From 2236646eeb810c1e6279a92c2c1546a4df251df7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?ROUSSEAU=20Cl=C3=A9ment?= <clement.rousseau@xarobase.com>
Date: Mon, 9 Dec 2019 20:03:49 +0100
Subject: [PATCH] Correction Postfix

---
 Linux/Messagerie/mail.sh | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Linux/Messagerie/mail.sh b/Linux/Messagerie/mail.sh
index 9e6fc68..731729c 100644
--- a/Linux/Messagerie/mail.sh
+++ b/Linux/Messagerie/mail.sh
@@ -127,7 +127,7 @@ then
     echo "# Configuration de Postfix #"
     echo "############################"
     echo "" > /etc/postfix/main.cf
-    echo -e "#######################\n## GENERALS SETTINGS ##\n#######################\n\nsmtpd_banner\t\t= \$myhostname ESMTP \$mail_name (Debian/GNU)\nbiff\t\t\t= no\nappend_dot_mydomain\t= no\nreadme_directory\t= no\ndelay_warning_time\t= 4h\nmailbox_command\t\t= procmail -a \"\$EXTENSION\"\nrecipient_delimiter\t= +\ndisable_vrfy_command\t= yes\nmessage_size_limit\t= 26214400\nmailbox_size_limit\t= 524288000\n\ninet_interfaces\t= all\ninet_protocols\t= ipv4\n\nmyhostname\t= $DOMAIN\nmyorigin\t= $DOMAIN\nmydestination\t= localhost localhost.\$mydomain\nmynetworks\t= 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128\nrelayhost\t= \n\nalias_maps\t= hash:/etc/aliases\nalias_database\t= hash:/etc/aliases\n\n##################\n##    MILTERS   ##\n##################\n\nmilter_protocol = 6\nmilter_default_action = accept\nsmtpd_milters = unix:/opendkim/opendkim.sock, unix:/opendmarc/opendmarc.sock, unix:/clamav/clamav-milter.ctl\nnon_smtpd_milters = unix:/opendkim/opendkim.sock\n\n####################\n## TLS PARAMETERS ##\n####################\n# Smtp ( OUTGOING / Client )\nsmtp_tls_loglevel\t\t= 1\nsmtp_tls_security_level\t\t= may\nsmtp_tls_CAfile\t\t\t= /etc/ssl/certs/ca.cert.pem\nsmtp_tls_protocols\t\t= !SSLv3\nsmtp_tls_mandatory_protocols\t= !SSLv3\nsmtp_tls_mandatory_ciphers\t= high\nsmtp_tls_exclude_ciphers\t= aNULL, eNULL, EXPORT, DES, DES, RC2, RC4, MD5, PSK, SRP, DSS, AECDH, ADH\nsmtp_tls_note_starttls_offer\t= yes\n\n# Smtpd ( INCOMING / Server )\nsmtpd_tls_loglevel\t\t= 1\nsmtpd_tls_auth_only\t\t= yes\nsmtpd_tls_security_level\t= may\nsmtpd_tls_received_header\t= yes\nsmtpd_tls_protocols\t\t= !SSLv3\nsmtpd_tls_mandatory_protocols\t= !SSLv3\nsmtpd_tls_mandatory_ciphers\t= medium\nsmtpd_tls_CAfile\t\t= \$smtp_tls_CAfile\nsmtpd_tls_cert_file\t\t= etc/ssl/certs/mailserver.crt\nsmtpd_tls_key_file\t\t= /etc/ssl/private/mailserver.key\nsmtpd_tls_dh1024_param_file\t= \$config_directory/dh2048.pem\nsmtpd_tls_dh512_param_file\t= \$config_directory/dh512.pem\n\ntls_preempt_cipherlist\t= yes\ntls_random_source\t= dev:/dev/urandom\n\nsmtp_tls_session_cache_database\t\t= btree:\${data_directory}/smtp_scache\nsmtpd_tls_session_cache_database\t= tree:\${data_directory}/smtpd_scache\nlmtp_tls_session_cache_database\t\t= btree:\${data_directory}/lmtp_scache\n\n#####################\n## SASL PARAMETERS ##\n#####################\n\nsmtpd_sasl_auth_enable\t\t= yes\nsmtpd_sasl_type\t\t\t= dovecot\nsmtpd_sasl_path\t\t\t= private/auth\nsmtpd_sasl_security_options\t= noanonymous\nsmtpd_sasl_tls_security_options\t= \$smtpd_sasl_security_options\nsmtpd_sasl_local_domain\t\t= \$mydomain\nsmtpd_sasl_authenticated_header\t= yes\n\n##############################\n## VIRTUALS MAPS PARAMETERS ##\n##############################\n\nvirtual_uid_maps\t= static:5000\nvirtual_gid_maps\t= static:5000\nvirtual_minimum_uid\t= 5000\nvirtual_mailbox_base\t= /var/mail\nvirtual_transport\t= lmtp:unix:private/dovecot-lmtp\nvirtual_mailbox_domains\t= mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf\nvirtual_mailbox_maps\t= mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf\nvirtual_alias_maps\t= mysql:/etc/postfix/mysql-virtual-alias-maps.cf\nsmtpd_sender_login_maps\t= mysql:/etc/postfix/mysql-sender-ogin-maps.cf\n\n######################\n## ERRORS REPORTING ##\n######################\n\nbounce_template_file\t= /etc/postfix/bounce.cf\n\nnotify_classes\t\t= resource, software\n\nerror_notice_recipient\t= $POSTFIXADMIN_ADMIN@$DOMAIN\n\n##################\n## RESTRICTIONS ##\n##################\n\nmime_header_checks\t= regexp:/etc/postfix/header_checks\nheader_checks\t\t= regexp:/etc/postfix/header_checks\n\nsmtpd_recipient_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_non_fqdn_recipient,\n\treject_unauth_destination,\n\treject_unknown_recipient_domain,\n\treject_unlisted_recipient,\n\treject_rbl_client zen.spamhaus.org\n\nsmtpd_reject_unlisted_sender = yes\n\nsmtpd_sender_restrictions =\n\treject_non_fqdn_sender,\n\treject_unknown_sender_domain,\n\treject_sender_login_mismatch,\n\treject_authenticated_sender_login_mismatch,\n\treject_rhsbl_sender dbl.spamhaus.org,\n\treject_unlisted_sender\n\nsmtpd_helo_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_invalid_helo_hostname,\n\treject_non_fqdn_helo_hostname,\n\treject_unknown_helo_hostname\n\nsmtpd_helo_required = yes\n\nsmtpd_client_restrictions =\n\tpermit_mynetworks,\n\tpermit_inet_interfaces,\n\tpermit_sasl_authenticated,\n\treject_unauth_pipelining\n\nsmtpd_relay_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_unauth_destination" >> /etc/postfix/main.cf
+    echo -e "#######################\n## GENERALS SETTINGS ##\n#######################\n\nsmtpd_banner\t\t= \$myhostname ESMTP \$mail_name (Debian/GNU)\nbiff\t\t\t= no\nappend_dot_mydomain\t= no\nreadme_directory\t= no\ndelay_warning_time\t= 4h\nmailbox_command\t\t= procmail -a \"\$EXTENSION\"\nrecipient_delimiter\t= +\ndisable_vrfy_command\t= yes\nmessage_size_limit\t= 26214400\nmailbox_size_limit\t= 524288000\n\ninet_interfaces\t= all\ninet_protocols\t= ipv4\n\nmyhostname\t= $DOMAIN\nmyorigin\t= $DOMAIN\nmydestination\t= localhost localhost.\$mydomain\nmynetworks\t= 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128\nrelayhost\t= \n\nalias_maps\t= hash:/etc/aliases\nalias_database\t= hash:/etc/aliases\n\n##################\n##    MILTERS   ##\n##################\n\nmilter_protocol = 6\nmilter_default_action = accept\nsmtpd_milters = unix:/opendkim/opendkim.sock, unix:/opendmarc/opendmarc.sock, unix:/clamav/clamav-milter.ctl\nnon_smtpd_milters = unix:/opendkim/opendkim.sock\n\n####################\n## TLS PARAMETERS ##\n####################\n# Smtp ( OUTGOING / Client )\nsmtp_tls_loglevel\t\t= 1\nsmtp_tls_security_level\t\t= may\nsmtp_tls_CAfile\t\t\t= /etc/ssl/certs/ca.cert.pem\nsmtp_tls_protocols\t\t= !SSLv3\nsmtp_tls_mandatory_protocols\t= !SSLv3\nsmtp_tls_mandatory_ciphers\t= high\nsmtp_tls_exclude_ciphers\t= aNULL, eNULL, EXPORT, DES, DES, RC2, RC4, MD5, PSK, SRP, DSS, AECDH, ADH\nsmtp_tls_note_starttls_offer\t= yes\n\n# Smtpd ( INCOMING / Server )\nsmtpd_tls_loglevel\t\t= 1\nsmtpd_tls_auth_only\t\t= yes\nsmtpd_tls_security_level\t= may\nsmtpd_tls_received_header\t= yes\nsmtpd_tls_protocols\t\t= !SSLv3\nsmtpd_tls_mandatory_protocols\t= !SSLv3\nsmtpd_tls_mandatory_ciphers\t= medium\nsmtpd_tls_CAfile\t\t= \$smtp_tls_CAfile\nsmtpd_tls_cert_file\t\t= /etc/ssl/certs/mailserver.crt\nsmtpd_tls_key_file\t\t= /etc/ssl/private/mailserver.key\nsmtpd_tls_dh1024_param_file\t= \$config_directory/dh2048.pem\nsmtpd_tls_dh512_param_file\t= \$config_directory/dh512.pem\n\ntls_preempt_cipherlist\t= yes\ntls_random_source\t= dev:/dev/urandom\n\nsmtp_tls_session_cache_database\t\t= btree:\${data_directory}/smtp_scache\nsmtpd_tls_session_cache_database\t= btree:\${data_directory}/smtpd_scache\nlmtp_tls_session_cache_database\t\t= btree:\${data_directory}/lmtp_scache\n\n#####################\n## SASL PARAMETERS ##\n#####################\n\nsmtpd_sasl_auth_enable\t\t= yes\nsmtpd_sasl_type\t\t\t= dovecot\nsmtpd_sasl_path\t\t\t= private/auth\nsmtpd_sasl_security_options\t= noanonymous\nsmtpd_sasl_tls_security_options\t= \$smtpd_sasl_security_options\nsmtpd_sasl_local_domain\t\t= \$mydomain\nsmtpd_sasl_authenticated_header\t= yes\n\n##############################\n## VIRTUALS MAPS PARAMETERS ##\n##############################\n\nvirtual_uid_maps\t= static:5000\nvirtual_gid_maps\t= static:5000\nvirtual_minimum_uid\t= 5000\nvirtual_mailbox_base\t= /var/mail\nvirtual_transport\t= lmtp:unix:private/dovecot-lmtp\nvirtual_mailbox_domains\t= mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf\nvirtual_mailbox_maps\t= mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf\nvirtual_alias_maps\t= mysql:/etc/postfix/mysql-virtual-alias-maps.cf\nsmtpd_sender_login_maps\t= mysql:/etc/postfix/mysql-sender-login-maps.cf\n\n######################\n## ERRORS REPORTING ##\n######################\n\nbounce_template_file\t= /etc/postfix/bounce.cf\n\nnotify_classes\t\t= resource, software\n\nerror_notice_recipient\t= $POSTFIXADMIN_ADMIN@$DOMAIN\n\n##################\n## RESTRICTIONS ##\n##################\n\nmime_header_checks\t= regexp:/etc/postfix/header_checks\nheader_checks\t\t= regexp:/etc/postfix/header_checks\n\nsmtpd_recipient_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_non_fqdn_recipient,\n\treject_unauth_destination,\n\treject_unknown_recipient_domain,\n\treject_unlisted_recipient,\n\treject_rbl_client zen.spamhaus.org\n\nsmtpd_reject_unlisted_sender = yes\n\nsmtpd_sender_restrictions =\n\treject_non_fqdn_sender,\n\treject_unknown_sender_domain,\n\treject_sender_login_mismatch,\n\treject_authenticated_sender_login_mismatch,\n\treject_rhsbl_sender dbl.spamhaus.org,\n\treject_unlisted_sender\n\nsmtpd_helo_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_invalid_helo_hostname,\n\treject_non_fqdn_helo_hostname,\n\treject_unknown_helo_hostname\n\nsmtpd_helo_required = yes\n\nsmtpd_client_restrictions =\n\tpermit_mynetworks,\n\tpermit_inet_interfaces,\n\tpermit_sasl_authenticated,\n\treject_unauth_pipelining\n\nsmtpd_relay_restrictions =\n\tpermit_mynetworks,\n\tpermit_sasl_authenticated,\n\treject_unauth_destination" >> /etc/postfix/main.cf
     echo "" > /etc/postfix/bounce.cf
     echo -e "failure_template = <<EOF\nCharset: UTF-8\nFrom: postmaster (Message systeme)\nSubject: Message non transmis\nPostmaster-Subject: Postmaster Copy: Message non transmis\n\nCeci est un message automatique du serveur $myhostname.\n\nNous sommes désolés de vous informer que votre message n'a pas pu\netre acheminé à un ou plusieurs destinataires.\nLe détail est expliqué ci dessous.\n\nPour une assistance, envoyez un e-mail à l'administrateur de\nvotre messagerie : postmaster@xarobase.com\n\nSi vous le faites, merci d'inclure ce message d'erreur dans\nvotre courriel.\n\n Le serveur de messagerie.\n\nMessage d'erreur :\nEOF\n\ndelay_template = <<EOF\nCharset: UTF-8\nFrom: postmaster (Message systeme)\nSubject: Message mis en attente.\nPostmaster-Subject: Postmaster Warning: Delayed Mail\n\nCeci est un message automatique du serveur $myhostname.\n\n##############################################################################\n#C'EST UN SIMPLE AVERTISSEMENT, VOUS N'AVEZ PAS BESOIN DE RENVOYER UN MESSAGE#\n##############################################################################\n\nVotre message ne peut pas être délivré avant un délai de $delay_warning_time_hours heures.\n\nDes tentatives de renvoi seront effectuées durant : $maximal_queue_lifetime_days jours.\n\nPour une assistance, envoyez un e-mail à l'administrateur de\nvotre messagerie : postmaster@xarobase.com\n\nSi vous le faites, merci d'inclure ce message d'erreur dans\nvotre courriel.\n\n Le serveur de messagerie.\n\nMessage :\nEOF\n\nsuccess_template = <<EOF\nCharset: UTF-8\nFrom: postmaster (Message systeme)\nSubject: Message correctement transmis\n\nCeci est un message automatique du serveur $myhostname.\n\nVotre message a correctement été envoyé aux destinataires listés ci-dessous\nSi le message a bien été délivré dans la boite de réception de votre destinataire,\nvous ne recevrez pas d'autre notification.\n\nSi non, vous pourriez recevoir des notifications provenant du système de messagerie\nde votre destinataire.\n\n Le serveur de messagerie.\n\nMessage :\nEOF\n\nverify_template = <<EOF\nCharset: UTF-8\nFrom: postmaster (Message systeme)\nSubject: Rapport de transmission de message\n\nCeci est un message automatique du serveur $myhostname.\n\nLe rapport de transmission de message que vous avez demandé est en pièce jointe.\n\n Le serveur de messagerie.\n\nMessage d'erreur :\nEOF" >> /etc/postfix/bounce.cf
     echo "" > /etc/postfix/master.cf
@@ -135,6 +135,7 @@ then
     echo "" > /etc/postfix/header_checks
     echo -e "/^Received:.*with ESMTPSA/\tIGNORE\n/^X-Originating-IP:/\t\tIGNORE\n/^X-Mailer:/\t\t\tIGNORE\n/^User-Agent:/\t\t\tIGNORE" >> /etc/postfix/header_checks
     postmap /etc/postfix/header_checks
+    postalias /etc/aliases
     echo "-- Fichiers créés !"
     cd /etc/ssl/
     openssl genrsa -out ca.key.pem 4096
@@ -391,6 +392,6 @@ echo "Vous disposé maintenant des services suivant : "
 if [ $MAIL == 'O' ];
 then
 	echo "-- Service MAIL"
-	echo "Vous pouvez vous connecter à l'interface web d'administration PostfixAdmin "
+	echo "Vous pouvez vous connecter à l'interface web d'administration PostfixAdmin http://$HOSTNAME.$DOMAIN:8083/setup.php"
 	echo "Un redémarrage est nécessaire !"
 fi