function postscreen($hostname = null)
{
if ($GLOBALS["EnablePostfixMultiInstance"] == 1) {
echo "Starting......: PostScreen multiple instances, running for -> {$hostname}\n";
shell_exec(LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.postfix-multi.php --postscreen {$hostname}");
}
$user = new usersMenus();
if (!$user->POSTSCREEN_INSTALLED) {
echo "Starting......: PostScreen is not installed, you should upgrade to 2.8 postfix version\n";
return;
}
$main = new maincf_multi("master", "master");
$EnablePostScreen = $main->GET("EnablePostScreen");
if ($EnablePostScreen != 1) {
echo "Starting......: PostScreen is not enabled\n";
return;
}
echo "Starting......: PostScreen configuring....\n";
if (!is_file("/etc/postfix/postscreen_access.cidr")) {
@file_put_contents("/etc/postfix/postscreen_access.cidr", "#");
}
if (!is_file("/etc/postfix/postscreen_access.hosts")) {
@file_put_contents("/etc/postfix/postscreen_access.hosts", " ");
}
postconf("postscreen_access_list", "permit_mynetworks,cidr:/etc/postfix/postscreen_access.cidr");
$postscreen_bare_newline_action = $main->GET("postscreen_bare_newline_action");
$postscreen_bare_newline_enable = $main->GET("postscreen_bare_newline_enable");
$postscreen_bare_newline_ttl = $main->GET("postscreen_bare_newline_ttl");
$postscreen_cache_cleanup_interval = $main->GET("postscreen_cache_cleanup_interval");
$postscreen_cache_retention_time = $main->GET("postscreen_cache_retention_time");
$postscreen_client_connection_count_limit = $main->GET("postscreen_client_connection_count_limit");
$postscreen_pipelining_enable = $main->GET("postscreen_pipelining_enable");
$postscreen_pipelining_action = $main->GET("postscreen_pipelining_action");
$postscreen_pipelining_ttl = $main->GET("postscreen_pipelining_ttl");
$postscreen_post_queue_limit = $main->GET("postscreen_post_queue_limit");
$postscreen_pre_queue_limit = $main->GET("postscreen_pre_queue_limit");
$postscreen_non_smtp_command_enable = $main->GET("postscreen_non_smtp_command_enable");
$postscreen_non_smtp_command_action = $main->GET("postscreen_non_smtp_command_action");
$postscreen_non_smtp_command_ttl = $main->GET("postscreen_non_smtp_command_ttl");
$postscreen_forbidden_commands = $main->GET("postscreen_forbidden_command");
$postscreen_dnsbl_action = $main->GET("postscreen_dnsbl_action");
$postscreen_dnsbl_ttl = $main->GET("postscreen_dnsbl_ttl");
$postscreen_dnsbl_threshold = $main->GET("postscreen_dnsbl_threshold");
if ($postscreen_bare_newline_action == null) {
$postscreen_bare_newline_action = "ignore";
}
if (!is_numeric($postscreen_bare_newline_enable)) {
$postscreen_bare_newline_enable = "0";
}
if ($postscreen_bare_newline_ttl == null) {
$postscreen_bare_newline_ttl = "30d";
}
if ($postscreen_cache_cleanup_interval == null) {
$postscreen_cache_cleanup_interval = "12h";
}
if ($postscreen_cache_retention_time == null) {
$postscreen_cache_retention_time = "7d";
}
if ($postscreen_client_connection_count_limit == null) {
$postscreen_client_connection_count_limit = "50";
}
if ($postscreen_pipelining_enable == null) {
$postscreen_pipelining_enable = "0";
}
if ($postscreen_pipelining_action == null) {
$postscreen_pipelining_action = "ignore";
}
if ($postscreen_pipelining_ttl == null) {
$postscreen_pipelining_ttl = "30d";
}
if ($postscreen_post_queue_limit == null) {
$postscreen_post_queue_limit = "100";
}
if ($postscreen_pre_queue_limit == null) {
$postscreen_pre_queue_limit = "100";
}
if ($postscreen_non_smtp_command_enable == null) {
$postscreen_non_smtp_command_enable = "0";
}
if ($postscreen_non_smtp_command_action == null) {
$postscreen_non_smtp_command_action = "drop";
}
if ($postscreen_non_smtp_command_ttl == null) {
$postscreen_non_smtp_command_ttl = "30d";
}
if ($postscreen_forbidden_commands == null) {
$postscreen_forbidden_commands = "CONNECT, GET, POST";
}
if ($postscreen_dnsbl_action == null) {
$postscreen_dnsbl_action = "ignore";
}
if ($postscreen_dnsbl_action == null) {
$postscreen_dnsbl_action = "ignore";
}
if ($postscreen_dnsbl_ttl == null) {
$postscreen_dnsbl_ttl = "1h";
}
if ($postscreen_dnsbl_threshold == null) {
$postscreen_dnsbl_threshold = "1";
}
if ($postscreen_bare_newline_enable == 1) {
$postscreen_bare_newline_enable = "yes";
} else {
$postscreen_bare_newline_enable = "no";
}
if ($postscreen_pipelining_enable == 1) {
$postscreen_pipelining_enable = "yes";
} else {
$postscreen_pipelining_enable = "no";
}
if ($postscreen_non_smtp_command_enable == 1) {
$postscreen_non_smtp_command_enable = "yes";
} else {
$postscreen_non_smtp_command_enable = "no";
}
postconf("postscreen_bare_newline_action", $postscreen_bare_newline_action);
postconf("postscreen_bare_newline_enable", $postscreen_bare_newline_enable);
postconf("postscreen_bare_newline_ttl", $postscreen_bare_newline_ttl);
postconf("postscreen_cache_cleanup_interval", $postscreen_cache_cleanup_interval);
postconf("postscreen_cache_retention_time", $postscreen_cache_retention_time);
postconf("postscreen_client_connection_count_limit", $postscreen_client_connection_count_limit);
postconf("postscreen_client_connection_count_limit", $postscreen_client_connection_count_limit);
postconf("postscreen_pipelining_enable", $postscreen_pipelining_enable);
postconf("postscreen_pipelining_action", $postscreen_pipelining_action);
postconf("postscreen_pipelining_ttl", $postscreen_pipelining_ttl);
postconf("postscreen_post_queue_limit", $postscreen_post_queue_limit);
postconf("postscreen_pre_queue_limit", $postscreen_pre_queue_limit);
postconf("postscreen_non_smtp_command_enable", $postscreen_non_smtp_command_enable);
postconf("postscreen_non_smtp_command_action", $postscreen_non_smtp_command_action);
postconf("postscreen_non_smtp_command_ttl", $postscreen_non_smtp_command_ttl);
postconf("postscreen_forbidden_command", $postscreen_forbidden_commands);
postconf("postscreen_dnsbl_action", $postscreen_dnsbl_action);
postconf("postscreen_dnsbl_ttl", $postscreen_dnsbl_ttl);
postconf("postscreen_dnsbl_threshold", $postscreen_dnsbl_threshold);
postconf("postscreen_cache_map", "btree:\\\$data_directory/postscreen_master_cache");
$dnsbl_array = unserialize(base64_decode($main->GET_BIGDATA("postscreen_dnsbl_sites")));
if (is_array($dnsbl_array)) {
while (list($site, $threshold) = each($dnsbl_array)) {
if ($site == null) {
continue;
}
$dnsbl_array_compiled[] = "{$site}*{$threshold}";
}
}
$final_dnsbl = null;
if (is_array($dnsbl_array_compiled)) {
$final_dnsbl = @implode(",", $dnsbl_array_compiled);
}
postconf("postscreen_dnsbl_sites", $final_dnsbl);
if (!isset($GLOBALS["CLASS_SOCKET"])) {
$GLOBALS["CLASS_SOCKET"] = new sockets();
$sock = $GLOBALS["CLASS_SOCKET"];
} else {
$sock = $GLOBALS["CLASS_SOCKET"];
}
$q = new mysql();
$sql = "SELECT * FROM postfix_whitelist_con";
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo "{$q->mysql_error}\n";
}
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$nets[] = "{$ligne["ipaddr"]}\tdunno";
$hostsname[] = "{$ligne["hostname"]}\tOK";
}
$ldap = new clladp();
$networks = $ldap->load_mynetworks();
if (is_array($networks)) {
while (list($num, $ligne) = each($networks)) {
if ($ligne == null) {
continue;
}
if (!preg_match("#[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+#", $ligne)) {
$hostsname[] = "{$ligne}\tOK";
} else {
$nets[] = "{$ligne}\tdunno";
}
}
}
if (isset($hostsname)) {
if (is_array($hostsname)) {
@file_put_contents("/etc/postfix/postscreen_access.hosts", @implode("\n", $hostsname));
}
$postscreen_access = ",hash:/etc/postfix/postscreen_access.hosts";
}
if (!is_file("/etc/postfix/postscreen_access.hosts")) {
@file_put_contents("/etc/postfix/postscreen_access.hosts", "\n");
}
shell_exec("{$GLOBALS["postmap"]} hash:/etc/postfix/postscreen_access.hosts >/dev/null 2>&1");
if (is_array($nets)) {
@file_put_contents("/etc/postfix/postscreen_access.cidr", @implode("\n", $nets));
}
postconf("postscreen_access_list", "permit_mynetworks,cidr:/etc/postfix/postscreen_access.cidr{$postscreen_access}");
MasterCFBuilder();
}
function SMTP_SASL_PROGRESS()
{
SMTP_SASL_PROGRESS_LOG("Check structure", 10);
SetSASLMech();
SMTP_SASL_PROGRESS_LOG("Enable SASL", 20);
SetSALS();
SMTP_SASL_PROGRESS_LOG("Enable TLS", 30);
SetTLS();
SMTP_SASL_PROGRESS_LOG("Smtpd Recipient Restrictions", 40);
smtpd_recipient_restrictions();
SMTP_SASL_PROGRESS_LOG("SMTP SASL Security Options", 50);
smtp_sasl_security_options();
SMTP_SASL_PROGRESS_LOG("SMTP SASL whitelisted networks", 55);
smtpd_sasl_exceptions_networks();
SMTP_SASL_PROGRESS_LOG("Build Master.cf", 60);
MasterCFBuilder();
SMTP_SASL_PROGRESS_LOG("Checks transport table", 70);
MailBoxTransport();
SMTP_SASL_PROGRESS_LOG("{reloading} SMTP MTA", 80);
ReloadPostfix(true);
SMTP_SASL_PROGRESS_LOG("{reloading} SaslAuthd", 90);
system("/etc/init.d/saslauthd restart");
SMTP_SASL_PROGRESS_LOG("{done}", 100);
}
