function postscreen($hostname = null) { if ($GLOBALS["EnablePostfixMultiInstance"] == 1) { echo "Starting......: PostScreen multiple instances, running for -> {$hostname}\n"; shell_exec(LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.postfix-multi.php --postscreen {$hostname}"); } $user = new usersMenus(); if (!$user->POSTSCREEN_INSTALLED) { echo "Starting......: PostScreen is not installed, you should upgrade to 2.8 postfix version\n"; return; } $main = new maincf_multi("master", "master"); $EnablePostScreen = $main->GET("EnablePostScreen"); if ($EnablePostScreen != 1) { echo "Starting......: PostScreen is not enabled\n"; return; } echo "Starting......: PostScreen configuring....\n"; if (!is_file("/etc/postfix/postscreen_access.cidr")) { @file_put_contents("/etc/postfix/postscreen_access.cidr", "#"); } if (!is_file("/etc/postfix/postscreen_access.hosts")) { @file_put_contents("/etc/postfix/postscreen_access.hosts", " "); } postconf("postscreen_access_list", "permit_mynetworks,cidr:/etc/postfix/postscreen_access.cidr"); $postscreen_bare_newline_action = $main->GET("postscreen_bare_newline_action"); $postscreen_bare_newline_enable = $main->GET("postscreen_bare_newline_enable"); $postscreen_bare_newline_ttl = $main->GET("postscreen_bare_newline_ttl"); $postscreen_cache_cleanup_interval = $main->GET("postscreen_cache_cleanup_interval"); $postscreen_cache_retention_time = $main->GET("postscreen_cache_retention_time"); $postscreen_client_connection_count_limit = $main->GET("postscreen_client_connection_count_limit"); $postscreen_pipelining_enable = $main->GET("postscreen_pipelining_enable"); $postscreen_pipelining_action = $main->GET("postscreen_pipelining_action"); $postscreen_pipelining_ttl = $main->GET("postscreen_pipelining_ttl"); $postscreen_post_queue_limit = $main->GET("postscreen_post_queue_limit"); $postscreen_pre_queue_limit = $main->GET("postscreen_pre_queue_limit"); $postscreen_non_smtp_command_enable = $main->GET("postscreen_non_smtp_command_enable"); $postscreen_non_smtp_command_action = $main->GET("postscreen_non_smtp_command_action"); $postscreen_non_smtp_command_ttl = $main->GET("postscreen_non_smtp_command_ttl"); $postscreen_forbidden_commands = $main->GET("postscreen_forbidden_command"); $postscreen_dnsbl_action = $main->GET("postscreen_dnsbl_action"); $postscreen_dnsbl_ttl = $main->GET("postscreen_dnsbl_ttl"); $postscreen_dnsbl_threshold = $main->GET("postscreen_dnsbl_threshold"); if ($postscreen_bare_newline_action == null) { $postscreen_bare_newline_action = "ignore"; } if (!is_numeric($postscreen_bare_newline_enable)) { $postscreen_bare_newline_enable = "0"; } if ($postscreen_bare_newline_ttl == null) { $postscreen_bare_newline_ttl = "30d"; } if ($postscreen_cache_cleanup_interval == null) { $postscreen_cache_cleanup_interval = "12h"; } if ($postscreen_cache_retention_time == null) { $postscreen_cache_retention_time = "7d"; } if ($postscreen_client_connection_count_limit == null) { $postscreen_client_connection_count_limit = "50"; } if ($postscreen_pipelining_enable == null) { $postscreen_pipelining_enable = "0"; } if ($postscreen_pipelining_action == null) { $postscreen_pipelining_action = "ignore"; } if ($postscreen_pipelining_ttl == null) { $postscreen_pipelining_ttl = "30d"; } if ($postscreen_post_queue_limit == null) { $postscreen_post_queue_limit = "100"; } if ($postscreen_pre_queue_limit == null) { $postscreen_pre_queue_limit = "100"; } if ($postscreen_non_smtp_command_enable == null) { $postscreen_non_smtp_command_enable = "0"; } if ($postscreen_non_smtp_command_action == null) { $postscreen_non_smtp_command_action = "drop"; } if ($postscreen_non_smtp_command_ttl == null) { $postscreen_non_smtp_command_ttl = "30d"; } if ($postscreen_forbidden_commands == null) { $postscreen_forbidden_commands = "CONNECT, GET, POST"; } if ($postscreen_dnsbl_action == null) { $postscreen_dnsbl_action = "ignore"; } if ($postscreen_dnsbl_action == null) { $postscreen_dnsbl_action = "ignore"; } if ($postscreen_dnsbl_ttl == null) { $postscreen_dnsbl_ttl = "1h"; } if ($postscreen_dnsbl_threshold == null) { $postscreen_dnsbl_threshold = "1"; } if ($postscreen_bare_newline_enable == 1) { $postscreen_bare_newline_enable = "yes"; } else { $postscreen_bare_newline_enable = "no"; } if ($postscreen_pipelining_enable == 1) { $postscreen_pipelining_enable = "yes"; } else { $postscreen_pipelining_enable = "no"; } if ($postscreen_non_smtp_command_enable == 1) { $postscreen_non_smtp_command_enable = "yes"; } else { $postscreen_non_smtp_command_enable = "no"; } postconf("postscreen_bare_newline_action", $postscreen_bare_newline_action); postconf("postscreen_bare_newline_enable", $postscreen_bare_newline_enable); postconf("postscreen_bare_newline_ttl", $postscreen_bare_newline_ttl); postconf("postscreen_cache_cleanup_interval", $postscreen_cache_cleanup_interval); postconf("postscreen_cache_retention_time", $postscreen_cache_retention_time); postconf("postscreen_client_connection_count_limit", $postscreen_client_connection_count_limit); postconf("postscreen_client_connection_count_limit", $postscreen_client_connection_count_limit); postconf("postscreen_pipelining_enable", $postscreen_pipelining_enable); postconf("postscreen_pipelining_action", $postscreen_pipelining_action); postconf("postscreen_pipelining_ttl", $postscreen_pipelining_ttl); postconf("postscreen_post_queue_limit", $postscreen_post_queue_limit); postconf("postscreen_pre_queue_limit", $postscreen_pre_queue_limit); postconf("postscreen_non_smtp_command_enable", $postscreen_non_smtp_command_enable); postconf("postscreen_non_smtp_command_action", $postscreen_non_smtp_command_action); postconf("postscreen_non_smtp_command_ttl", $postscreen_non_smtp_command_ttl); postconf("postscreen_forbidden_command", $postscreen_forbidden_commands); postconf("postscreen_dnsbl_action", $postscreen_dnsbl_action); postconf("postscreen_dnsbl_ttl", $postscreen_dnsbl_ttl); postconf("postscreen_dnsbl_threshold", $postscreen_dnsbl_threshold); postconf("postscreen_cache_map", "btree:\\\$data_directory/postscreen_master_cache"); $dnsbl_array = unserialize(base64_decode($main->GET_BIGDATA("postscreen_dnsbl_sites"))); if (is_array($dnsbl_array)) { while (list($site, $threshold) = each($dnsbl_array)) { if ($site == null) { continue; } $dnsbl_array_compiled[] = "{$site}*{$threshold}"; } } $final_dnsbl = null; if (is_array($dnsbl_array_compiled)) { $final_dnsbl = @implode(",", $dnsbl_array_compiled); } postconf("postscreen_dnsbl_sites", $final_dnsbl); if (!isset($GLOBALS["CLASS_SOCKET"])) { $GLOBALS["CLASS_SOCKET"] = new sockets(); $sock = $GLOBALS["CLASS_SOCKET"]; } else { $sock = $GLOBALS["CLASS_SOCKET"]; } $q = new mysql(); $sql = "SELECT * FROM postfix_whitelist_con"; $results = $q->QUERY_SQL($sql, "artica_backup"); if (!$q->ok) { echo "{$q->mysql_error}\n"; } while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) { $nets[] = "{$ligne["ipaddr"]}\tdunno"; $hostsname[] = "{$ligne["hostname"]}\tOK"; } $ldap = new clladp(); $networks = $ldap->load_mynetworks(); if (is_array($networks)) { while (list($num, $ligne) = each($networks)) { if ($ligne == null) { continue; } if (!preg_match("#[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+#", $ligne)) { $hostsname[] = "{$ligne}\tOK"; } else { $nets[] = "{$ligne}\tdunno"; } } } if (isset($hostsname)) { if (is_array($hostsname)) { @file_put_contents("/etc/postfix/postscreen_access.hosts", @implode("\n", $hostsname)); } $postscreen_access = ",hash:/etc/postfix/postscreen_access.hosts"; } if (!is_file("/etc/postfix/postscreen_access.hosts")) { @file_put_contents("/etc/postfix/postscreen_access.hosts", "\n"); } shell_exec("{$GLOBALS["postmap"]} hash:/etc/postfix/postscreen_access.hosts >/dev/null 2>&1"); if (is_array($nets)) { @file_put_contents("/etc/postfix/postscreen_access.cidr", @implode("\n", $nets)); } postconf("postscreen_access_list", "permit_mynetworks,cidr:/etc/postfix/postscreen_access.cidr{$postscreen_access}"); MasterCFBuilder(); }
function SMTP_SASL_PROGRESS() { SMTP_SASL_PROGRESS_LOG("Check structure", 10); SetSASLMech(); SMTP_SASL_PROGRESS_LOG("Enable SASL", 20); SetSALS(); SMTP_SASL_PROGRESS_LOG("Enable TLS", 30); SetTLS(); SMTP_SASL_PROGRESS_LOG("Smtpd Recipient Restrictions", 40); smtpd_recipient_restrictions(); SMTP_SASL_PROGRESS_LOG("SMTP SASL Security Options", 50); smtp_sasl_security_options(); SMTP_SASL_PROGRESS_LOG("SMTP SASL whitelisted networks", 55); smtpd_sasl_exceptions_networks(); SMTP_SASL_PROGRESS_LOG("Build Master.cf", 60); MasterCFBuilder(); SMTP_SASL_PROGRESS_LOG("Checks transport table", 70); MailBoxTransport(); SMTP_SASL_PROGRESS_LOG("{reloading} SMTP MTA", 80); ReloadPostfix(true); SMTP_SASL_PROGRESS_LOG("{reloading} SaslAuthd", 90); system("/etc/init.d/saslauthd restart"); SMTP_SASL_PROGRESS_LOG("{done}", 100); }