Added greylisting using postgrey (#495)

* Added greylisting using postgrey
* Updated the documentation

target/postgrey/postgrey

@@ -0,0 +1,6 @@
+# you may want to set
+#   --delay=N   how long to greylist, seconds (default: 300)
+#   --max-age=N delete old entries after N days (default: 35)
+
+POSTGREY_OPTS="--inet=10023"
+

target/postgrey/postgrey.init

@@ -0,0 +1,142 @@
+#!/bin/sh
+#
+# postgrey      start/stop the postgrey greylisting deamon for postfix
+#               (priority should be smaller than that of postfix)
+#
+# Author:       (c)2004-2006 Adrian von Bidder <avbidder@fortytwo.ch>
+#               Based on Debian sarge's 'skeleton' example
+#               Distribute and/or modify at will.
+#
+# Version:      $Id: postgrey.init 1436 2006-12-07 07:15:03Z avbidder $
+#
+### BEGIN INIT INFO
+# Provides:          postgrey
+# Required-Start:    $syslog $local_fs $remote_fs
+# Required-Stop:     $syslog $local_fs $remote_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start/stop the postgrey daemon
+### END INIT INFO
+
+set -e
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/postgrey
+DAEMON_NAME=postgrey
+DESC="postfix greylisting daemon"
+DAEMON_USER=postgrey
+
+PIDFILE=/var/run/$DAEMON_NAME/$DAEMON_NAME.pid
+SCRIPTNAME=/etc/init.d/$DAEMON_NAME
+
+# Gracefully exit if the package has been removed.
+test -x $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+# Read config file if it is present.
+if [ -r /etc/default/$DAEMON_NAME ]
+then
+    . /etc/default/$DAEMON_NAME
+fi
+
+POSTGREY_OPTS="--pidfile=$PIDFILE --daemonize $POSTGREY_OPTS"
+if [ -z "$POSTGREY_TEXT" ]; then
+    POSTGREY_TEXT_OPT=""
+else
+    POSTGREY_TEXT_OPT="--greylist-text=$POSTGREY_TEXT"
+fi
+
+ret=0
+
+do_start()
+{
+        # Return
+        #   0 if daemon has been started
+        #   1 if daemon was already running
+        #   2 if daemon could not be started
+        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+                || return 1
+        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+                $POSTGREY_OPTS "$POSTGREY_TEXT_OPT" \
+                || return 2
+}
+
+do_stop()
+{
+	# Return
+	#   0 if daemon has been stopped
+	#   1 if daemon was already stopped
+	#   2 if daemon could not be stopped
+	#   other if a failure occurred
+        start-stop-daemon --user $DAEMON_USER --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
+        RETVAL="$?"
+        [ "$RETVAL" = 2 ] && return 2
+
+	# Wait for children to finish too if this is a daemon that forks
+	# and if the daemon is only ever run from this initscript.
+	# If the above conditions are not satisfied then add some other code
+	# that waits for the process to drop all resources that could be
+	# needed by services started subsequently.  A last resort is to
+	# sleep for some time.
+	start-stop-daemon --user $DAEMON_USER --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
+	[ "$?" = 2 ] && return 2
+	# Many daemons don't delete their pidfiles when they exit.
+	rm -f $PIDFILE
+	return "$RETVAL"
+
+}
+
+do_reload()
+{
+	#
+	# If the daemon can reload its configuration without
+	# restarting (for example, when it is sent a SIGHUP),
+	# then implement that here.
+	#
+	start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE
+	return 0
+}
+
+case "$1" in
+  start)
+	[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$DAEMON_NAME"
+        do_start
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+	esac
+        ;;
+  stop)
+	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$DAEMON_NAME"
+        do_stop
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+	esac
+        ;;
+  reload|force-reload)
+	[ "$VERBOSE" != no ] && log_daemon_msg "Reloading $DESC" "$DAEMON_NAME"
+        do_reload
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+	esac
+        ;;
+  restart)
+        do_stop
+        do_start
+        ;;
+  status)
+        status_of_proc -p $PIDFILE $DAEMON "$DAEMON_NAME" 2>/dev/null
+        ret=$?
+        ;;
+
+  *)
+        echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|status}" >&2
+        exit 1
+        ;;
+esac
+
+exit $ret
+

target/start-mailserver.sh

@@ -14,6 +14,10 @@ DEFAULT_VARS["ENABLE_FAIL2BAN"]="${ENABLE_FAIL2BAN:="0"}"
 DEFAULT_VARS["ENABLE_MANAGESIEVE"]="${ENABLE_MANAGESIEVE:="0"}"
 DEFAULT_VARS["ENABLE_FETCHMAIL"]="${ENABLE_FETCHMAIL:="0"}"
 DEFAULT_VARS["ENABLE_LDAP"]="${ENABLE_LDAP:="0"}"
+DEFAULT_VARS["ENABLE_POSTGREY"]="${ENABLE_POSTGREY:="0"}"
+DEFAULT_VARS["POSTGREY_DELAY"]="${POSTGREY_DELAY:="300"}"
+DEFAULT_VARS["POSTGREY_MAX_AGE"]="${POSTGREY_MAX_AGE:="35"}"
+DEFAULT_VARS["POSTGREY_TEXT"]="${POSTGREY_TEXT:="Delayed by postgrey"}"
 DEFAULT_VARS["ENABLE_SASLAUTHD"]="${ENABLE_SASLAUTHD:="0"}"
 DEFAULT_VARS["SMTP_ONLY"]="${SMTP_ONLY:="0"}"
 DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
@@ -90,6 +94,10 @@ function register_functions() {
 		_register_setup_function "_setup_postfix_sasl"
 	fi
 
+	if [ "$ENABLE_POSTGREY" = 1 ];then
+		_register_setup_function "_setup_postgrey"
+	fi
+
 	_register_setup_function "_setup_dkim"
 	_register_setup_function "_setup_ssl"
 	_register_setup_function "_setup_docker_permit"
@@ -141,6 +149,12 @@ function register_functions() {
 	# needs to be started before saslauthd
 	_register_start_daemon "_start_daemons_opendkim"
 	_register_start_daemon "_start_daemons_opendmarc"
+
+	#postfix uses postgrey, needs to be started before postfix
+	if [ "$ENABLE_POSTGREY" = 1 ]; then
+		_register_start_daemon "_start_daemons_postgrey"
+	fi
+	
 	_register_start_daemon "_start_daemons_postfix"
 
 	if [ "$ENABLE_SASLAUTHD" = 1 ];then
@@ -160,6 +174,7 @@ function register_functions() {
 		_register_start_daemon "_start_daemons_clamav"
 	fi
 
+
 	_register_start_daemon "_start_daemons_amavis"
 	################### << daemon funcs
 }
@@ -487,6 +502,18 @@ function _setup_ldap() {
 	return 0
 }
 
+function _setup_postgrey() {
+	notify 'inf' "Configuring postgrey"
+	sed -i -e 's/bl.spamcop.net$/bl.spamcop.net, check_policy_service inet:127.0.0.1:10023/' /etc/postfix/main.cf
+	sed -i -e "s/\"--inet=10023\"/\"--inet=10023 --delay=$POSTGREY_DELAY --max-age=$POSTGREY_MAX_AGE\"/" /etc/default/postgrey
+	TEXT_FOUND=`grep -i "POSTGREY_TEXT" /etc/default/postgrey | wc -l`
+	
+	if [ $TEXT_FOUND -eq 0 ]; then
+		printf "POSTGREY_TEXT=\"$POSTGREY_TEXT\"\n\n" >> /etc/default/postgrey
+	fi
+}
+
+
 function _setup_postfix_sasl() {
 	[ ! -f /etc/postfix/sasl/smtpd.conf ] && cat > /etc/postfix/sasl/smtpd.conf << EOF
 pwcheck_method: saslauthd
@@ -1023,6 +1050,12 @@ function _start_daemons_clamav() {
 	display_startup_daemon "/etc/init.d/clamav-daemon start"
 }
 
+function _start_daemons_postgrey() {
+	notify 'task' 'Starting postgrey' 'n'
+	display_startup_daemon "/etc/init.d/postgrey start"
+}
+
+
 function _start_daemons_amavis() {
 	notify 'task' 'Starting amavis' 'n'
 	display_startup_daemon "/etc/init.d/amavis start"