Introduce ENABLE_DNSBL env (#2342)

Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2025-07-10 01:15:00 +02:00 · 2022-01-03 22:03:46 +01:00 · 2022-01-03 22:03:46 +01:00 · 9d5a9a16a0
commit 9d5a9a16a0
parent f68878a2c2
6 changed files with 93 additions and 1 deletions
--- a/target/scripts/start-mailserver.sh
+++ b/target/scripts/start-mailserver.sh
@ -23,6 +23,7 @@ VARS[DOVECOT_MAILBOX_FORMAT]="${DOVECOT_MAILBOX_FORMAT:=maildir}"
 VARS[DOVECOT_TLS]="${DOVECOT_TLS:=no}"
 VARS[ENABLE_AMAVIS]="${ENABLE_AMAVIS:=1}"
 VARS[ENABLE_CLAMAV]="${ENABLE_CLAMAV:=0}"
+VARS[ENABLE_DNSBL]="${ENABLE_DNSBL:=0}"
 VARS[ENABLE_FAIL2BAN]="${ENABLE_FAIL2BAN:=0}"
 VARS[ENABLE_FETCHMAIL]="${ENABLE_FETCHMAIL:=0}"
 VARS[ENABLE_LDAP]="${ENABLE_LDAP:=0}"
@ -109,6 +110,7 @@ function register_functions
  [[ ${ENABLE_SASLAUTHD} -eq 1 ]] && _register_setup_function '_setup_saslauthd'
  [[ ${POSTFIX_INET_PROTOCOLS} != 'all' ]] && _register_setup_function '_setup_inet_protocols'
  [[ ${ENABLE_FAIL2BAN} -eq 1 ]] && _register_setup_function '_setup_fail2ban'
+  [[ ${ENABLE_DNSBL} -eq 0 ]] && _register_setup_function '_setup_dnsbl_disable'

  _register_setup_function '_setup_dkim'
  _register_setup_function '_setup_ssl'
--- a/target/scripts/startup/setup-stack.sh
+++ b/target/scripts/startup/setup-stack.sh
@ -1512,3 +1512,13 @@ function _setup_fail2ban
    echo -e "[Init]\nblocktype = DROP" > /etc/fail2ban/action.d/iptables-common.local
  fi
 }
+
+function _setup_dnsbl_disable
+{
+  _notify 'task' 'Disabling postfix DNS block list (zen.spamhaus.org)'
+  sedfile -i '/^smtpd_recipient_restrictions = / s/, reject_rbl_client zen.spamhaus.org//' /etc/postfix/main.cf
+
+  _notify 'task' 'Disabling postscreen DNS block lists'
+  postconf -e "postscreen_dnsbl_action = ignore"
+  postconf -e "postscreen_dnsbl_sites = "
+}