I am having a problem with some legitimate emails being rejected by
header and/or body checks. Both the header and body checks are from
Jeffrey Posluns' write up,without any mods.
Among the stuff being rejected is the output of pflogsumm, I run a daily
a report and email it to postmaster. I was not getting the reports so I
checked the maillog and found that these messages, among others, were
being rejected with "Your email is not using a proper character set.
...". In the case of pflogsumm, and some of the other automatic email, I
really don't have much say in its internal format.
1) As I try to control spam by using amavisd, spamassassin, clamv,
postgrey and so far seem doing OK (touch wood), are header and/or body
check worthwhile as an anti-spam measures. Could they be dropped.
2) If they are worthwhile, is there a way of not applying them to all
mail except that destined for postmaster. If I understood the
documentation it would seem that these checks are applied by "cleanup"
after the other checks have been completed and are not susceptible to
access checks. If this is the case, is there some other way of making
them conditional on recipient, something like an access list to these
checks.
=============
As I administer a very small number of virtual users I put the attached
script together to help me. Any thoughts, ways of doing the same thing
only better etc.
TIA
JLA
#!/bin/bash
#
# Copyright (C) 2007 John L Allen <j...@klam.ca>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
#
# setup global variables
# - user
# - domain
# - password
user=''
domain=''
passwd=''
#
# - paths as variables to make debugging easier
#
dovecot_dir='/etc/dovecot' # location of Dovecot users and
password files
postfix_dir='/etc/postfix/maps' # loction of postfix configuration files
uid='vmail' # uid of virtual mailboxes
gid='vmail' # gid of virtual
mailboxes
maildir='/var/mail/vhosts/' # location of virtual mailboxes
display_usage ()
{
echo "usage is ./freda options email_address [password]"
echo " options are: -a | --add Add a virtual email user, this adds
a user record to the Dovecot user file,"
echo " the Dovecot password file, and the
Postfix virtual mailbox map."
echo " "
echo " -u | --update Updates user information."
echo " The only field that can be updated
is the password."
echo " "
echo " -d | --delete Removes a user. removes entries in
all files,"
echo " includes deleting the users
/Maildir and all its content (disabled)."
echo " "
echo " -l | --lock Locks a user out by disabling their
password."
echo " "
echo " -e | --enable Unlocks a user out by enabling
their password."
echo " "
echo " Note: if the password is not entered on the command line the
user will be prompted for one."
}
#
#
#
if (( $# < 2 ))
# check
we have enough parameters
then
display_usage
# not
enough display usage data
exit 1
# bye bye
fi
if grep -q "$2" "$dovecot_dir/users";
# is this user already on file
then
if [[ "$1" == "--add" || "$1" == "-a" ]]
# yes, are we trying to add
them again
then
echo "$2 already in the dovecot user file, try
another option." # yep, and that's a problem
exit 2
# bye bye
fi
else
if ! [[ "$1" == "--add" || "$1" == "-a" ]]
# no, are we trying to update
or delete
then
echo "$2 not found in the dovecot user file,
try adding the user." # you can't update a non-existent user
exit 3
# bye bye
fi
fi
user=`echo "$2"|cut -f1 -...@`
# split the user and
domain=`echo "$2"|cut -f2 -...@`
# domain our
of the email address
if [ "$user" = "$domain" ]
# rudimentary
test of OK email address
then
echo "email address must be in the format use...@domain
" # oops
exit 4
#
fi
if [[ "$1" == "--add" || "$1" == "-a" || "$1" == "-update" || "$1"
== "-u" ]]
then
passwd=`/usr/sbin/mkpasswd --hash=md5 $3 `
# generate an encrypted PW from
given data
fi
case "$1" in
#
-a | --add )
# add
user to files, use echo to append data to existing files
# echo "$2::$uid:$gid::$maildir$domain/:/bin/false::" >>
$dovecot_dir/users # I don't user a dovecot user file
echo "$2:$passwd" >> $dovecot_dir/passwd
# add dovecot password
echo "$2 $domain/$user/" >> $postfix_dir/vmailbox
# add postfix virtual mailbox
;;
-d | --delete)
#
delete user from files
sed -i '/'"$2"'/d' $dovecot_dir/users
sed -i '/'"$2"'/d' $dovecot_dir/passwd
sed -i '/'"$2"'/d' $postfix_dir/vmailbox
# rm -fR /var/mail/vhosts/$domain/$user
# decided not to implement this
;;
-e | --enable)
#
enable a previously disabled user
sed -i 's%\(^*'"$2"'\)\(.*\)%'"$2"'\2%'
$dovecot_dir/passwd
;;
-l | --lock)
#
disable a user without deleting all their data
sed -i 's%\(^'"$2"'\)%*\1:%' $dovecot_dir/passwd
;;
-u | --update)
#
update a users data, only data that is up-datable is PW.
# turn on the following line if you need to force updates of the
Dovecot users file
# sed -i
's%\(^'"$2"'\)\(.*\)%\1::'"$uid:$gid::$maildir$domain"'/:/bin/false::%'
$dovecot_dir/users
sed -i 's%\(^'"$2"'\)\(.*\)%\1:'"$passwd"'%'
$dovecot_dir/passwd
# turn on the following line if you need to force updates of the
postfix vmailbox file
# sed -i 's%\(^'"$2"'\)\(.*\)%\1 '"$domain/$user"'/%'
$postfix_dir/vmailbox
;;
*)
# unknown option
display_usage
#
display the usage data
exit 1
esac
/usr/sbin/postmap $postfix_dir/vmailbox
ret=$?
/sbin/service postfix reload >> /dev/null
ret=( $ret + $? )
/sbin/service dovecot reload >> /dev/null
ret=( $ret + $? )
exit $ret
