status}" diff --git a/tools/qmail-tls-check_certs b/tools/qmail-tls-check_certs index d8f97de..0d73596 100755 --- a/tools/qmail-tls-check_certs +++ b/tools/qmail-tls-check_certs @@ -29,11 +29,25 @@ for trydir in $dirlist ; do fi done if test -z "$dir" ; then - 1>&2 echo "Cannot find any control director ($dirlist)" + 1>&2 echo "Cannot find any control directory ($dirlist)" exit 1 fi -for cert in servercert.pem clientcert.pem ; do +certlist="" +for arg in "$@" ; do + case $arg in + -server) certlist="$certlist servercert.pem" ;; + -client) certlist="$certlist clientcert.pem" ;; + *) 1>&2 echo "Unrecognized verbiage: '$arg'" + exit 1 + esac +done + +if test -z "$certlist" ; then + certlist="servercert.pem clientcert.pem" +fi + +for cert in $certlist ; do if ! test -f "$dir/$cert"; then echo "Certificate missing: $dir/$cert" else diff --git a/tools/spamassassin b/tools/spamassassin new file mode 100755 index 0000000..781adb9 --- /dev/null +++ b/tools/spamassassin @@ -0,0 +1,89 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: spamassassin +# Required-Start: $remote_fs +# Required-Stop: $remote_fs +# Should-Start: $network $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +### END INIT INFO + +# Spamd init script +# June 2002 +# Duncan Findlay + +# Based on skeleton by Miquel van Smoorenburg and Ian Murdock + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/spamd +DAEMON=/usr/local/bin/spamd ## jsd +NAME=spamd +SNAME=spamassassin +DESC="SpamAssassin Mail Filter Daemon" +PIDFILE="/var/run/$NAME.pid" +XNAME=/usr/bin/perl + +export TMPDIR=/tmp +# Apparently people have trouble if this isn't explicitly set... + +# Defaults - don't touch, edit /etc/default/spamassassin +ENABLED=0 +OPTIONS="" +NICE= + +. /lib/lsb/init-functions + +test -f /etc/default/spamassassin && . /etc/default/spamassassin + +DOPTIONS="-d --pidfile=$PIDFILE" + +if [ "$ENABLED" = "0" ]; then + echo "$DESC: disabled, see /etc/default/spamassassin" + exit 0 +fi + +test -f $DAEMON || exit 0 + +set -e + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon --start --pidfile $PIDFILE --exec $XNAME \ + $NICE --oknodo --startas $DAEMON -- $OPTIONS $DOPTIONS + echo "$NAME." + ;; + + stop) + echo -n "Stopping $DESC: " + start-stop-daemon --stop --pidfile $PIDFILE --exec $XNAME --oknodo + echo "$NAME." + ;; + + reload|force-reload) + echo -n "Reloading $DESC: " + start-stop-daemon --stop --pidfile $PIDFILE --signal HUP --exec $XNAME + echo "$NAME." + ;; + + restart) + echo -n "Restarting $DESC: " + start-stop-daemon --stop --pidfile $PIDFILE --exec $XNAME \ + --retry 5 --oknodo + start-stop-daemon --start --pidfile $PIDFILE --exec $XNAME \ + $NICE --oknodo --startas $DAEMON -- $OPTIONS $DOPTIONS + + echo "$NAME." + ;; + status) + status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $? + ;; + *) + N=/etc/init.d/$SNAME + echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/tools/spamassassin.default b/tools/spamassassin.default new file mode 100644 index 0000000..dc44da0 --- /dev/null +++ b/tools/spamassassin.default @@ -0,0 +1,31 @@ +# /etc/default/spamassassin +# Duncan Findlay + +# WARNING: please read README.spamd before using. +# There may be security risks. + +# Change to one to enable spamd +ENABLED=1 + +# Options +# See man spamd for possible options. The -d option is automatically added. + +# SpamAssassin uses a preforking model, so be careful! You need to +# make sure --max-children is not set to anything higher than 5, +# unless you know what you're doing. + +OPTIONS="--create-prefs --max-children 5 --helper-home-dir" + +# Pid file +# Where should spamd write its PID to file? If you use the -u or +# --username option above, this needs to be writable by that user. +# Otherwise, the init script will not be able to shut spamd down. +PIDFILE="/var/run/spamd.pid" + +# Set nice level of spamd +#NICE="--nicelevel 15" + +# Cronjob +# Set to anything but 0 to enable the cron job to automatically update +# spamassassin's rules on a nightly basis +CRON=0 -- cgit v1.2.3