This package is the public Yast2 API to configure the postfix. Representation of the configuration of mail-server. Input and output routines.
EXAMPLE:
Example 296.
Dump the mail-server Global Settings to a single hash Return hash Dumped settings (later acceptable by WriteGlobalSettings ()) $GlobalSettings is a pointer to a hash containing the basic settings of the mail server. %GlobalSettings = ( 'Changed' => 0, Shows if the hash was changed. Possible values are 0 (no) or 1 (yes). 'MaximumMailSize' => 0, Shows the maximum message size in bytes, the mail server will accept to deliver. Setting this value 0 means there is no limit. 'Banner' => '$myhostname ESMTP $mail_name' The smtpd_banner parameter specifies the text that follows the 220 code in the SMTP server's greeting banner. Some people like to see the mail version advertised. By default, Postfix shows no version. You MUST specify $myhostname at the start of the text. That is an RFC requirement. Postfix itself does not care. 'Interfaces' => '' The inet_interfaces parameter specifies the network interface addresses that this mail system receives mail on. By default, the software claims all active interfaces on the machine. The parameter also controls delivery of mail to user@[ip.address] 'SendingMail' => { In this hash you can define the type of delivery of outgoing emails. 'Type' => '', Shows the type of the delivery of the outgoing mails. Possible values are: DNS : Delivery via DNS lookup of the MX records of the destination domain. relayhost : Delivery using a relay host NONE : There is no delivery of outgoing mails. In this case some other funcions are not avaiable. For example setting of mail transport. 'TLS' => '', If delivery via DNS is used you can set how TLS will be used for security. Possible values are: NONE : don't use TLS. MAY : TLS will used when offered by the server. MUST : Only connection with TLS will be accepted. MUST_NOPEERMATCH : Only connection with TLS will be accepted, but no strict peername checking accours. 'RelayHost' => { If the type of delivery of outgoing emails is set to "relayhost", then you have to define the relyhost in this hash. 'Name' => '', DNS name or IP address of the relay host. 'Auth' => 0, Sets if SASL authentication will be used for the relayhost. Possible values are: 0 (no) and 1 (yes). 'Account' => '', The account name of the SASL account. 'Password' => '' The SASL account password } } );
Example 298.
my $AdminPassword = "VerySecure"; my $MailPrevention = []; if( $MailPrevention = ReadMailPrevention($AdminPassword) ) { print "Basic BasicProtection : $MailPrevention->{BasicProtection}\n"; foreach(@{$MailPrevention->{RBLList}}) { print "Used RBL Server: $_\n"; } foreach(@{$MailPrevention->{AccessList}}) { print "Access for $_{MailClient} is $_{MailAction}\n"; } if($MailPrevention->{VirusScanning}){ print "Virus scanning is activated\n"; } else { print "Virus scanning isn't activated\n"; } } else { print "ERROR in ReadMailPrevention\n"; }
Example 299.
Dump the mail-server server side relay settings to a single hash @return hash Dumped settings (later acceptable by WriteMailRelaying ()) $MailRelaying is a pointer to a hash containing the mail server relay settings. This hash has following structure: %MailRelaying = ( 'Changed' => 0, Shows if the hash was changed. Possible values are 0 (no) or 1 (yes). 'TrustedNetworks' => [], An array of trusted networks/hosts addresses 'RequireSASL' => 1, Show if SASL authentication is required for sending external eMails. 'SMTPDTLSMode' => 'use', Shows how TLS will be used for smtpd connection. Avaiable values are: 'none' : no TLS will be used. 'use' : TLS will be used if the client wants. 'enfoce' : TLS must be used. 'auth_only' : TLS will be used only for SASL authentication. 'UserRestriction' => 0 If UserRestriction is set, there is possible to make user/group based restrictions for sending and getting eMails. Strickt authotentication is requiered. To do so an 2nd interface for sending eMails for internal clients will be set up. The system administrator have to care that the other interface (external interface) can not be accessed from the internal clients );
Write the mail-server Global Settings from a single hash @param settings The YCP structure to be imported. @return boolean True on success
Example 300.
my $AdminPassword = "VerySecure"; my %GlobalSettings = ( 'Changed' => 1, 'MaximumMailSize' => 10485760, 'Banner' => '$myhostname ESMTP $mail_name', 'SendingMail' => { 'Type' => 'relayhost', 'TLS' => 'MUST', 'RelayHost' => { 'Name' => 'mail.domain.de', 'Auth' => 1, 'Account' => 'user', 'Password' => 'password' } } ); if( ! WriteGlobalSettings(\%GlobalSettings,$AdminPassword) ) { print "ERROR in WriteGlobalSettings\n"; }
Example 301.
my $AdminPassword = "VerySecure"; my $MailPrevention = []; if( $MailPrevention = ReadMailPrevention($AdminPassword) ) { print "Basic BasicProtection : $MailPrevention->{BasicProtection}\n"; foreach(@{$MailPrevention->{RBLList}}) { print "Used RBL Server: $_\n"; } foreach(@{$MailPrevention->{AccessList}}) { print "Access for $_{MailClient} is $_{MailAction}\n"; } if($MailPrevention->{VirusScanning}){ print "Virus scanning is activated\n"; } else { print "Virus scanning isn't activated\n"; } } else { print "ERROR in ReadMailPrevention\n"; }
Example 302.
Dump the mail-server server side relay settings to a single hash @return hash Dumped settings (later acceptable by WriteMailRelaying ()) $MailRelaying is a pointer to a hash containing the mail server relay settings. This hash has following structure: %MailRelaying = ( 'Changed' => 0, Shows if the hash was changed. Possible values are 0 (no) or 1 (yes). 'TrustedNetworks' => [], An array of trusted networks/hosts addresses 'RequireSASL' => 1, Show if SASL authentication is required for sending external eMails. 'SMTPDTLSMode' => 'use', Shows how TLS will be used for smtpd connection. Avaiable values are: 'none' : no TLS will be used. 'use' : TLS will be used if the client wants. 'enfoce' : TLS must be used. 'auth_only' : TLS will be used only for SASL authentication. 'UserRestriction' => 0 If UserRestriction is set, there is possible to make user/group based restrictions for sending and getting eMails. Strickt authotentication is requiered. To do so an 2nd interface for sending eMails for internal clients will be set up. The system administrator have to care that the other interface (external interface) can not be accessed from the internal clients );
EXAMPLE:
Example 303.
Dump the mail-server Mail Transport to a single hash @return hash Dumped settings (later acceptable by WriteMailTransport ()) $MailTransports is a pointer to a hash containing the mail transport definitions. %MailTransports = ( 'Changed' => 0, Shows if the hash was changed. Possible values are 0 (no) or 1 (yes). 'Transports' => [], Poiter to an array containing the mail transport table entries. 'TLSSites' => {}, Poiter to an hash containing the mail transport TLS per site table entries. 'SASLAccounts' => {}, Poiter to an hash containing the client side authentication accounts. ); Each element of the arry 'Transports' has following syntax: %Transport = ( 'Destination' => '', This field contains a search pattern for the mail destination. Patterns are tried in the order as listed below: user+extension@domain Mail for user+extension@domain is delivered through transport to nexthop. user@domain Mail for user@domain is delivered through transport to nexthop. domain Mail for domain is delivered through transport to nexthop. .domain Mail for any subdomain of domain is delivered through transport to nexthop. This applies only when the string transport_maps is not listed in the parent_domain_matches_subdomains configuration set- ting. Otherwise, a domain name matches itself and its subdomains. Note 1: the special pattern * represents any address (i.e. it functions as the wild-card pattern). Note 2: the null recipient address is looked up as $empty_address_recipient@$myhostname (default: mailer-dae- mon@hostname). 'Nexthop' => '', This field has the format transport:nexthop and shows how the mails for the corresponding destination will be delivered. The transport field specifies the name of a mail delivery transport (the first name of a mail delivery service entry in the Postfix master.cf file). The interpretation of the nexthop field is transport dependent. In the case of SMTP, specify host:service for a non-default server port, and use [host] or [host]:port in order to disable MX (mail exchanger) DNS lookups. The [] form is required when you specify an IP address instead of a hostname. A null transport and null nexthop result means "do not change": use the delivery transport and nexthop informa- tion that would be used when the entire transport table did not exist. A non-null transport field with a null nexthop field resets the nexthop information to the recipient domain. A null transport field with non-null nexthop field does not modify the transport information. For a detailed description have a look in man 5 trnsport. ); %TLSSites = { 'TLSSite' => '' The name or IP of the mail server (nexthop). 'TLSMode' => '', You can set how TLS will be used for security. Possible values are: NONE : don't use TLS. MAY : TLS will used when offered by the server. MUST : Only connection with TLS will be accepted. MUST_NOPEERMATCH : Only connection with TLS will be accepted, but no strict peername checking accours. }; %SASLAccounts = { 'Server1' => ['Account1','Password1'], 'Server2' => ['Account2','Password2'] }
Example 304.
my $AdminPassword = "VerySecure"; my $MailTransorts = []; if (! $MailTransorts = ReadMailTransports($AdminPassword) ) { print "ERROR in ReadMailTransports\n"; } else { foreach my $Transport (@{$MailTransports->{'Transports'}}){ print "Destination=> $Transport->{'Destination'}\n"; print " Nexthop=> $Transport->{'Nexthop'}\n"; } foreach my $TLSSite (keys %{$MailTransports->{'TLSSites'}}){ print "TLSSite: $TLSSite => "; print "TLSMode: $MailTransports->{'TLSSites'}->{$TLSSite}\n"; } foreach my $SASLAccount (keys %{$MailTransports->{'SASLAccounts'}}){ print "Nexthop: $SASLAccount => "; print "Account: $MailTransports->{'SASLAccounts'}->{$SASLAccount}->[0] "; print "Passord: $MailTransports->{'SASLAccounts'}->{$SASLAccount}->[1]\n"; } }
Example 305.
my $AdminPassword = "VerySecure"; my $MailPrevention = []; if( $MailPrevention = ReadMailPrevention($AdminPassword) ) { print "Basic BasicProtection : $MailPrevention->{BasicProtection}\n"; foreach(@{$MailPrevention->{RBLList}}) { print "Used RBL Server: $_\n"; } foreach(@{$MailPrevention->{AccessList}}) { print "Access for $_{MailClient} is $_{MailAction}\n"; } if($MailPrevention->{VirusScanning}){ print "Virus scanning is activated\n"; } else { print "Virus scanning isn't activated\n"; } } else { print "ERROR in ReadMailPrevention\n"; }
Example 306.
Dump the mail-server server side relay settings to a single hash @return hash Dumped settings (later acceptable by WriteMailRelaying ()) $MailRelaying is a pointer to a hash containing the mail server relay settings. This hash has following structure: %MailRelaying = ( 'Changed' => 0, Shows if the hash was changed. Possible values are 0 (no) or 1 (yes). 'TrustedNetworks' => [], An array of trusted networks/hosts addresses 'RequireSASL' => 1, Show if SASL authentication is required for sending external eMails. 'SMTPDTLSMode' => 'use', Shows how TLS will be used for smtpd connection. Avaiable values are: 'none' : no TLS will be used. 'use' : TLS will be used if the client wants. 'enfoce' : TLS must be used. 'auth_only' : TLS will be used only for SASL authentication. 'UserRestriction' => 0 If UserRestriction is set, there is possible to make user/group based restrictions for sending and getting eMails. Strickt authotentication is requiered. To do so an 2nd interface for sending eMails for internal clients will be set up. The system administrator have to care that the other interface (external interface) can not be accessed from the internal clients );
EXAMPLE:
Example 307.
Write the mail server Mail Transport from a single hash. WARNING! All transport defintions not contained in the hash will be removed from the tranport table.
Example 308.
my $AdminPassword = "VerySecure"; my %MailTransports = ( 'Changed' => '1', 'Transports' => [] ); my %Transport = ( 'Destination' => 'dom.ain', 'Transport' => 'smtp', 'Nexthop' => '[mail.dom.ain]', 'TLS' => 'MUST', 'Auth' => 1, 'Account' => 'user', 'Password' => 'passwd' ); push @($MailTransports{Transports}), %Transport; %Transport = ( 'Destination' => 'my-domain.de', 'Nexthop' => 'uucp:[mail.my-domain.de]', 'TLS' => 'NONE', 'Auth' => '0' ); push @($MailTransports{Transports}), %Transport; %Transport = ( 'Destination' => 'my-old-domain.de', 'Nexthop' => "error:I've droped this domain" ); push @($MailTransports{Transports}), %Transport; if( ! WriteMailTransports(\%Transports,$AdminPassword) ) { print "ERROR in WriteMailTransport\n"; }
Example 309.
my $AdminPassword = "VerySecure"; my $MailPrevention = []; if( $MailPrevention = ReadMailPrevention($AdminPassword) ) { print "Basic BasicProtection : $MailPrevention->{BasicProtection}\n"; foreach(@{$MailPrevention->{RBLList}}) { print "Used RBL Server: $_\n"; } foreach(@{$MailPrevention->{AccessList}}) { print "Access for $_{MailClient} is $_{MailAction}\n"; } if($MailPrevention->{VirusScanning}){ print "Virus scanning is activated\n"; } else { print "Virus scanning isn't activated\n"; } } else { print "ERROR in ReadMailPrevention\n"; }
Example 310.
Dump the mail-server server side relay settings to a single hash @return hash Dumped settings (later acceptable by WriteMailRelaying ()) $MailRelaying is a pointer to a hash containing the mail server relay settings. This hash has following structure: %MailRelaying = ( 'Changed' => 0, Shows if the hash was changed. Possible values are 0 (no) or 1 (yes). 'TrustedNetworks' => [], An array of trusted networks/hosts addresses 'RequireSASL' => 1, Show if SASL authentication is required for sending external eMails. 'SMTPDTLSMode' => 'use', Shows how TLS will be used for smtpd connection. Avaiable values are: 'none' : no TLS will be used. 'use' : TLS will be used if the client wants. 'enfoce' : TLS must be used. 'auth_only' : TLS will be used only for SASL authentication. 'UserRestriction' => 0 If UserRestriction is set, there is possible to make user/group based restrictions for sending and getting eMails. Strickt authotentication is requiered. To do so an 2nd interface for sending eMails for internal clients will be set up. The system administrator have to care that the other interface (external interface) can not be accessed from the internal clients );
EXAMPLE:
Example 311.
my $AdminPassword = "VerySecure"; my $MailPrevention = []; if( $MailPrevention = ReadMailPrevention($AdminPassword) ) { print "Basic BasicProtection : $MailPrevention->{BasicProtection}\n"; foreach(@{$MailPrevention->{RBLList}}) { print "Used RBL Server: $_\n"; } foreach(@{$MailPrevention->{AccessList}}) { print "Access for $_{MailClient} is $_{MailAction}\n"; } if($MailPrevention->{VirusScanning}){ print "Virus scanning is activated\n"; } else { print "Virus scanning isn't activated\n"; } } else { print "ERROR in ReadMailPrevention\n"; }
Reads the LDAP Configuration: The LDAP Base The LDAP Base for the User Configuration The LDAP Base for the Group Configuration The LDAP Base for the DNS Configuration The LDAP Base for the MAIL Configuration The LDAP Template for the MAIL Configuration If the last two does not exist this will be created.
Example 312.
Dump the mail-server server side relay settings to a single hash @return hash Dumped settings (later acceptable by WriteMailRelaying ()) $MailRelaying is a pointer to a hash containing the mail server relay settings. This hash has following structure: %MailRelaying = ( 'Changed' => 0, Shows if the hash was changed. Possible values are 0 (no) or 1 (yes). 'TrustedNetworks' => [], An array of trusted networks/hosts addresses 'RequireSASL' => 1, Show if SASL authentication is required for sending external eMails. 'SMTPDTLSMode' => 'use', Shows how TLS will be used for smtpd connection. Avaiable values are: 'none' : no TLS will be used. 'use' : TLS will be used if the client wants. 'enfoce' : TLS must be used. 'auth_only' : TLS will be used only for SASL authentication. 'UserRestriction' => 0 If UserRestriction is set, there is possible to make user/group based restrictions for sending and getting eMails. Strickt authotentication is requiered. To do so an 2nd interface for sending eMails for internal clients will be set up. The system administrator have to care that the other interface (external interface) can not be accessed from the internal clients );
Reads the LDAP Configuration: The LDAP Base The LDAP Base for the User Configuration The LDAP Base for the Group Configuration The LDAP Base for the DNS Configuration The LDAP Base for the MAIL Configuration The LDAP Template for the MAIL Configuration If the last two does not exist this will be created.
Funktion to reset the mail server configuration: Needed Parameters are: $AdminPassword the Adminstrator Psssword $LDAPMap the LDAP map returned by ReadLDAPDefaults