From 5cc181a90f7d27f4ec578a8a892b4dd0ca44adf4 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Fri, 18 Sep 2015 03:09:10 -0400
Subject: [PATCH] Merge branch 'master' into 'master'

---
 server/plugins-available/mail_plugin_dkim.inc.php     |   10 +++++++---
 install/dist/tpl/gentoo/amavisd-ispconfig.conf.master |   18 +++++++++++++-----
 install/tpl/amavisd_user_config.master                |   17 +++++++++++------
 3 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master b/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master
index 32ee177..c05ce98 100644
--- a/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master
+++ b/install/dist/tpl/gentoo/amavisd-ispconfig.conf.master
@@ -94,16 +94,24 @@
 $log_level = 0;                # (defaults to 0)
 
 $inet_socket_port = [10024,10026];
-$forward_method = 'smtp:[127.0.0.1]:10025';
-$notify_method = 'smtp:[127.0.0.1]:10027';
+
+# *:* = send to IP/HOST:incoming Port + 1
+$forward_method = 'smtp:*:*';
+$notify_method = 'smtp:*:*';
+
 $interface_policy{'10026'} = 'ORIGINATING';
 $policy_bank{'ORIGINATING'} = {
   originating => 1,
   smtpd_discard_ehlo_keywords => ['8BITMIME'],
-  forward_method => 'smtp:[127.0.0.1]:10027',
 };
-@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12
-192.168.0.0/16);
+
+# IP-Addresses for internal networks => load policy MYNETS
+# - requires -o smtp_send_xforward_command=yes in postfix master.cf
+@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [::1] [FE80::]/10 [FEC0::]/10);
+
+# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port
+@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 );
+
 $signed_header_fields{'received'} = 0; # turn off signing of Received
 $enable_dkim_verification = 1;
 $enable_dkim_signing = 1;
diff --git a/install/tpl/amavisd_user_config.master b/install/tpl/amavisd_user_config.master
index 2e5a73d..c729a7c 100644
--- a/install/tpl/amavisd_user_config.master
+++ b/install/tpl/amavisd_user_config.master
@@ -76,19 +76,24 @@
 $log_level = 0;                # (defaults to 0)
 
 $inet_socket_port = [10024,10026];
-$forward_method = 'smtp:[127.0.0.1]:10025';
-$notify_method = 'smtp:[127.0.0.1]:10027';
+
+# *:* = send to IP/HOST:incoming Port + 1
+$forward_method = 'smtp:*:*';
+$notify_method = 'smtp:*:*';
 $interface_policy{'10026'} = 'ORIGINATING';
 $policy_bank{'ORIGINATING'} = {
   originating => 1,
   smtpd_discard_ehlo_keywords => ['8BITMIME'],
-  forward_method => 'smtp:[127.0.0.1]:10027',
 };
-@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12
-192.168.0.0/16);
+
+# IP-Addresses for internal networks => load policy MYNETS
+# - requires -o smtp_send_xforward_command=yes in postfix master.cf
+@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 [::1] [FE80::]/10 [FEC0::]/10);
+
+# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port
+@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 );
 
 # DKIM
-
 $enable_dkim_verification = 1;
 $enable_dkim_signing = 1; # load DKIM signing code
 $signed_header_fields{'received'} = 0;  # turn off signing of Received
diff --git a/server/plugins-available/mail_plugin_dkim.inc.php b/server/plugins-available/mail_plugin_dkim.inc.php
index 7ded684..0e0208a 100755
--- a/server/plugins-available/mail_plugin_dkim.inc.php
+++ b/server/plugins-available/mail_plugin_dkim.inc.php
@@ -122,8 +122,8 @@
 		$mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail');
 		if (	isset($mail_config['dkim_path']) && 
 				!empty($mail_config['dkim_path']) && 
-				isset($data['new']['dkim_private']) && 
-				!empty($data['new']['dkim_private']) &&
+//				isset($data['new']['dkim_private']) && 
+//				!empty($data['new']['dkim_private']) &&
 				$mail_config['dkim_path'] != '/' 
 		) {
             if (!is_dir($mail_config['dkim_path'])) {
@@ -199,6 +199,10 @@
 	function write_dkim_key($key_file, $key_value, $key_domain) {
 		global $app, $mailconfig;
 		$success=false;
+		if ($key_file == '' || $key_value  == '' || $key_domain == '') {
+			$app->log('DKIM internal error for domain '.$key_domain, LOGLEVEL_ERROR);
+			return $success;
+		}
 		if ( $app->system->file_put_contents($key_file.'.private', $key_value) ) {
 			$app->log('Saved DKIM Private-key to '.$key_file.'.private', LOGLEVEL_DEBUG);
 			$success=true;
@@ -211,7 +215,7 @@
 				$app->log('Saved DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
 			else $app->log('Unable to save DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
 		} else {
-			$app->log('Unable to save DKIM Privte-key to '.$key_file.'.private', LOGLEVEL_ERROR);
+			$app->log('Unable to save DKIM Private-key to '.$key_file.'.private', LOGLEVEL_ERROR);
 		}
 		return $success;
 	}

--
Gitblit v1.9.1