mirror of
https://github.com/bokysan/docker-postfix.git
synced 2024-09-20 06:46:10 +08:00
Fix for #192: Automatically add domains to provided usernames for SASL
So, according to the documentation, usernames must always include a domain for SASL. In other words. User cannot be `johhny` but `johhny@example.org`. Further info can be found on this ticket: https://github.com/bokysan/docker-postfix/issues/192 This commit will automatically append domain if one is not provided in `SMTPD_SASL_USERS`.
This commit is contained in:
parent
bda13b30fa
commit
b358d71454
|
@ -209,12 +209,14 @@ To change the log format, set the (unsurprisingly named) variable `LOG_FORMAT=js
|
|||
- `XOAUTH2_INITIAL_ACCESS_TOKEN` = Initial OAuth2 access token.
|
||||
- `XOAUTH2_INITIAL_REFRESH_TOKEN` = Initial OAuth2 refresh token.
|
||||
- `XOAUTH2_TOKEN_ENDPOINT` = Token endpoint provided four your XOAUTH App , GMail use : https://accounts.google.com/o/oauth2/token
|
||||
- `SMTPD_SASL_USERS` = Users allow to send mail (ex: user1:pass1,user2:pass2,...)
|
||||
- `SMTPD_SASL_USERS` = Users allow to send mail (ex: user1:pass1,user2:pass2,...). *Warning:* Users need to be specified with a domain, as explained
|
||||
on ticket [[#192](https://github.com/bokysan/docker-postfix/issues/192)]. This image will automatically add a domain if one is not provided and will
|
||||
issue a notice when that happens.
|
||||
- `MASQUERADED_DOMAINS` = domains where you want to masquerade internal hosts
|
||||
- `SMTP_HEADER_CHECKS`= Set to `1` to enable header checks of to a location of the file for header checks
|
||||
- `POSTFIX_myhostname` = Set the name of this postfix server
|
||||
- `POSTFIX_mynetworks` = Allow sending mails only from specific networks ( default `127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` )
|
||||
- `POSTFIX_message_size_limit` = The maximum size of the messsage, in bytes, by default it's unlimited
|
||||
- `POSTFIX_message_size_limit` = The maximum size of the message, in bytes, by default it's unlimited
|
||||
- `POSTFIX_<any_postfix_setting>` = provide any additional postfix setting
|
||||
|
||||
#### `RELAYHOST`, `RELAYHOST_USERNAME` and `RELAYHOST_PASSWORD`
|
||||
|
|
|
@ -424,6 +424,8 @@ postfix_setup_xoauth2_post_setup() {
|
|||
}
|
||||
|
||||
postfix_setup_smtpd_sasl_auth() {
|
||||
local first_bad_user bad_users mydomain message
|
||||
local _user _pwd
|
||||
if [ ! -z "$SMTPD_SASL_USERS" ]; then
|
||||
info "Enable smtpd sasl auth."
|
||||
do_postconf -e "smtpd_sasl_auth_enable=yes"
|
||||
|
@ -435,19 +437,41 @@ pwcheck_method: auxprop
|
|||
auxprop_plugin: sasldb
|
||||
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM
|
||||
EOF
|
||||
[ ! -d /etc/sasl2 ] && mkdir /etc/sasl2
|
||||
ln -s /etc/postfix/sasl/smtpd.conf /etc/sasl2/
|
||||
[[ ! -d /etc/sasl2 ]] && mkdir /etc/sasl2
|
||||
ln -s -f /etc/postfix/sasl/smtpd.conf /etc/sasl2/
|
||||
|
||||
bad_users=""
|
||||
mydomain="$(postconf -h mydomain)"
|
||||
# sasldb2
|
||||
echo $SMTPD_SASL_USERS | tr , \\n > /tmp/passwd
|
||||
while IFS=':' read -r _user _pwd; do
|
||||
echo $_pwd | saslpasswd2 -p -c $_user
|
||||
# Fix for issue https://github.com/bokysan/docker-postfix/issues/192
|
||||
if [[ "$_user" = *@* ]]; then
|
||||
echo $_pwd | saslpasswd2 -p -c $_user
|
||||
else
|
||||
if [[ -z "$bad_users" ]]; then
|
||||
bad_users="${emphasis}${_user}${reset}"
|
||||
first_bad_user="${_user}"
|
||||
else
|
||||
bad_users="${bad_users},${emphasis}${_user}${reset}"
|
||||
fi
|
||||
echo $_pwd | saslpasswd2 -p -c -u $mydomain $_user
|
||||
fi
|
||||
done < /tmp/passwd
|
||||
|
||||
rm -f /tmp/passwd
|
||||
|
||||
[ -f /etc/sasldb2 ] && chown postfix:postfix /etc/sasldb2
|
||||
[ -f /etc/sasl2/sasldb2 ] && chown postfix:postfix /etc/sasl2/sasldb2
|
||||
[[ -f /etc/sasldb2 ]] && chown postfix:postfix /etc/sasldb2
|
||||
[[ -f /etc/sasl2/sasldb2 ]] && chown postfix:postfix /etc/sasl2/sasldb2
|
||||
|
||||
if [[ -n "$bad_users" ]]; then
|
||||
notice "$(printf '%s' \
|
||||
"Some SASL users (${bad_users}) were specified without the domain. Container domain (${emphasis}${mydomain}${reset}) was automatically applied. " \
|
||||
"If this was an intended behavour, you can safely ignore this message. To prevent the message in the future, specify your usernames with domain " \
|
||||
"name, e.g. ${emphasis}${first_bad_user}@${mydomain}:<pass>${reset}. For more info, see https://github.com/bokysan/docker-postfix/issues/192"
|
||||
)"
|
||||
fi
|
||||
|
||||
debug 'Sasldb configured'
|
||||
fi
|
||||
}
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
load /code/scripts/common.sh
|
||||
load /code/scripts/common-run.sh
|
||||
|
||||
#
|
||||
|
||||
postconf daemon_directory=/usr/libexec/postfix
|
||||
|
||||
if [[ ! -f /etc/postfix/main.test-multi-comment ]]; then
|
||||
|
|
22
unit-tests/026_postfix_setup_smtpd_sasl_auth.bats
Normal file
22
unit-tests/026_postfix_setup_smtpd_sasl_auth.bats
Normal file
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env bats
|
||||
|
||||
load /code/scripts/common.sh
|
||||
load /code/scripts/common-run.sh
|
||||
|
||||
@test "check if SMTPD_SASL_USERS works with and without domain" {
|
||||
local db_file
|
||||
local SMTPD_SASL_USERS="hello:world,foo@example.com:bar"
|
||||
do_postconf -e 'mydomain=example.org'
|
||||
postfix_setup_smtpd_sasl_auth
|
||||
|
||||
postfix check
|
||||
|
||||
[[ -f /etc/postfix/sasl/smtpd.conf ]]
|
||||
[[ -f /etc/sasl2/smtpd.conf ]]
|
||||
[[ -f /etc/sasldb2 ]] || [[ -f /etc/sasl2/sasldb2 ]]
|
||||
|
||||
sasldblistusers2 | grep -qE "^hello@example.org:"
|
||||
sasldblistusers2 | grep -qE "^foo@example.com:"
|
||||
|
||||
}
|
||||
|
Loading…
Reference in a new issue