5 年之前 · 85b027aa9d
--- a/data/Dockerfiles/postfix/postfix.sh
+++ b/data/Dockerfiles/postfix/postfix.sh
@@ -97,7 +97,7 @@ query = SELECT IF(EXISTS(
 
				           SELECT CONCAT('%u', '@', target_domain) FROM alias_domain
			
 
				             WHERE alias_domain='%d'
			
 
				         )
			
 
				-      ) AND json_extract(attributes, '$.tls_enforce_in') LIKE '%%1%%' AND mailbox.active = '1'
			
 
				+      ) AND JSON_UNQUOTE(JSON_VALUE(attributes, '$.tls_enforce_in')) = '1' AND mailbox.active = '1'
			
 
				   ), 'reject_plaintext_session', NULL) AS 'tls_enforce_in';
			
 
				 EOF
			
 
				 
			
@@ -117,7 +117,7 @@ query = SELECT GROUP_CONCAT(transport SEPARATOR '') AS transport_maps
 
				               WHERE alias_domain = '%d'
			
 
				           )
			
 
				         )
			
 
				-        AND json_extract(attributes, '$.tls_enforce_out') LIKE '%%1%%'
			
 
				+        AND JSON_UNQUOTE(JSON_VALUE(attributes, '$.tls_enforce_out')) = '1'
			
 
				         AND mailbox.active = '1'
			
 
				     ), 'smtp_enforced_tls:', 'smtp:') AS 'transport'
			
 
				     UNION ALL
			
@@ -264,7 +264,7 @@ user = ${DBUSER}
 
				 password = ${DBPASS}
			
 
				 hosts = unix:/var/run/mysqld/mysqld.sock
			
 
				 dbname = ${DBNAME}
			
 
				-query = SELECT CONCAT(JSON_UNQUOTE(JSON_EXTRACT(attributes, '$.mailbox_format')), mailbox_path_prefix, '%d/%u/') FROM mailbox WHERE username='%s' AND (active = '1' OR active = '2')
			
 
				+query = SELECT CONCAT(JSON_UNQUOTE(JSON_VALUE(attributes, '$.mailbox_format')), mailbox_path_prefix, '%d/%u/') FROM mailbox WHERE username='%s' AND (active = '1' OR active = '2')
			
 
				 EOF
			
 
				 
			
 
				 cat <<EOF > /opt/postfix/conf/sql/mysql_virtual_relay_domain_maps.cf
			
@@ -318,6 +318,16 @@ query = SELECT goto FROM alias
 
				       AND alias_domain.active='1'
			
 
				 EOF
			
 
				 
			
 
				+# Reject sasl usernames with smtp disabled
			
 
				+cat <<EOF > /opt/postfix/conf/sql/mysql_sasl_access_maps.cf
			
 
				+# Autogenerated by mailcow
			
 
				+user = ${DBUSER}
			
 
				+password = ${DBPASS}
			
 
				+hosts = unix:/var/run/mysqld/mysqld.sock
			
 
				+dbname = ${DBNAME}
			
 
				+query = SELECT 'REJECT' FROM mailbox WHERE username = '%u' AND JSON_UNQUOTE(JSON_VALUE(attributes, '$.smtp_access')) = '0';
			
 
				+EOF
			
 
				+
			
 
				 cat <<EOF > /opt/postfix/conf/sql/mysql_virtual_spamalias_maps.cf
			
 
				 # Autogenerated by mailcow
			
 
				 user = ${DBUSER}
			
--- a/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
@@ -35,15 +35,17 @@ filter f_mail { facility(mail); };
 
				 # start
			
 
				 # overriding warnings are still displayed when the entrypoint runs its initial check
			
 
				 # warnings logged by postfix-mailcow to syslog are hidden to reduce repeating msgs
			
 
				-filter f_overrides { not match("overriding earlier entry" value("MESSAGE")); };
			
 
				+# Some other warnings are ignored
			
 
				+filter f_ignore {
			
 
				+  not match("overriding earlier entry" value("MESSAGE"));
			
 
				+  not match("TLS SNI from checks.mailcow.email" value("MESSAGE"));
			
 
				+  not match("no SASL support" value("MESSAGE"));
			
 
				+  not facility (local0, local1, local2, local3, local4, local5, local6, local7);
			
 
				+};
			
 
				 # end
			
 
				-filter f_skip_local { not facility (local0, local1, local2, local3, local4, local5, local6, local7); };
			
 
				-filter f_checks { not match("TLS SNI from checks.mailcow.email" value("MESSAGE")); };
			
 
				 log {
			
 
				   source(s_src);
			
 
				-  filter(f_skip_local);
			
 
				-  filter(f_overrides);
			
 
				-  filter(f_checks);
			
 
				+  filter(f_ignore);
			
 
				   destination(d_stdout);
			
 
				   filter(f_mail);
			
 
				   destination(d_redis_ui_log);
			
--- a/data/Dockerfiles/postfix/syslog-ng.conf
+++ b/data/Dockerfiles/postfix/syslog-ng.conf
@@ -35,15 +35,17 @@ filter f_mail { facility(mail); };
 
				 # start
			
 
				 # overriding warnings are still displayed when the entrypoint runs its initial check
			
 
				 # warnings logged by postfix-mailcow to syslog are hidden to reduce repeating msgs
			
 
				-filter f_overrides { not match("overriding earlier entry" value("MESSAGE")); };
			
 
				+# Some other warnings are ignored
			
 
				+filter f_ignore {
			
 
				+  not match("overriding earlier entry" value("MESSAGE"));
			
 
				+  not match("TLS SNI from checks.mailcow.email" value("MESSAGE"));
			
 
				+  not match("no SASL support" value("MESSAGE"));
			
 
				+  not facility (local0, local1, local2, local3, local4, local5, local6, local7);
			
 
				+};
			
 
				 # end
			
 
				-filter f_skip_local { not facility (local0, local1, local2, local3, local4, local5, local6, local7); };
			
 
				-filter f_checks { not match("TLS SNI from checks.mailcow.email" value("MESSAGE")); };
			
 
				 log {
			
 
				   source(s_src);
			
 
				-  filter(f_skip_local);
			
 
				-  filter(f_overrides);
			
 
				-  filter(f_checks);
			
 
				+  filter(f_ignore);
			
 
				   destination(d_stdout);
			
 
				   filter(f_mail);
			
 
				   destination(d_redis_ui_log);