From ba179a860e32721a17da9d0aece5f84a78dc7743 Mon Sep 17 00:00:00 2001 From: fliu <10025-fliu@users.noreply.salsa.debian.org> Date: Mon, 21 Jun 2021 01:02:29 +0000 Subject: [PATCH] email: Set up local delivery (no spam filtering) Hosts file: 192.168.56.101 host1.test.example virtualbox 10.42.0.101 host2.test.example freedombox Container setup (run commands in container) 1. Install the email server module 2. Create a FreedomBox account for `fred` 3. $ sudo postconf myhostname=host2.test.example $ echo "contactfred: fred" | sudo tee -a /etc/aliases $ sudo newaliases $ sudo systemctl reload postfix Test IMAP (run on host1.test.example) $ swaks --to=contactfred@host2.test.example --from=spam@host1.test.example $ mutt -f imaps://fred@host2.test.example Test mail submission (run in container): $ swaks --to=spam@host1.test.example --from=contactfred@host2.test.example \ --server host2.test.example:587 --tlso --auth-user=fred --- plinth/modules/email_server/__init__.py | 4 ++++ plinth/modules/email_server/audit/ldap.py | 4 +++- .../dovecot/conf.d/05-freedombox-auth.conf | 22 +++++++++++++++++++ .../dovecot/conf.d/90-freedombox-master.conf | 18 +++++++++++++++ .../dovecot/freedombox-ldap-passdb.conf.ext | 8 +++++++ .../dovecot/freedombox-ldap-userdb.conf.ext | 18 +++++++++++++++ 6 files changed, 73 insertions(+), 1 deletion(-) create mode 100644 plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-auth.conf create mode 100644 plinth/modules/email_server/data/etc/dovecot/conf.d/90-freedombox-master.conf create mode 100644 plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-passdb.conf.ext create mode 100644 plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-userdb.conf.ext diff --git a/plinth/modules/email_server/__init__.py b/plinth/modules/email_server/__init__.py index 72bdfba3f..ea1e02aeb 100644 --- a/plinth/modules/email_server/__init__.py +++ b/plinth/modules/email_server/__init__.py @@ -8,6 +8,7 @@ import plinth.app import plinth.daemon import plinth.frontpage import plinth.menu +from plinth import actions from plinth.modules.firewall.components import Firewall from . import audit @@ -95,3 +96,6 @@ def setup(helper, old_version=None): """Installs and configures module""" helper.install(managed_packages) helper.call('post', audit.ldap.repair) + helper.call('post', app.enable) + for service_name in managed_services: + actions.superuser_run('service', ['reload', service_name]) diff --git a/plinth/modules/email_server/audit/ldap.py b/plinth/modules/email_server/audit/ldap.py index 10123eec7..3b2376789 100644 --- a/plinth/modules/email_server/audit/ldap.py +++ b/plinth/modules/email_server/audit/ldap.py @@ -9,7 +9,9 @@ from . import models default_config = { 'smtpd_sasl_auth_enable': 'yes', 'smtpd_sasl_type': 'dovecot', - 'smtpd_sasl_path': 'private/auth' + 'smtpd_sasl_path': 'private/auth', + 'mailbox_transport': 'lmtp:unix:private/dovecot-lmtp', + 'virtual_transport': 'lmtp:unix:private/dovecot-lmtp' } submission_flags = postconf.ServiceFlags( diff --git a/plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-auth.conf b/plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-auth.conf new file mode 100644 index 000000000..b8b027b42 --- /dev/null +++ b/plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-auth.conf @@ -0,0 +1,22 @@ +# Direct edits to this file will be lost! +# Manage your settings on Plinth + +auth_mechanisms = plain login + +passdb { + driver = ldap + args = /etc/dovecot/freedombox-ldap-passdb.conf.ext + # Block the default passdb lookup (pam, 10-auth.conf) + result_failure = return-fail + result_internalfail = return-fail + result_success = return-ok +} + +userdb { + driver = ldap + args = /etc/dovecot/freedombox-ldap-userdb.conf.ext + # Block the default userdb lookup (passwd, 10-auth.conf) + result_failure = return-fail + result_internalfail = return-fail + result_success = return-ok +} diff --git a/plinth/modules/email_server/data/etc/dovecot/conf.d/90-freedombox-master.conf b/plinth/modules/email_server/data/etc/dovecot/conf.d/90-freedombox-master.conf new file mode 100644 index 000000000..0b1137be7 --- /dev/null +++ b/plinth/modules/email_server/data/etc/dovecot/conf.d/90-freedombox-master.conf @@ -0,0 +1,18 @@ +# Direct edits to this file will be lost! +# Manage your settings on Plinth + +service auth { + unix_listener /var/spool/postfix/private/auth { + mode = 0600 + user = postfix + group = postfix + } +} + +service lmtp { + unix_listener /var/spool/postfix/private/dovecot-lmtp { + mode = 0600 + user = postfix + group = postfix + } +} diff --git a/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-passdb.conf.ext b/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-passdb.conf.ext new file mode 100644 index 000000000..0480c3354 --- /dev/null +++ b/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-passdb.conf.ext @@ -0,0 +1,8 @@ +# Direct edits to this file will be lost! +# Manage your settings on Plinth + +uris = ldap://127.0.0.1 +base = dc=thisbox + +auth_bind = yes +auth_bind_userdn = uid=%u,ou=users,dc=thisbox diff --git a/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-userdb.conf.ext b/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-userdb.conf.ext new file mode 100644 index 000000000..c115853ed --- /dev/null +++ b/plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-userdb.conf.ext @@ -0,0 +1,18 @@ +# Direct edits to this file will be lost! +# Manage your settings on Plinth + +uris = ldap://127.0.0.1 +base = dc=thisbox + +user_attrs = \ + =home=%{ldap:homeDirectory}, \ + =uid=%{ldap:uidNumber}, \ + =gid=%{ldap:gidNumber}, \ + =mail=maildir:~/Maildir:LAYOUT=index + +user_filter = (&(objectClass=posixAccount)(uid=%Ln)) + +# For doveadm + +iterate_attrs = =user=%{ldap:uid} +iterate_filter = (objectClass=posixAccount)