Thu Nov 8 20:57:28 2018 UTC ()
Bump acceptutils dependency to get STARTTLS support in fixsmtpio(8)
(obviating the need for qmail-smtpd(8) to be patched to link OpenSSL).

Make TLS configurable for submission, POP3, and now also incoming SMTP:

- "yes"  (startup will fail if cert or DH params are missing)
- "no"   (even if they're present, don't offer TLS)
- "auto" (the default: offer TLS iff they're present)

Mention TLS setup in MESSAGE.

Delay SMTP greeting by 2 seconds. Enable zen.spamhaus.org RBL.

Bump version.


(schmonz)
diff -r1.11 -r1.12 pkgsrc/mail/qmail-run/MESSAGE
diff -r1.54 -r1.55 pkgsrc/mail/qmail-run/Makefile
diff -r1.1 -r1.2 pkgsrc/mail/qmail-run/files/fixsmtpio
diff -r1.1 -r1.2 pkgsrc/mail/qmail-run/files/tcp.smtp
diff -r1.14 -r1.15 pkgsrc/mail/qmail-run/files/qmailofmipd.sh
diff -r1.23 -r1.24 pkgsrc/mail/qmail-run/files/qmailpop3d.sh
diff -r1.19 -r1.20 pkgsrc/mail/qmail-run/files/qmailsmtpd.sh
diff -r1.3 -r1.4 pkgsrc/mail/qmail-run/files/tcp.ofmip
cvs diff -r1.11 -r1.12 pkgsrc/mail/qmail-run/MESSAGE (expand / switch to unified diff)

--- pkgsrc/mail/qmail-run/MESSAGE 2018/10/28 15:01:57 1.11
+++ pkgsrc/mail/qmail-run/MESSAGE 2018/11/08 20:57:28 1.12
@@ -1,32 +1,35 @@ @@ -1,32 +1,35 @@
1=========================================================================== 1===========================================================================
2$NetBSD: MESSAGE,v 1.11 2018/10/28 15:01:57 schmonz Exp $ 2$NetBSD: MESSAGE,v 1.12 2018/11/08 20:57:28 schmonz Exp $
3 3
4Please read ${PREFIX}/share/doc/qmail-run/README.pkgsrc. 4Please read ${PREFIX}/share/doc/qmail-run/README.pkgsrc.
5 5
6Assuming NetBSD-style mailwrapper(8) and rc(8), to enable qmail for... 6Assuming NetBSD-style mailwrapper(8) and rc(8), to enable qmail for...
7 7
8Local and outgoing deliveries: 8Local and outgoing deliveries:
9- Check configuration in ${PKG_SYSCONFDIR} (including alias/.qmail-*). 9- Check configuration in ${PKG_SYSCONFDIR} (including alias/.qmail-*).
10- Replace /etc/mailer.conf with share/examples/qmail-run/mailer.conf. 10- Replace /etc/mailer.conf with share/examples/qmail-run/mailer.conf.
11- Set qmailsend=YES in /etc/rc.conf. 11- Set qmailsend=YES in /etc/rc.conf.
12 12
13Local non-root users to see the queue: 13Local non-root users to see the queue:
14- Change the mailq entry in /etc/mailer.conf to qmail-qread-client. 14- Change the mailq entry in /etc/mailer.conf to qmail-qread-client.
15- Set qmailqread=YES in /etc/rc.conf. 15- Set qmailqread=YES in /etc/rc.conf.
16 16
17Incoming SMTP deliveries: 17Incoming SMTP deliveries:
18- Set qmailsmtpd=YES in /etc/rc.conf. 18- Set qmailsmtpd=YES in /etc/rc.conf.
19- Optionally list qmail-rcptcheck programs in control/rcptchecks. 19- Optionally list qmail-rcptcheck programs in control/rcptchecks.
20- Optionally list qmail-qfilter programs in control/smtpfilters. 20- Optionally list qmail-qfilter programs in control/smtpfilters.
21 21
22Outgoing submissions with SMTP AUTH over TLS: 22Outgoing authentication-only submission:
23- Set qmailofmipd=YES in /etc/rc.conf. 23- Set qmailofmipd=YES in /etc/rc.conf.
24- Optionally list qmail-qfilter programs in control/ofmipfilters. 24- Optionally list qmail-qfilter programs in control/ofmipfilters.
25 25
26User-controlled ofmipd address rewriting: 26User-controlled ofmipd address rewriting:
27- Set qmailofmipd_ofmipdcmd=${PREFIX}/bin/ofmipd-with-user-cdb in /etc/rc.conf. 27- Set qmailofmipd_ofmipdcmd=${PREFIX}/bin/ofmipd-with-user-cdb in /etc/rc.conf.
28 28
29Fetching Maildirs via POP3: 29Fetching Maildirs via POP3:
30- Set qmailpop3d=YES in /etc/rc.conf. 30- Set qmailpop3d=YES in /etc/rc.conf.
31 31
 32TLS for incoming and outgoing SMTP, submission, and POP3:
 33- Create cert and DH params as instructed by the qmail package.
 34
32=========================================================================== 35===========================================================================
cvs diff -r1.54 -r1.55 pkgsrc/mail/qmail-run/Makefile (expand / switch to unified diff)

--- pkgsrc/mail/qmail-run/Makefile 2018/11/03 17:08:26 1.54
+++ pkgsrc/mail/qmail-run/Makefile 2018/11/08 20:57:28 1.55
@@ -1,29 +1,30 @@ @@ -1,29 +1,30 @@
1# $NetBSD: Makefile,v 1.54 2018/11/03 17:08:26 schmonz Exp $ 1# $NetBSD: Makefile,v 1.55 2018/11/08 20:57:28 schmonz Exp $
2# 2#
3 3
4DISTNAME= qmail-run-20181103 4DISTNAME= qmail-run-20181108
5CATEGORIES= mail 5CATEGORIES= mail
6MASTER_SITES= # empty 6MASTER_SITES= # empty
7DISTFILES= # empty 7DISTFILES= # empty
8 8
9MAINTAINER= schmonz@NetBSD.org 9MAINTAINER= schmonz@NetBSD.org
10COMMENT= Configures qmail to receive and deliver mail 10COMMENT= Configures qmail to receive and deliver mail
11LICENSE= 2-clause-bsd 11LICENSE= 2-clause-bsd
12 12
 13DEPENDS+= greetdelay-[0-9]*:../../mail/greetdelay
13DEPENDS+= pkg_alternatives-[0-9]*:../../pkgtools/pkg_alternatives 14DEPENDS+= pkg_alternatives-[0-9]*:../../pkgtools/pkg_alternatives
14DEPENDS_QMAIL= qmail>=1.03nb36:../../mail/qmail 15DEPENDS_QMAIL= qmail>=1.03nb36:../../mail/qmail
15DEPENDS+= ${DEPENDS_QMAIL} 16DEPENDS+= ${DEPENDS_QMAIL}
16DEPENDS+= qmail-acceptutils>=20181027:../../mail/qmail-acceptutils 17DEPENDS+= qmail-acceptutils>=20181108:../../mail/qmail-acceptutils
17DEPENDS+= qmail-qfilter>1.5nb1:../../mail/qmail-qfilter 18DEPENDS+= qmail-qfilter>1.5nb1:../../mail/qmail-qfilter
18DEPENDS+= qmail-rejectutils-[0-9]*:../../mail/qmail-rejectutils 19DEPENDS+= qmail-rejectutils-[0-9]*:../../mail/qmail-rejectutils
19 20
20WRKSRC= ${WRKDIR} 21WRKSRC= ${WRKDIR}
21NO_BUILD= yes 22NO_BUILD= yes
22NO_CHECKSUM= yes 23NO_CHECKSUM= yes
23 24
24FILES_SUBST+= QMAIL_DAEMON_USER=${QMAIL_DAEMON_USER:Q} 25FILES_SUBST+= QMAIL_DAEMON_USER=${QMAIL_DAEMON_USER:Q}
25FILES_SUBST+= QMAIL_LOG_USER=${QMAIL_LOG_USER:Q} 26FILES_SUBST+= QMAIL_LOG_USER=${QMAIL_LOG_USER:Q}
26FILES_SUBST+= QMAIL_SEND_USER=${QMAIL_SEND_USER:Q} 27FILES_SUBST+= QMAIL_SEND_USER=${QMAIL_SEND_USER:Q}
27FILES_SUBST+= QMAIL_QUEUE_EXTRA=${QMAIL_QUEUE_EXTRA:Q} 28FILES_SUBST+= QMAIL_QUEUE_EXTRA=${QMAIL_QUEUE_EXTRA:Q}
28FILES_SUBST+= PKGNAME=${PKGNAME:Q} 29FILES_SUBST+= PKGNAME=${PKGNAME:Q}
29FILES_SUBST+= UCSPI_SSL_USER=${UCSPI_SSL_USER:Q} 30FILES_SUBST+= UCSPI_SSL_USER=${UCSPI_SSL_USER:Q}
cvs diff -r1.1 -r1.2 pkgsrc/mail/qmail-run/files/fixsmtpio (expand / switch to unified diff)

--- pkgsrc/mail/qmail-run/files/fixsmtpio 2018/10/24 15:46:54 1.1
+++ pkgsrc/mail/qmail-run/files/fixsmtpio 2018/11/08 20:57:28 1.2
@@ -20,20 +20,16 @@ @@ -20,20 +20,16 @@
20# SMTP conversation already in progress, replace greeting 20# SMTP conversation already in progress, replace greeting
21AUTHUP_USER:greeting::2*::235 ok, go ahead (#2.0.0) 21AUTHUP_USER:greeting::2*::235 ok, go ahead (#2.0.0)
22 22
23# If client closes connection, tell authup the session succeeded 23# If client closes connection, tell authup the session succeeded
24AUTHUP_USER:clienteof::*:0: 24AUTHUP_USER:clienteof::*:0:
25 25
26# If server greets us unhappily, preserve message, and tell authup to stop trying 26# If server greets us unhappily, preserve message, and tell authup to stop trying
27AUTHUP_USER:greeting::4*:14:&fixsmtpio_noop 27AUTHUP_USER:greeting::4*:14:&fixsmtpio_noop
28AUTHUP_USER:greeting::5*:15:&fixsmtpio_noop 28AUTHUP_USER:greeting::5*:15:&fixsmtpio_noop
29 29
30# If server times out, hide message, and tell authup to stop trying 30# If server times out, hide message, and tell authup to stop trying
31AUTHUP_USER:timeout::*:16: 31AUTHUP_USER:timeout::*:16:
32 32
33# Don't permit server to advertise further AUTH or STARTTLS 33# Don't permit server to advertise or respond to further AUTH
34AUTHUP_USER:ehlo::250?AUTH*:: 34AUTHUP_USER:ehlo::250?AUTH*::
35AUTHUP_USER:ehlo::250?STARTTLS:: 
36 
37# Don't permit client to initiate further AUTH or STARTTLS 
38AUTHUP_USER:auth:NOOP :*::502 unimplemented (#5.5.1) 35AUTHUP_USER:auth:NOOP :*::502 unimplemented (#5.5.1)
39AUTHUP_USER:starttls:NOOP :*::502 unimplemented (#5.5.1) 
cvs diff -r1.1 -r1.2 pkgsrc/mail/qmail-run/files/Attic/tcp.smtp (expand / switch to unified diff)

--- pkgsrc/mail/qmail-run/files/Attic/tcp.smtp 2018/10/24 15:46:54 1.1
+++ pkgsrc/mail/qmail-run/files/Attic/tcp.smtp 2018/11/08 20:57:28 1.2
@@ -1,2 +1,2 @@ @@ -1,2 +1,2 @@
1127.:allow,RELAYCLIENT="" 1127.:allow,RELAYCLIENT=""
2:allow,QMAILQUEUE="@PREFIX@/bin/qmail-qfilter-smtpd-queue",RCPTCHECK="@PREFIX@/bin/qmail-rcptcheck" 2:allow,UCSPITLS="",GREETDELAY="2",QMAILQUEUE="@PREFIX@/bin/qmail-qfilter-smtpd-queue",RCPTCHECK="@PREFIX@/bin/qmail-rcptcheck"
cvs diff -r1.14 -r1.15 pkgsrc/mail/qmail-run/files/qmailofmipd.sh (expand / switch to unified diff)

--- pkgsrc/mail/qmail-run/files/qmailofmipd.sh 2018/11/03 17:08:26 1.14
+++ pkgsrc/mail/qmail-run/files/qmailofmipd.sh 2018/11/08 20:57:28 1.15
@@ -1,69 +1,94 @@ @@ -1,69 +1,94 @@
1#!@RCD_SCRIPTS_SHELL@ 1#!@RCD_SCRIPTS_SHELL@
2# 2#
3# $NetBSD: qmailofmipd.sh,v 1.14 2018/11/03 17:08:26 schmonz Exp $ 3# $NetBSD: qmailofmipd.sh,v 1.15 2018/11/08 20:57:28 schmonz Exp $
4# 4#
5# @PKGNAME@ script to control ofmipd (SMTP submission service). 5# @PKGNAME@ script to control ofmipd (SMTP submission service).
6# 6#
7 7
8# PROVIDE: qmailofmipd mail 8# PROVIDE: qmailofmipd mail
9# REQUIRE: qmailsend 9# REQUIRE: qmailsend
10 10
11name="qmailofmipd" 11name="qmailofmipd"
12 12
13# User-settable rc.conf variables and their default values: 13# User-settable rc.conf variables and their default values:
14: ${qmailofmipd_postenv:="SSL_UID=$(@ID@ -u @UCSPI_SSL_USER@) SSL_GID=$(@ID@ -g @UCSPI_SSL_GROUP@) DHFILE=@PKG_SYSCONFDIR@/control/dh2048.pem CERTFILE=@PKG_SYSCONFDIR@/control/servercert.pem"} 14: ${qmailofmipd_postenv:="SSL_UID=$(@ID@ -u @UCSPI_SSL_USER@) SSL_GID=$(@ID@ -g @UCSPI_SSL_GROUP@)"}
15: ${qmailofmipd_tcpflags:="-ne -vRl0"} 15: ${qmailofmipd_tcpflags:="-ne -vRl0"}
16: ${qmailofmipd_tcphost:="0.0.0.0"} 16: ${qmailofmipd_tcphost:="0.0.0.0"}
17: ${qmailofmipd_tcpport:="587"} 17: ${qmailofmipd_tcpport:="587"}
18: ${qmailofmipd_datalimit:="360000000"} 18: ${qmailofmipd_datalimit:="360000000"}
19: ${qmailofmipd_pretcpserver:=""} 19: ${qmailofmipd_pretcpserver:=""}
20: ${qmailofmipd_tcpserver:="@PREFIX@/bin/sslserver"} 20: ${qmailofmipd_tcpserver:="@PREFIX@/bin/sslserver"}
21: ${qmailofmipd_preofmipd:=""} 21: ${qmailofmipd_preofmipd:=""}
22: ${qmailofmipd_ofmipdcmd:="@PREFIX@/bin/ofmipd"} 22: ${qmailofmipd_ofmipdcmd:="@PREFIX@/bin/ofmipd"}
23: ${qmailofmipd_checkpassword:="@PREFIX@/bin/nbcheckpassword"} 23: ${qmailofmipd_checkpassword:="@PREFIX@/bin/nbcheckpassword"}
24: ${qmailofmipd_postofmipd:=""} 24: ${qmailofmipd_postofmipd:=""}
25: ${qmailofmipd_log:="YES"} 25: ${qmailofmipd_log:="YES"}
26: ${qmailofmipd_logcmd:="logger -t nbqmail/ofmipd -p mail.info"} 26: ${qmailofmipd_logcmd:="logger -t nbqmail/ofmipd -p mail.info"}
27: ${qmailofmipd_nologcmd:="@PREFIX@/bin/multilog -*"} 27: ${qmailofmipd_nologcmd:="@PREFIX@/bin/multilog -*"}
 28: ${qmailofmipd_tls:="auto"}
 29: ${qmailofmipd_tls_dhparams:="@PKG_SYSCONFDIR@/control/dh2048.pem"}
 30: ${qmailofmipd_tls_cert:="@PKG_SYSCONFDIR@/control/servercert.pem"}
28 31
29if [ -f /etc/rc.subr ]; then 32if [ -f /etc/rc.subr ]; then
30 . /etc/rc.subr 33 . /etc/rc.subr
31fi 34fi
32 35
33rcvar=${name} 36rcvar=${name}
34required_files="@PKG_SYSCONFDIR@/control/dh2048.pem" 37required_files="@PKG_SYSCONFDIR@/control/me"
35required_files="${required_files} @PKG_SYSCONFDIR@/control/servercert.pem" 
36required_files="${required_files} @PKG_SYSCONFDIR@/control/me" 
37required_files="${required_files} @PKG_SYSCONFDIR@/control/concurrencysubmission" 38required_files="${required_files} @PKG_SYSCONFDIR@/control/concurrencysubmission"
38required_files="${required_files} @PKG_SYSCONFDIR@/control/rcpthosts" 39required_files="${required_files} @PKG_SYSCONFDIR@/control/rcpthosts"
39required_files="${required_files} @PKG_SYSCONFDIR@/control/smtpcapabilities" 40required_files="${required_files} @PKG_SYSCONFDIR@/control/smtpcapabilities"
40required_files="${required_files} @PKG_SYSCONFDIR@/control/fixsmtpio" 41required_files="${required_files} @PKG_SYSCONFDIR@/control/fixsmtpio"
41required_files="${required_files} @PKG_SYSCONFDIR@/tcp.ofmip.cdb" 42required_files="${required_files} @PKG_SYSCONFDIR@/tcp.ofmip.cdb"
42command="${qmailofmipd_tcpserver}" 43command="${qmailofmipd_tcpserver}"
43procname=nb${name} 44procname=nb${name}
44start_precmd="qmailofmipd_precmd" 45start_precmd="qmailofmipd_precmd"
45extra_commands="stat pause cont cdb reload" 46extra_commands="stat pause cont cdb reload"
46stat_cmd="qmailofmipd_stat" 47stat_cmd="qmailofmipd_stat"
47pause_cmd="qmailofmipd_pause" 48pause_cmd="qmailofmipd_pause"
48cont_cmd="qmailofmipd_cont" 49cont_cmd="qmailofmipd_cont"
49cdb_cmd="qmailofmipd_cdb" 50cdb_cmd="qmailofmipd_cdb"
50reload_cmd=${cdb_cmd} 51reload_cmd=${cdb_cmd}
51 52
 53qmailofmipd_configure_tls() {
 54 if [ "auto" = "${qmailofmipd_tls}" ]; then
 55 if [ -f "${qmailofmipd_tls_dhparams}" ] && [ -f "${qmailofmipd_tls_cert}" ]; then
 56 qmailofmipd_enable_tls
 57 else
 58 qmailofmipd_disable_tls
 59 fi
 60 elif [ -f /etc/rc.subr ] && checkyesno qmailofmipd_tls; then
 61 qmailofmipd_enable_tls
 62 else
 63 qmailofmipd_disable_tls
 64 fi
 65}
 66
 67qmailofmipd_disable_tls() {
 68 qmailofmipd_postenv="${qmailofmipd_postenv} DISABLETLS=1"
 69}
 70
 71qmailofmipd_enable_tls() {
 72 qmailofmipd_postenv="${qmailofmipd_postenv} DHFILE=${qmailofmipd_tls_dhparams}"
 73 qmailofmipd_postenv="${qmailofmipd_postenv} CERTFILE=${qmailofmipd_tls_cert}"
 74}
 75
52qmailofmipd_precmd() 76qmailofmipd_precmd()
53{ 77{
54 if [ -f /etc/rc.subr ] && ! checkyesno qmailofmipd_log; then 78 if [ -f /etc/rc.subr ] && ! checkyesno qmailofmipd_log; then
55 qmailofmipd_logcmd=${qmailofmipd_nologcmd} 79 qmailofmipd_logcmd=${qmailofmipd_nologcmd}
56 fi 80 fi
 81 qmailofmipd_configure_tls
57 # tcpserver(1) is akin to inetd(8), but runs one service per process. 82 # tcpserver(1) is akin to inetd(8), but runs one service per process.
58 # We want to signal only the tcpserver process responsible for this 83 # We want to signal only the tcpserver process responsible for this
59 # service. Use argv0(1) to set procname to "nbqmailofmipd". 84 # service. Use argv0(1) to set procname to "nbqmailofmipd".
60 command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailofmipd_postenv} 85 command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailofmipd_postenv}
61@PREFIX@/bin/softlimit -m ${qmailofmipd_datalimit} ${qmailofmipd_pretcpserver} 86@PREFIX@/bin/softlimit -m ${qmailofmipd_datalimit} ${qmailofmipd_pretcpserver}
62@PREFIX@/bin/argv0 ${qmailofmipd_tcpserver} ${procname} 87@PREFIX@/bin/argv0 ${qmailofmipd_tcpserver} ${procname}
63${qmailofmipd_tcpflags} -x @PKG_SYSCONFDIR@/tcp.ofmip.cdb 88${qmailofmipd_tcpflags} -x @PKG_SYSCONFDIR@/tcp.ofmip.cdb
64-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencysubmission` 89-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencysubmission`
65${qmailofmipd_tcphost} ${qmailofmipd_tcpport} 90${qmailofmipd_tcphost} ${qmailofmipd_tcpport}
66@PREFIX@/bin/reup -t 5 @PREFIX@/bin/authup smtp 91@PREFIX@/bin/reup -t 5 @PREFIX@/bin/authup smtp
67${qmailofmipd_checkpassword} @PREFIX@/bin/checknotroot @PREFIX@/bin/fixsmtpio 92${qmailofmipd_checkpassword} @PREFIX@/bin/checknotroot @PREFIX@/bin/fixsmtpio
68${qmailofmipd_preofmipd} ${qmailofmipd_ofmipdcmd} ${qmailofmipd_postofmipd} 93${qmailofmipd_preofmipd} ${qmailofmipd_ofmipdcmd} ${qmailofmipd_postofmipd}
692>&1 | 942>&1 |
cvs diff -r1.23 -r1.24 pkgsrc/mail/qmail-run/files/qmailpop3d.sh (expand / switch to unified diff)

--- pkgsrc/mail/qmail-run/files/qmailpop3d.sh 2018/11/03 17:08:26 1.23
+++ pkgsrc/mail/qmail-run/files/qmailpop3d.sh 2018/11/08 20:57:28 1.24
@@ -1,66 +1,91 @@ @@ -1,66 +1,91 @@
1#!@RCD_SCRIPTS_SHELL@ 1#!@RCD_SCRIPTS_SHELL@
2# 2#
3# $NetBSD: qmailpop3d.sh,v 1.23 2018/11/03 17:08:26 schmonz Exp $ 3# $NetBSD: qmailpop3d.sh,v 1.24 2018/11/08 20:57:28 schmonz Exp $
4# 4#
5# @PKGNAME@ script to control qmail-pop3d (POP3 server for Maildirs). 5# @PKGNAME@ script to control qmail-pop3d (POP3 server for Maildirs).
6# 6#
7 7
8# PROVIDE: qmailpop3d mail 8# PROVIDE: qmailpop3d mail
9 9
10name="qmailpop3d" 10name="qmailpop3d"
11 11
12# User-settable rc.conf variables and their default values: 12# User-settable rc.conf variables and their default values:
13: ${qmailpop3d_postenv:="SSL_UID=$(@ID@ -u @UCSPI_SSL_USER@) SSL_GID=$(@ID@ -g @UCSPI_SSL_GROUP@) DHFILE=@PKG_SYSCONFDIR@/control/dh2048.pem CERTFILE=@PKG_SYSCONFDIR@/control/servercert.pem"} 13: ${qmailpop3d_postenv:="SSL_UID=$(@ID@ -u @UCSPI_SSL_USER@) SSL_GID=$(@ID@ -g @UCSPI_SSL_GROUP@)"}
14: ${qmailpop3d_tcpflags:="-ne -vRl0"} 14: ${qmailpop3d_tcpflags:="-ne -vRl0"}
15: ${qmailpop3d_tcphost:="0.0.0.0"} 15: ${qmailpop3d_tcphost:="0.0.0.0"}
16: ${qmailpop3d_tcpport:="110"} 16: ${qmailpop3d_tcpport:="110"}
17: ${qmailpop3d_datalimit:="180000000"} 17: ${qmailpop3d_datalimit:="180000000"}
18: ${qmailpop3d_pretcpserver:=""} 18: ${qmailpop3d_pretcpserver:=""}
19: ${qmailpop3d_tcpserver:="@PREFIX@/bin/sslserver"} 19: ${qmailpop3d_tcpserver:="@PREFIX@/bin/sslserver"}
20: ${qmailpop3d_prepop3d:=""} 20: ${qmailpop3d_prepop3d:=""}
21: ${qmailpop3d_pop3dcmd:="@PREFIX@/bin/qmail-pop3d"} 21: ${qmailpop3d_pop3dcmd:="@PREFIX@/bin/qmail-pop3d"}
22: ${qmailpop3d_checkpassword:="@PREFIX@/bin/nbcheckpassword"} 22: ${qmailpop3d_checkpassword:="@PREFIX@/bin/nbcheckpassword"}
23: ${qmailpop3d_maildirname:="Maildir"} 23: ${qmailpop3d_maildirname:="Maildir"}
24: ${qmailpop3d_log:="YES"} 24: ${qmailpop3d_log:="YES"}
25: ${qmailpop3d_logcmd:="logger -t nbqmail/pop3d -p mail.info"} 25: ${qmailpop3d_logcmd:="logger -t nbqmail/pop3d -p mail.info"}
26: ${qmailpop3d_nologcmd:="@PREFIX@/bin/multilog -*"} 26: ${qmailpop3d_nologcmd:="@PREFIX@/bin/multilog -*"}
 27: ${qmailpop3d_tls:="auto"}
 28: ${qmailpop3pd_tls_dhparams:="@PKG_SYSCONFDIR@/control/dh2048.pem"}
 29: ${qmailpop3pd_tls_cert:="@PKG_SYSCONFDIR@/control/servercert.pem"}
27 30
28if [ -f /etc/rc.subr ]; then 31if [ -f /etc/rc.subr ]; then
29 . /etc/rc.subr 32 . /etc/rc.subr
30fi 33fi
31 34
32rcvar=${name} 35rcvar=${name}
33required_files="@PKG_SYSCONFDIR@/control/dh2048.pem" 36required_files="@PKG_SYSCONFDIR@/control/me"
34required_files="${required_files} @PKG_SYSCONFDIR@/control/servercert.pem" 
35required_files="${required_files} @PKG_SYSCONFDIR@/control/me" 
36required_files="${required_files} @PKG_SYSCONFDIR@/control/concurrencypop3" 37required_files="${required_files} @PKG_SYSCONFDIR@/control/concurrencypop3"
37required_files="${required_files} @PKG_SYSCONFDIR@/control/pop3capabilities" 38required_files="${required_files} @PKG_SYSCONFDIR@/control/pop3capabilities"
38required_files="${required_files} @PKG_SYSCONFDIR@/tcp.pop3.cdb" 39required_files="${required_files} @PKG_SYSCONFDIR@/tcp.pop3.cdb"
39command="${qmailpop3d_tcpserver}" 40command="${qmailpop3d_tcpserver}"
40procname=nb${name} 41procname=nb${name}
41start_precmd="qmailpop3d_precmd" 42start_precmd="qmailpop3d_precmd"
42extra_commands="stat pause cont cdb reload" 43extra_commands="stat pause cont cdb reload"
43stat_cmd="qmailpop3d_stat" 44stat_cmd="qmailpop3d_stat"
44pause_cmd="qmailpop3d_pause" 45pause_cmd="qmailpop3d_pause"
45cont_cmd="qmailpop3d_cont" 46cont_cmd="qmailpop3d_cont"
46cdb_cmd="qmailpop3d_cdb" 47cdb_cmd="qmailpop3d_cdb"
47reload_cmd=${cdb_cmd} 48reload_cmd=${cdb_cmd}
48 49
 50qmailpop3d_configure_tls() {
 51 if [ "auto" = "${qmailpop3d_tls}" ]; then
 52 if [ -f "${qmailpop3d_tls_dhparams}" ] && [ -f "${qmailpop3d_tls_cert}" ]; then
 53 qmailpop3d_enable_tls
 54 else
 55 qmailpop3d_disable_tls
 56 fi
 57 elif [ -f /etc/rc.subr ] && checkyesno qmailpop3d_tls; then
 58 qmailpop3d_enable_tls
 59 else
 60 qmailpop3d_disable_tls
 61 fi
 62}
 63
 64qmailpop3d_disable_tls() {
 65 qmailpop3d_postenv="${qmailpop3d_postenv} DISABLETLS=1"
 66}
 67
 68qmailpop3d_enable_tls() {
 69 qmailpop3d_postenv="${qmailpop3d_postenv} DHFILE=${qmailpop3d_tls_dhparams}"
 70 qmailpop3d_postenv="${qmailpop3d_postenv} CERTFILE=${qmailpop3d_tls_cert}"
 71}
 72
49qmailpop3d_precmd() 73qmailpop3d_precmd()
50{ 74{
51 if [ -f /etc/rc.subr ] && ! checkyesno qmailpop3d_log; then 75 if [ -f /etc/rc.subr ] && ! checkyesno qmailpop3d_log; then
52 qmailpop3d_logcmd=${qmailpop3d_nologcmd} 76 qmailpop3d_logcmd=${qmailpop3d_nologcmd}
53 fi 77 fi
 78 qmailpop3d_configure_tls
54 # tcpserver(1) is akin to inetd(8), but runs one service per process. 79 # tcpserver(1) is akin to inetd(8), but runs one service per process.
55 # We want to signal only the tcpserver process responsible for this 80 # We want to signal only the tcpserver process responsible for this
56 # service. Use argv0(1) to set procname to "nbqmailpop3d". 81 # service. Use argv0(1) to set procname to "nbqmailpop3d".
57 command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailpop3d_postenv} 82 command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailpop3d_postenv}
58@PREFIX@/bin/softlimit -m ${qmailpop3d_datalimit} ${qmailpop3d_pretcpserver} 83@PREFIX@/bin/softlimit -m ${qmailpop3d_datalimit} ${qmailpop3d_pretcpserver}
59@PREFIX@/bin/argv0 ${qmailpop3d_tcpserver} ${procname} 84@PREFIX@/bin/argv0 ${qmailpop3d_tcpserver} ${procname}
60${qmailpop3d_tcpflags} -x @PKG_SYSCONFDIR@/tcp.pop3.cdb 85${qmailpop3d_tcpflags} -x @PKG_SYSCONFDIR@/tcp.pop3.cdb
61-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencypop3` 86-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencypop3`
62${qmailpop3d_tcphost} ${qmailpop3d_tcpport} 87${qmailpop3d_tcphost} ${qmailpop3d_tcpport}
63@PREFIX@/bin/authup pop3 88@PREFIX@/bin/authup pop3
64${qmailpop3d_checkpassword} @PREFIX@/bin/checknotroot 89${qmailpop3d_checkpassword} @PREFIX@/bin/checknotroot
65${qmailpop3d_prepop3d} ${qmailpop3d_pop3dcmd} ${qmailpop3d_maildirname} 90${qmailpop3d_prepop3d} ${qmailpop3d_pop3dcmd} ${qmailpop3d_maildirname}
662>&1 | 912>&1 |
cvs diff -r1.19 -r1.20 pkgsrc/mail/qmail-run/files/qmailsmtpd.sh (expand / switch to unified diff)

--- pkgsrc/mail/qmail-run/files/qmailsmtpd.sh 2018/11/03 17:08:26 1.19
+++ pkgsrc/mail/qmail-run/files/qmailsmtpd.sh 2018/11/08 20:57:28 1.20
@@ -1,63 +1,91 @@ @@ -1,63 +1,91 @@
1#!@RCD_SCRIPTS_SHELL@ 1#!@RCD_SCRIPTS_SHELL@
2# 2#
3# $NetBSD: qmailsmtpd.sh,v 1.19 2018/11/03 17:08:26 schmonz Exp $ 3# $NetBSD: qmailsmtpd.sh,v 1.20 2018/11/08 20:57:28 schmonz Exp $
4# 4#
5# @PKGNAME@ script to control qmail-smtpd (SMTP service). 5# @PKGNAME@ script to control qmail-smtpd (SMTP service).
6# 6#
7 7
8# PROVIDE: qmailsmtpd mail 8# PROVIDE: qmailsmtpd mail
9# REQUIRE: qmailsend 9# REQUIRE: qmailsend
10 10
11name="qmailsmtpd" 11name="qmailsmtpd"
12 12
13# User-settable rc.conf variables and their default values: 13# User-settable rc.conf variables and their default values:
14: ${qmailsmtpd_postenv:=""} 14: ${qmailsmtpd_postenv:="SSL_UID=$(@ID@ -u @UCSPI_SSL_USER@) SSL_GID=$(@ID@ -g @UCSPI_SSL_GROUP@)"}
15: ${qmailsmtpd_tcpflags:="-vRl0"} 15: ${qmailsmtpd_tcpflags:="-ne -vRl0"}
16: ${qmailsmtpd_tcphost:="0"} 16: ${qmailsmtpd_tcphost:="0.0.0.0"}
17: ${qmailsmtpd_tcpport:="25"} 17: ${qmailsmtpd_tcpport:="25"}
18: ${qmailsmtpd_datalimit:="180000000"} 18: ${qmailsmtpd_datalimit:="360000000"}
19: ${qmailsmtpd_pretcpserver:=""} 19: ${qmailsmtpd_pretcpserver:=""}
20: ${qmailsmtpd_tcpserver:="@PREFIX@/bin/tcpserver"} 20: ${qmailsmtpd_tcpserver:="@PREFIX@/bin/sslserver"}
21: ${qmailsmtpd_presmtpd:=""} 21: ${qmailsmtpd_presmtpd:="@PREFIX@/bin/greetdelay @PREFIX@/bin/rblsmtpd -r zen.spamhaus.org @PREFIX@/bin/fixsmtpio"}
22: ${qmailsmtpd_smtpdcmd:="@PREFIX@/bin/qmail-smtpd"} 22: ${qmailsmtpd_smtpdcmd:="@PREFIX@/bin/qmail-smtpd"}
23: ${qmailsmtpd_postsmtpd:=""} 23: ${qmailsmtpd_postsmtpd:=""}
24: ${qmailsmtpd_log:="YES"} 24: ${qmailsmtpd_log:="YES"}
25: ${qmailsmtpd_logcmd:="logger -t nbqmail/smtpd -p mail.info"} 25: ${qmailsmtpd_logcmd:="logger -t nbqmail/smtpd -p mail.info"}
26: ${qmailsmtpd_nologcmd:="@PREFIX@/bin/multilog -*"} 26: ${qmailsmtpd_nologcmd:="@PREFIX@/bin/multilog -*"}
 27: ${qmailsmtpd_tls:="auto"}
 28: ${qmailsmtpd_tls_dhparams:="@PKG_SYSCONFDIR@/control/dh2048.pem"}
 29: ${qmailsmtpd_tls_cert:="@PKG_SYSCONFDIR@/control/servercert.pem"}
27 30
28if [ -f /etc/rc.subr ]; then 31if [ -f /etc/rc.subr ]; then
29 . /etc/rc.subr 32 . /etc/rc.subr
30fi 33fi
31 34
32rcvar=${name} 35rcvar=${name}
33required_files="@PKG_SYSCONFDIR@/control/concurrencyincoming" 36required_files="@PKG_SYSCONFDIR@/control/me"
34required_files="${required_files} @PKG_SYSCONFDIR@/tcp.smtp.cdb" 37required_files="${required_files} @PKG_SYSCONFDIR@/control/concurrencyincoming"
35required_files="${required_files} @PKG_SYSCONFDIR@/control/rcpthosts" 38required_files="${required_files} @PKG_SYSCONFDIR@/control/rcpthosts"
 39required_files="${required_files} @PKG_SYSCONFDIR@/tcp.smtp.cdb"
36command="${qmailsmtpd_tcpserver}" 40command="${qmailsmtpd_tcpserver}"
37procname=nb${name} 41procname=nb${name}
38start_precmd="qmailsmtpd_precmd" 42start_precmd="qmailsmtpd_precmd"
39extra_commands="stat pause cont cdb reload" 43extra_commands="stat pause cont cdb reload"
40stat_cmd="qmailsmtpd_stat" 44stat_cmd="qmailsmtpd_stat"
41pause_cmd="qmailsmtpd_pause" 45pause_cmd="qmailsmtpd_pause"
42cont_cmd="qmailsmtpd_cont" 46cont_cmd="qmailsmtpd_cont"
43cdb_cmd="qmailsmtpd_cdb" 47cdb_cmd="qmailsmtpd_cdb"
44reload_cmd=${cdb_cmd} 48reload_cmd=${cdb_cmd}
45 49
 50qmailsmtpd_configure_tls() {
 51 if [ "auto" = "${qmailsmtpd_tls}" ]; then
 52 if [ -f "${qmailsmtpd_tls_dhparams}" ] && [ -f "${qmailsmtpd_tls_cert}" ]; then
 53 qmailsmtpd_enable_tls
 54 else
 55 qmailsmtpd_disable_tls
 56 fi
 57 elif [ -f /etc/rc.subr ] && checkyesno qmailsmtpd_tls; then
 58 qmailsmtpd_enable_tls
 59 else
 60 qmailsmtpd_disable_tls
 61 fi
 62}
 63
 64qmailsmtpd_disable_tls() {
 65 qmailsmtpd_postenv="${qmailsmtpd_postenv} DISABLETLS=1"
 66}
 67
 68qmailsmtpd_enable_tls() {
 69 qmailsmtpd_postenv="${qmailsmtpd_postenv} DHFILE=${qmailsmtpd_tls_dhparams}"
 70 qmailsmtpd_postenv="${qmailsmtpd_postenv} CERTFILE=${qmailsmtpd_tls_cert}"
 71}
 72
46qmailsmtpd_precmd() 73qmailsmtpd_precmd()
47{ 74{
48 if [ -f /etc/rc.subr ] && ! checkyesno qmailsmtpd_log; then 75 if [ -f /etc/rc.subr ] && ! checkyesno qmailsmtpd_log; then
49 qmailsmtpd_logcmd=${qmailsmtpd_nologcmd} 76 qmailsmtpd_logcmd=${qmailsmtpd_nologcmd}
50 fi 77 fi
 78 qmailsmtpd_configure_tls
51 # tcpserver(1) is akin to inetd(8), but runs one service per process. 79 # tcpserver(1) is akin to inetd(8), but runs one service per process.
52 # We want to signal only the tcpserver process responsible for this 80 # We want to signal only the tcpserver process responsible for this
53 # service. Use argv0(1) to set procname to "nbqmailsmtpd". 81 # service. Use argv0(1) to set procname to "nbqmailsmtpd".
54 command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailsmtpd_postenv} 82 command="@PREFIX@/bin/pgrphack @SETENV@ - ${qmailsmtpd_postenv}
55@PREFIX@/bin/softlimit -m ${qmailsmtpd_datalimit} ${qmailsmtpd_pretcpserver} 83@PREFIX@/bin/softlimit -m ${qmailsmtpd_datalimit} ${qmailsmtpd_pretcpserver}
56@PREFIX@/bin/argv0 ${qmailsmtpd_tcpserver} ${procname} 84@PREFIX@/bin/argv0 ${qmailsmtpd_tcpserver} ${procname}
57${qmailsmtpd_tcpflags} -x @PKG_SYSCONFDIR@/tcp.smtp.cdb 85${qmailsmtpd_tcpflags} -x @PKG_SYSCONFDIR@/tcp.smtp.cdb
58-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencyincoming` 86-c `@HEAD@ -1 @PKG_SYSCONFDIR@/control/concurrencyincoming`
59-u `@ID@ -u @QMAIL_DAEMON_USER@` -g `@ID@ -g @QMAIL_DAEMON_USER@` 87-u `@ID@ -u @QMAIL_DAEMON_USER@` -g `@ID@ -g @QMAIL_DAEMON_USER@`
60${qmailsmtpd_tcphost} ${qmailsmtpd_tcpport} 88${qmailsmtpd_tcphost} ${qmailsmtpd_tcpport}
61${qmailsmtpd_presmtpd} ${qmailsmtpd_smtpdcmd} ${qmailsmtpd_postsmtpd} 89${qmailsmtpd_presmtpd} ${qmailsmtpd_smtpdcmd} ${qmailsmtpd_postsmtpd}
622>&1 | 902>&1 |
63@PREFIX@/bin/pgrphack @PREFIX@/bin/setuidgid @QMAIL_LOG_USER@ ${qmailsmtpd_logcmd}" 91@PREFIX@/bin/pgrphack @PREFIX@/bin/setuidgid @QMAIL_LOG_USER@ ${qmailsmtpd_logcmd}"
cvs diff -r1.3 -r1.4 pkgsrc/mail/qmail-run/files/Attic/tcp.ofmip (expand / switch to unified diff)

--- pkgsrc/mail/qmail-run/files/Attic/tcp.ofmip 2018/10/28 15:01:57 1.3
+++ pkgsrc/mail/qmail-run/files/Attic/tcp.ofmip 2018/11/08 20:57:28 1.4