From 21e7d226e9d5fedcee9aa0c47edbe704eb5e661c Mon Sep 17 00:00:00 2001 From: schmonz Date: Sat, 27 Oct 2018 19:16:16 +0000 Subject: Update to 20181027. Changes: - Bump qmail-acceptutils for integrated privsep TLS using ucspi-ssl. - Switch qmailofmipd rc.d script to sslserver, listening on the network. - Install control/{pop3,smtp}capabilities, as newly required by authup. - Organize INSTALL a bit better. - Remove all vestiges of stunnel, including further shortening MESSAGE. --- mail/qmail-run/DESCR | 6 +++--- mail/qmail-run/INSTALL | 25 +++++++++++++++++-------- mail/qmail-run/MESSAGE | 31 +++++++++++++------------------ mail/qmail-run/Makefile | 21 ++++++++++++++------- mail/qmail-run/PLIST | 5 +++-- mail/qmail-run/files/pop3capabilities | 2 ++ mail/qmail-run/files/qmailofmipd.sh | 14 +++++++------- mail/qmail-run/files/smtpcapabilities | 2 ++ mail/qmail-run/files/stunnel.conf | 13 ------------- mail/qmail-run/files/tcp.ofmip | 2 +- 10 files changed, 62 insertions(+), 59 deletions(-) create mode 100644 mail/qmail-run/files/pop3capabilities create mode 100644 mail/qmail-run/files/smtpcapabilities delete mode 100644 mail/qmail-run/files/stunnel.conf diff --git a/mail/qmail-run/DESCR b/mail/qmail-run/DESCR index a5abb619eb2..939406ed3e7 100644 --- a/mail/qmail-run/DESCR +++ b/mail/qmail-run/DESCR @@ -1,3 +1,3 @@ -This package creates all the needed basic config files to run qmail, -provides example {mailer,stunnel}.conf and wrappers for procmail, -spamassassin, and rspamd, and installs NetBSD-style rc.d scripts. +This package creates all the needed config files to run qmail, provides +wrappers for procmail, spamassassin, and rspamd and an example +mailer.conf, and installs NetBSD-style rc.d scripts. diff --git a/mail/qmail-run/INSTALL b/mail/qmail-run/INSTALL index 4cd2b09fe21..c933e81ef6c 100644 --- a/mail/qmail-run/INSTALL +++ b/mail/qmail-run/INSTALL @@ -8,18 +8,27 @@ case ${STAGE} in POST-INSTALL) cd ${PREFIX}/share/qmail/setup && ./config-fast `./hostname` - cd ${PKG_SYSCONFDIR}/alias && ${TOUCH} .qmail-postmaster .qmail-mailer-daemon .qmail-root - - for i in ofmip pop3 smtp; do - ${CHMOD} 644 ${PKG_SYSCONFDIR}/tcp.${i} - ${PREFIX}/bin/tcprules ${PKG_SYSCONFDIR}/tcp.${i}.cdb ${PKG_SYSCONFDIR}/tcp.${i}.tmp < ${PKG_SYSCONFDIR}/tcp.${i} - ${CHMOD} 644 ${PKG_SYSCONFDIR}/tcp.${i}.cdb + cd ${PKG_SYSCONFDIR}/control + for i in locals rcpthosts; do + ${SORT} -u ${i} > ${i}.tmp && mv ${i}.tmp ${i} done + cd ${PKG_SYSCONFDIR}/alias + for i in postmaster mailer-daemon root; do + ${TOUCH} .qmail-${i} + ${CHMOD} 644 .qmail-${i} + done if ! [ -z ${QMAIL_QUEUE_EXTRA} ]; then - ${ECHO} "$psmsg" >> ${PKG_SYSCONFDIR}/alias/.qmail-${QMAIL_QUEUE_EXTRA} - ${CHMOD} 644 ${PKG_SYSCONFDIR}/alias/.qmail-${QMAIL_QUEUE_EXTRA} + ${ECHO} "$psmsg" >> .qmail-${QMAIL_QUEUE_EXTRA} + ${CHMOD} 644 .qmail-${QMAIL_QUEUE_EXTRA} fi + cd ${PKG_SYSCONFDIR} + for i in ofmip pop3 smtp; do + ${CHMOD} 644 tcp.${i} + ${PREFIX}/bin/tcprules tcp.${i}.cdb tcp.${i}.tmp < tcp.${i} + ${CHMOD} 644 tcp.${i}.cdb + done + ;; esac diff --git a/mail/qmail-run/MESSAGE b/mail/qmail-run/MESSAGE index da73fa3a7f8..17116bb1f02 100644 --- a/mail/qmail-run/MESSAGE +++ b/mail/qmail-run/MESSAGE @@ -1,37 +1,32 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.9 2018/10/24 16:28:28 schmonz Exp $ +$NetBSD: MESSAGE,v 1.10 2018/10/27 19:16:16 schmonz Exp $ Please read ${PREFIX}/share/doc/qmail-run/README.pkgsrc. Assuming NetBSD-style mailwrapper(8) and rc(8), to enable qmail for... Local and outgoing deliveries: -- Check configuration in ${PKG_SYSCONFDIR} -- Replace /etc/mailer.conf with share/examples/qmail-run/mailer.conf -- Set qmailsend=YES in /etc/rc.conf +- Check configuration in ${PKG_SYSCONFDIR} (including ~${QMAIL_ALIAS_USER}). +- Replace /etc/mailer.conf with share/examples/qmail-run/mailer.conf. +- Set qmailsend=YES in /etc/rc.conf. Local non-root users to see the queue: -- Change the mailq entry in /etc/mailer.conf to qmail-qread-client -- Set qmailqread=YES in /etc/rc.conf +- Change the mailq entry in /etc/mailer.conf to qmail-qread-client. +- Set qmailqread=YES in /etc/rc.conf. Incoming SMTP deliveries: -- Set qmailsmtpd=YES in /etc/rc.conf - -Filtering incoming SMTP: -- List qmail-qfilter programs in ${PKG_SYSCONFDIR}/control/smtpfilters -- List qmail-rcptcheck programs in ${PKG_SYSCONFDIR}/control/rcptchecks +- Set qmailsmtpd=YES in /etc/rc.conf. +- Optionally list qmail-rcptcheck programs in control/rcptchecks. +- Optionally list qmail-qfilter programs in control/smtpfilters. Outgoing submissions with SMTP AUTH over TLS: -- Incorporate share/examples/qmail-run/stunnel.conf into stunnel.conf -- Set qmailofmipd=YES and stunnel=YES in /etc/rc.conf - -Filtering outgoing submissions: -- List qmail-qfilter programs in ${PKG_SYSCONFDIR}/control/ofmipfilters +- Set qmailofmipd=YES in /etc/rc.conf. +- Optionally list qmail-qfilter programs in control/ofmipfilters. User-controlled ofmipd address rewriting: -- Set qmailofmipd_ofmipdcmd=${PREFIX}/bin/ofmipd-with-user-cdb in /etc/rc.conf +- Set qmailofmipd_ofmipdcmd=${PREFIX}/bin/ofmipd-with-user-cdb in /etc/rc.conf. Fetching Maildirs via POP3: -- Set qmailpop3d=YES in /etc/rc.conf +- Set qmailpop3d=YES in /etc/rc.conf. =========================================================================== diff --git a/mail/qmail-run/Makefile b/mail/qmail-run/Makefile index f4feb393b0a..92b7d16ace5 100644 --- a/mail/qmail-run/Makefile +++ b/mail/qmail-run/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.50 2018/10/24 16:28:28 schmonz Exp $ +# $NetBSD: Makefile,v 1.51 2018/10/27 19:16:16 schmonz Exp $ # -DISTNAME= qmail-run-20181024 +DISTNAME= qmail-run-20181027 CATEGORIES= mail MASTER_SITES= # empty DISTFILES= # empty @@ -13,7 +13,7 @@ LICENSE= 2-clause-bsd DEPENDS+= pkg_alternatives-[0-9]*:../../pkgtools/pkg_alternatives DEPENDS_QMAIL= qmail>=1.03nb36:../../mail/qmail DEPENDS+= ${DEPENDS_QMAIL} -DEPENDS+= qmail-acceptutils-[0-9]*:../../mail/qmail-acceptutils +DEPENDS+= qmail-acceptutils>=20181027:../../mail/qmail-acceptutils DEPENDS+= qmail-qfilter>1.5nb1:../../mail/qmail-qfilter DEPENDS+= qmail-rejectutils-[0-9]*:../../mail/qmail-rejectutils @@ -21,15 +21,20 @@ WRKSRC= ${WRKDIR} NO_BUILD= yes NO_CHECKSUM= yes +FILES_SUBST+= QMAIL_ALIAS_USER=${QMAIL_ALIAS_USER:Q} FILES_SUBST+= QMAIL_DAEMON_USER=${QMAIL_DAEMON_USER:Q} FILES_SUBST+= QMAIL_LOG_USER=${QMAIL_LOG_USER:Q} FILES_SUBST+= QMAIL_SEND_USER=${QMAIL_SEND_USER:Q} FILES_SUBST+= QMAIL_QUEUE_EXTRA=${QMAIL_QUEUE_EXTRA:Q} FILES_SUBST+= PKGNAME=${PKGNAME:Q} +FILES_SUBST+= UCSPI_SSL_USER=${UCSPI_SSL_USER:Q} +FILES_SUBST+= UCSPI_SSL_GROUP=${UCSPI_SSL_GROUP:Q} +MESSAGE_SUBST+= QMAIL_ALIAS_USER=${QMAIL_ALIAS_USER:Q} MESSAGE_SUBST+= PKG_SYSCONFBASE=${PKG_SYSCONFBASE:Q} RCD_SCRIPTS= qmail qmailofmipd qmailpop3d qmailqread qmailsend qmailsmtpd .for f in defaultdelivery fixsmtpio signatures \ + pop3capabilities smtpcapabilities \ concurrencyincoming concurrencypop3 concurrencysubmission CONF_FILES+= ${PREFIX}/share/examples/qmail-run/${f} \ ${PKG_SYSCONFDIR}/control/${f} @@ -40,8 +45,10 @@ CONF_FILES+= ${PREFIX}/share/examples/qmail-run/${f} \ .endfor INSTALLATION_DIRS= bin share/doc/qmail-run share/examples/qmail-run -BUILD_DEFS+= QMAIL_DAEMON_USER QMAIL_LOG_USER QMAIL_SEND_USER +BUILD_DEFS+= QMAIL_ALIAS_USER QMAIL_DAEMON_USER +BUILD_DEFS+= QMAIL_LOG_USER QMAIL_SEND_USER BUILD_DEFS+= QMAIL_QUEUE_EXTRA PKG_SYSCONFBASE +BUILD_DEFS+= UCSPI_SSL_USER UCSPI_SSL_GROUP .include "../../mk/bsd.prefs.mk" @@ -68,8 +75,9 @@ SUBST_VARS.paths= PKGNAME PKG_SYSCONFDIR PREFIX SUBST_VARS.paths+= CAT ECHO GREP SED SH SORT TRUE post-extract: - for f in README.pkgsrc mailer.conf stunnel.conf \ + for f in README.pkgsrc mailer.conf \ defaultdelivery fixsmtpio signatures \ + pop3capabilities smtpcapabilities \ concurrencyincoming concurrencypop3 concurrencysubmission \ tcp.ofmip tcp.pop3 tcp.smtp; do \ ${CP} ${FILESDIR}/$$f ${WRKDIR}/$$f; \ @@ -89,6 +97,7 @@ do-install: ${INSTALL_DATA} ${WRKDIR}/README.pkgsrc \ ${DESTDIR}${PREFIX}/share/doc/qmail-run for f in defaultdelivery fixsmtpio signatures \ + pop3capabilities smtpcapabilities \ concurrencyincoming concurrencypop3 concurrencysubmission \ tcp.ofmip tcp.pop3 tcp.smtp; do \ ${INSTALL_DATA} ${WRKDIR}/$${f} \ @@ -96,7 +105,5 @@ do-install: done; \ ${INSTALL_DATA} ${WRKDIR}/mailer.conf \ ${DESTDIR}${PREFIX}/share/examples/qmail-run - ${INSTALL_DATA} ${WRKDIR}/stunnel.conf \ - ${DESTDIR}${PREFIX}/share/examples/qmail-run .include "../../mk/bsd.pkg.mk" diff --git a/mail/qmail-run/PLIST b/mail/qmail-run/PLIST index 9fcc9b2f021..fb005d69423 100644 --- a/mail/qmail-run/PLIST +++ b/mail/qmail-run/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.13 2018/10/24 16:28:28 schmonz Exp $ +@comment $NetBSD: PLIST,v 1.14 2018/10/27 19:16:16 schmonz Exp $ bin/ofmipd-with-user-cdb bin/qmail-isspam-rspamd bin/qmail-isspam-spamassassin @@ -11,8 +11,9 @@ share/examples/qmail-run/concurrencysubmission share/examples/qmail-run/defaultdelivery share/examples/qmail-run/fixsmtpio share/examples/qmail-run/mailer.conf +share/examples/qmail-run/pop3capabilities share/examples/qmail-run/signatures -share/examples/qmail-run/stunnel.conf +share/examples/qmail-run/smtpcapabilities share/examples/qmail-run/tcp.ofmip share/examples/qmail-run/tcp.pop3 share/examples/qmail-run/tcp.smtp diff --git a/mail/qmail-run/files/pop3capabilities b/mail/qmail-run/files/pop3capabilities new file mode 100644 index 00000000000..9caf50479f1 --- /dev/null +++ b/mail/qmail-run/files/pop3capabilities @@ -0,0 +1,2 @@ +TOP +UIDL diff --git a/mail/qmail-run/files/qmailofmipd.sh b/mail/qmail-run/files/qmailofmipd.sh index 9c972703db7..a203f260c81 100644 --- a/mail/qmail-run/files/qmailofmipd.sh +++ b/mail/qmail-run/files/qmailofmipd.sh @@ -1,6 +1,6 @@ #!@RCD_SCRIPTS_SHELL@ # -# $NetBSD: qmailofmipd.sh,v 1.10 2018/10/24 15:46:54 schmonz Exp $ +# $NetBSD: qmailofmipd.sh,v 1.11 2018/10/27 19:16:16 schmonz Exp $ # # @PKGNAME@ script to control ofmipd (SMTP submission service). # @@ -11,13 +11,13 @@ name="qmailofmipd" # User-settable rc.conf variables and their default values: -: ${qmailofmipd_postenv:=""} -: ${qmailofmipd_tcpflags:="-vRl0"} -: ${qmailofmipd_tcphost:="127.0.0.1"} -: ${qmailofmipd_tcpport:="26"} -: ${qmailofmipd_datalimit:="180000000"} +: ${qmailofmipd_postenv:="@SETENV@ SSL_UID=$(@ID@ -u @UCSPI_SSL_USER@) SSL_GID=$(@ID@ -g @UCSPI_SSL_GROUP@)"} +: ${qmailofmipd_tcpflags:="-neV -vRl0"} +: ${qmailofmipd_tcphost:="0.0.0.0"} +: ${qmailofmipd_tcpport:="587"} +: ${qmailofmipd_datalimit:="360000000"} : ${qmailofmipd_pretcpserver:=""} -: ${qmailofmipd_tcpserver:="@PREFIX@/bin/tcpserver"} +: ${qmailofmipd_tcpserver:="@PREFIX@/bin/sslserver"} : ${qmailofmipd_preofmipd:=""} : ${qmailofmipd_ofmipdcmd:="@PREFIX@/bin/ofmipd"} : ${qmailofmipd_checkpassword:="@PREFIX@/bin/nbcheckpassword"} diff --git a/mail/qmail-run/files/smtpcapabilities b/mail/qmail-run/files/smtpcapabilities new file mode 100644 index 00000000000..26d843f559e --- /dev/null +++ b/mail/qmail-run/files/smtpcapabilities @@ -0,0 +1,2 @@ +PIPELINING +8BITMIME diff --git a/mail/qmail-run/files/stunnel.conf b/mail/qmail-run/files/stunnel.conf deleted file mode 100644 index c8109db504e..00000000000 --- a/mail/qmail-run/files/stunnel.conf +++ /dev/null @@ -1,13 +0,0 @@ -# $NetBSD: stunnel.conf,v 1.1 2017/01/09 04:58:09 schmonz Exp $ -# -# Export qmail-ofmipd as a TLS-enabled SMTP submission service. -# -debug = mail.info -cert = /etc/openssl/certs/yourdomain.crt -key = /etc/openssl/private/yourdomain.key -options = NO_SSLv2 - -[submission] -accept = submission -connect = localhost:26 -protocol = smtp diff --git a/mail/qmail-run/files/tcp.ofmip b/mail/qmail-run/files/tcp.ofmip index 1c1ef68f38f..d02d1ea39b1 100644 --- a/mail/qmail-run/files/tcp.ofmip +++ b/mail/qmail-run/files/tcp.ofmip @@ -1,2 +1,2 @@ 127.:allow,RELAYCLIENT="" -:allow,QMAILQUEUE="@PREFIX@/bin/qmail-qfilter-ofmipd-queue" +:allow,QMAILQUEUE="@PREFIX@/bin/qmail-qfilter-ofmipd-queue",UCSPITLS="!",CERTFILE="@PKG_SYSCONFDIR@/control/servercert.pem" -- cgit v1.2.3