From: Vincent Vanwaelscappel Date: Thu, 12 Mar 2026 17:04:58 +0000 (+0100) Subject: wip #8026 @14 X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=e15402d8c2905daba6d92c55586dda7f18c1ee0d;p=fluidbook-toolbox.git wip #8026 @14 --- diff --git a/.docker/images/php/Dockerfile b/.docker/images/php/Dockerfile index f18e6ff19..9371b3072 100644 --- a/.docker/images/php/Dockerfile +++ b/.docker/images/php/Dockerfile @@ -82,6 +82,8 @@ ENV LC_ALL fr_FR.UTF-8 RUN cd /root;wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2;tar xvjf phantomjs-2.1.1-linux-x86_64.tar.bz2;mv phantomjs-2.1.1-linux-x86_64 /usr/local/share;ln -sf /usr/local/share/phantomjs-2.1.1-linux-x86_64/bin/phantomjs /usr/local/bin RUN cd /root;wget https://github.com/RazrFalcon/svgcleaner/releases/download/v0.9.5/svgcleaner_linux_x86_64_0.9.5.tar.gz; tar xvzf svgcleaner_linux_x86_64_0.9.5.tar.gz;mv svgcleaner /usr/local/bin RUN cd /root;wget https://github.com/astraw/svg_stack/archive/refs/tags/0.1.0.tar.gz; tar xvzf 0.1.0.tar.gz;mv svg_stack-0.1.0 /usr/local/svg_stack +RUN cd /usr/local/;git clone https://github.com/spf-tools/spf-tools +RUN cd /usr/local/;git clone https://github.com/stevejenkins/postwhite RUN curl -L https://github.com/yt-dlp/yt-dlp-nightly-builds/releases/latest/download/yt-dlp -o /usr/local/bin/yt-dlp && chmod 755 /usr/local/bin/yt-dlp diff --git a/app/Console/Kernel.php b/app/Console/Kernel.php index b6f0d3977..ec0707908 100644 --- a/app/Console/Kernel.php +++ b/app/Console/Kernel.php @@ -41,6 +41,7 @@ class Kernel extends \Cubist\Backpack\Console\Kernel $schedule->command('job:dispatchNow Maintenance\\\\ListWorkingSymlinks')->dailyAt('0:30'); // Email config $schedule->command('job:dispatchNow Maintenance\\\\EmailServerRefresh')->twiceDailyAt(); + $schedule->exec('/usr/local/postwhite/postwhite ' . storage_path('emailconfig/postwhite.conf'))->monthly(); // Quotes $schedule->command('fluidbook:quote --reminder')->weekdays()->at('8:00'); // DSN diff --git a/app/Models/TeamEmails.php b/app/Models/TeamEmails.php index 8a8ff5e41..10c6e065a 100644 --- a/app/Models/TeamEmails.php +++ b/app/Models/TeamEmails.php @@ -62,6 +62,24 @@ class TeamEmails extends CubistMagicAbstractModel $spam_whitelist = json_decode($this->spam_whitelist, true); $spam_whitelist = self::getWhitelistFromClients($spam_whitelist); + $postwhite_domains = []; + foreach ($spam_whitelist as $s) { + $e = explode("@", $s); + $de = explode(".", $e[1]); + $domain = $de; + foreach ($de as $dd) { + if ($dd === '*') { + array_shift($domain); + } else { + break; + } + } + $postwhite_domains[] = implode(".", $domain); + + } + + $postwhite_domains = array_unique($postwhite_domains); + $spam_blacklist = json_decode($this->spam_blacklist, true); $auth_whitelist = json_decode($this->auth_whitelist, true); @@ -236,6 +254,7 @@ class TeamEmails extends CubistMagicAbstractModel } $my_networks = array_unique($my_networks); + $this->_replaceInFile('postwhite.conf', ['postwhite_domains' => implode(" ",$postwhite_domains)]); $this->_replaceInFile('postfix-main.cf', ['my_networks' => implode(', ', $my_networks)]); $this->_replaceInFile('fail2ban-jail.cf', ['ignoreip' => implode(',', $my_networks)]); $this->_replaceInFile('spamassassin-rules.cf', ['spam_whitelist' => implode("\n", $spam_wl), 'spam_blacklist' => implode("\n", $spam_bl)]); @@ -249,7 +268,9 @@ class TeamEmails extends CubistMagicAbstractModel foreach ($variables as $k => $v) { $content = str_replace('$' . $k, $v, $content); } + $content = str_replace("\r\n", "\n", $content); + file_put_contents(storage_path('emailconfig/' . $filename), $content); } diff --git a/resources/emailconfig/postfix-main.cf b/resources/emailconfig/postfix-main.cf index 44de3b998..01825ddbf 100644 --- a/resources/emailconfig/postfix-main.cf +++ b/resources/emailconfig/postfix-main.cf @@ -5,7 +5,5 @@ prepend_delivered_header = command, file, forward mynetworks = $my_networks smtpd_recipient_restrictions = check_recipient_access pcre:/etc/postfix/recipient_access.pcre -postscreen_bare_newline_enable = no -postscreen_non_smtp_command_enable = no -postscreen_pipelining_enable = no - +postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_spf_whitelist.cidr +postscreen_dnsbl_timeout = 5s diff --git a/resources/emailconfig/postwhite.conf b/resources/emailconfig/postwhite.conf new file mode 100644 index 000000000..4db5d2364 --- /dev/null +++ b/resources/emailconfig/postwhite.conf @@ -0,0 +1,34 @@ +# CONFIGURATION OPTIONS FOR POSTWHITE +# https://github.com/stevejenkins/postwhite +# POSTWHITE WILL LOOK FOR THIS FILE IN /etc/postwhite.conf + +# FILE PATHS +spftoolspath=/usr/local/spf-tools +postfixpath=/application/storage/emailconfig +postfixbinarypath=/usr/sbin +whitelist=postscreen_spf_whitelist.cidr +blacklist=postscreen_spf_blacklist.cidr +yahoo_static_hosts=/usr/local/postwhite/yahoo_static_hosts.txt + +# CUSTOM HOSTS +# Enter custom hosts separated by a space, ex: "example.com example2.com example3.com" +custom_hosts="$postwhite_domains" + +# Include list of Yahoo Outbound IPs from https://help.yahoo.com/kb/SLN23997.html? +include_yahoo="yes" + +# Do you also want to build a blacklist? +enable_blacklist=no +blacklist_hosts="" + +# Do what to invalid IPv4 addresses and CIDRs? +# Valid settings are 'remove' 'fix' or 'keep' +invalid_ip4=remove + +# Simplify (remove) IP addresses from the whitelist that are already covered by CIDRs? +# WARNING: Enabling this option can dramatically increase the time Postwhite takes to +# run if you have many mailers selected. Try it once, then come back and turn it off. :) +simplify=no + +# Reload Postfix Automatically when done? +reload_postfix=no