adding opendkim support, to be tested

.gitattributes

@@ -472,12 +472,14 @@ etc/alternc/templates/bind/slaveip.conf -text
 etc/alternc/templates/bind/templates/named.template -text
 etc/alternc/templates/bind/templates/slave.template -text
 etc/alternc/templates/bind/templates/zone.template -text
+etc/alternc/templates/default/opendkim -text
 etc/alternc/templates/default/saslauthd -text
 etc/alternc/templates/dovecot/dovecot-dict-quota.conf -text
 etc/alternc/templates/dovecot/dovecot-sql.conf -text
 etc/alternc/templates/dovecot/dovecot.conf -text
 etc/alternc/templates/incron.d/alternc_do_action -text
 etc/alternc/templates/incron.d/alternc_update_domains -text
+etc/alternc/templates/opendkim.conf -text
 etc/alternc/templates/postfix/master.cf -text
 etc/alternc/templates/postfix/myalias.cf -text
 etc/alternc/templates/postfix/mydomain.cf -text

debian/control

@@ -10,7 +10,7 @@ Standards-Version: 3.9.4
 Package: alternc
 Architecture: all
 Pre-depends: debconf (>= 0.5.00) | debconf-2.0, bash (>= 4), acl
-Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:1.2.15), dovecot-common(<< 1:2.0), dovecot-imapd (>= 1:1.2.15), dovecot-pop3d (>= 1:1.2.15), vlogger, mailutils | mailx, incron, cron, ${misc:Depends}
+Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:1.2.15), dovecot-common(<< 1:2.0), dovecot-imapd (>= 1:1.2.15), dovecot-pop3d (>= 1:1.2.15), vlogger, mailutils | mailx, incron, cron, opendkim, ${misc:Depends}
 Recommends: mysql-server(>= 5.0), ntp, quota, unzip, bzip2
 Conflicts: alternc-admintools, alternc-awstats (<< 1.0), alternc-webalizer (<= 0.9.4), alternc-mailman (<< 2.0), courier-authlib
 Provides: alternc-admintools
@@ -39,7 +39,7 @@ Description-fr.UTF-8: Suite logicielle d'hébergement mutualisé pour Debian
 Package: alternc-slave
 Architecture: all
 Pre-depends: debconf (>= 0.5.00) | debconf-2.0, acl
-Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:1.2.15), dovecot-imapd, dovecot-pop3d, vlogger, mailutils | mailx, incron, cron, ${misc:Depends}
+Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:1.2.15), dovecot-imapd, dovecot-pop3d, vlogger, mailutils | mailx, incron, cron, opendkim, ${misc:Depends}
 Recommends: dovecot-managesieved, dovecot-sieve, dovecot-mysql, quota
 Conflicts: alternc-admintools, alternc-awstats (<= 0.3.2), alternc-webalizer (<= 0.9.4), alternc
 Provides: alternc

etc/alternc/templates/alternc/postfix/postfix.cf

@@ -46,3 +46,8 @@ transport_maps = proxy:mysql:/etc/postfix/mytransport.cf
 dovecot_destination_recipient_limit = 1
 mailman_destination_recipient_limit = 1
 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_rbl_client zen.spamhaus.org, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unlisted_recipient, reject_unauth_destination
+# DKIM Filtering
+milter_default_action = accept
+milter_protocol = 6
+smtpd_milters = inet:127.0.0.1:8891
+non_smtpd_milters = inet:127.0.0.1:8891

etc/alternc/templates/default/opendkim

@@ -0,0 +1,10 @@
+#
+# %%warning_message%%
+#
+# Command-line options specified here will override the contents of
+# /etc/opendkim.conf. See opendkim(8) for a complete list of options.
+#DAEMON_OPTS=""
+#
+# Uncomment to specify an alternate socket
+# Note that setting this will override any Socket value in opendkim.conf
+SOCKET="inet:8891:localhost"

etc/alternc/templates/opendkim.conf

@@ -0,0 +1,16 @@
+#
+# %%warning_message%%
+#
+
+# Log to syslog
+Syslog			yes
+SyslogSuccess			yes
+
+# Required to use local socket with MTAs that access the socket as a non-
+# privileged user (e.g. Postfix)
+UMask	     	  	002
+
+KeyTable           /etc/opendkim/KeyTable
+SigningTable       /etc/opendkim/SigningTable
+ExternalIgnoreList /etc/opendkim/TrustedHosts
+InternalHosts      /etc/opendkim/TrustedHosts

install/alternc.install

@@ -66,7 +66,8 @@ if [ -d /etc/postfix ]; then
     CONFIG_FILES="$CONFIG_FILES etc/postfix/master.cf etc/postfix/myalias.cf etc/postfix/myrelay.cf
                   etc/postfix/mydomain.cf etc/postfix/myrelay-domain.cf etc/postfix/mygid.cf etc/postfix/myquota.cf
                   etc/postfix/myvirtual.cf etc/postfix/mytransport.cf etc/postfix/sasl/smtpd.conf
-                  etc/alternc/postfix/postfix.cf etc/alternc/postfix/postfix-slave.cf"
+                  etc/alternc/postfix/postfix.cf etc/alternc/postfix/postfix-slave.cf
+                  etc/opendkim.conf etc/default/opendkim"
 fi
 if [ -e /etc/proftpd/proftpd.conf ]; then
     CONFIG_FILES="$CONFIG_FILES etc/proftpd/proftpd.conf etc/proftpd/welcome.msg etc/proftpd/modules.conf"
@@ -89,7 +90,6 @@ if [ -f "$INSTALLED_CONFIG_TAR" ]; then
     CHANGED="`env LANG=C tar -zdf "$INSTALLED_CONFIG_TAR" -C / 2> /dev/null | 
               grep -v 'postfix/main.cf' | grep -v 'Uid differs'|grep -v 'Gid differs'  |grep -v 'Mode differs' | 
               sed -e 's/^\([^:]*\).*/    \1/' | sort -u`"
-    # " shutup emacs
     if [ ! -z "$CHANGED" ]; then
         echo "The following configuration files has changed since last AlternC"
         echo "installation :"
@@ -543,13 +543,18 @@ chown -R alterncpanel:alterncpanel "/usr/share/alternc/panel/"
 # We force the re-computing of the DNS zones, since we may have changed the IP address (see #460)
 /usr/bin/mysql --defaults-file="/etc/alternc/my.cnf" -B -e "update domaines set dns_action='update';"
 
+# We ensure localhost is trusted to opendkim
+mkdir -p "/etc/opendkim/keys"
+grep -q "^127.0.0.1\$" /etc/opendkim/TrustedHosts || echo "127.0.0.1" >>/etc/opendkim/TrustedHosts
+grep -q "^localhost\$" /etc/opendkim/TrustedHosts || echo "localhost" >>/etc/opendkim/TrustedHosts
+
 # hook 
 run-parts --arg=before-reload /usr/lib/alternc/install.d 
 
 #######################################################################
 # Reload services
 #
-for service in postfix bind9 apache2 dovecot cron proftpd; do
+for service in postfix bind9 apache2 dovecot cron proftpd opendkim; do
     invoke-rc.d $service force-reload || true
 done
 
@@ -561,7 +566,6 @@ for service in $SERVICES; do
     test -x /etc/init.d/$service && invoke-rc.d $service start || true
 done
 
-#launch fixperms 
 echo "Fix all the permission. May be quite long..."
 /usr/lib/alternc/fixperms.sh
 echo "Compile PO files"

src/functions_dns.sh

@@ -65,7 +65,7 @@ dns_named_conf() {
     return 1
   fi
 
-  # Add the entry
+  # Add the entry
   grep -q "\"$domain\"" "$NAMED_CONF"
   if [ $? -ne 0 ] ; then
     local tempo=$(cat "$NAMED_TEMPLATE")
@@ -141,6 +141,27 @@ dns_regenerate() {
     fi # End if containt DEFAULT_MX 
     ##### Mail autodetect for thunderbird / outlook - END
 
+    ##### OpenDKIM signature management - START
+    # If $file contain DEFAULT_MX
+    if [ ! -z "$(echo -e "$file" |egrep 'DEFAULT_MX' )" ] ; then 
+	# If necessary, we generate the key: 
+	if [ ! -d "/etc/opendkim/keys/$domain" ] ; then
+	    mkdir -p "/etc/opendkim/keys/$domain"
+
+	    pushd "/etc/opendkim/keys/$domain" >/dev/null
+	    opendkim-genkey -r -d "$domain" -s "alternc"
+	    chown opendkim:opendkim alternc.private
+	    popd
+
+	    grep -q "^$domain\$" /etc/opendkim/TrustedHosts || echo "$domain" >>/etc/opendkim/TrustedHosts
+	    grep -q "^alternc._domainkey.$domain " /etc/opendkim/KeyTable || echo "alternc._domainkey.$domain $domain:alternc:/etc/opendkim/keys/$domain/alternc.private" >> /etc/opendkim/KeyTable
+	    grep -q "^$domain alternc._domainkey.$domain\$" /etc/opendkim/SigningTable || echo "$domain alternc._domainkey.$domain" >> /etc/opendkim/SigningTable
+	fi
+	# we add alternc._domainkey with the proper key
+	file="$(echo -e "$file" ; cat "/etc/opendkim/keys/$domain/alternc.txt")"
+    fi
+    ##### OpenDKIM signature management - END
+
     # Replace the vars by their values
     # Here we can add dynamic value for the default MX
     file=$( echo -e "$file" | sed -e "

wheezy/control.diff

@@ -6,9 +6,9 @@ Index: ../debian/control
  Package: alternc
  Architecture: all
  Pre-depends: debconf (>= 0.5.00) | debconf-2.0, bash (>= 4), acl
--Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:1.2.15), dovecot-common(<< 1:2.0), dovecot-imapd (>= 1:1.2.15), dovecot-pop3d (>= 1:1.2.15), vlogger, mailutils | mailx, incron, cron, ${misc:Depends}
+-Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:1.2.15), dovecot-common(<< 1:2.0), dovecot-imapd (>= 1:1.2.15), dovecot-pop3d (>= 1:1.2.15), vlogger, mailutils | mailx, incron, cron, opendkim, ${misc:Depends}
 -Recommends: mysql-server(>= 5.0), ntp, quota, unzip, bzip2
-+Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:2.1.7), dovecot-imapd, dovecot-pop3d, dovecot-mysql, vlogger, mailutils | mailx, incron, cron, ${misc:Depends}
++Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, bind9, wget, rsync, ca-certificates, locales, perl-suid | perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), sudo, adduser, mysql-client, dnsutils, dovecot-common (>=1:2.1.7), dovecot-imapd, dovecot-pop3d, dovecot-mysql, vlogger, mailutils | mailx, incron, cron, opendkim, ${misc:Depends}
 +Recommends: mysql-server(>= 5.0), ntp, quota, unzip, bzip2, dovecot-sieve, dovecot-managesieved
  Conflicts: alternc-admintools, alternc-awstats (<< 1.0), alternc-webalizer (<= 0.9.4), alternc-mailman (<< 2.0), courier-authlib
  Provides: alternc-admintools
@@ -17,8 +17,8 @@ Index: ../debian/control
  Package: alternc-slave
  Architecture: all
  Pre-depends: debconf (>= 0.5.00) | debconf-2.0, acl
--Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:1.2.15), dovecot-imapd, dovecot-pop3d, vlogger, mailutils | mailx, incron, cron, ${misc:Depends}
+-Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:1.2.15), dovecot-imapd, dovecot-pop3d, vlogger, mailutils | mailx, incron, cron, opendkim, ${misc:Depends}
-+Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:2.1.7), dovecot-imapd, dovecot-pop3d, dovecot-mysql, vlogger, mailutils | mailx, incron, cron, ${misc:Depends}
++Depends: debianutils (>= 1.13.1), apache2-mpm-itk, libapache2-mod-php5, php5-mysql, phpmyadmin, postfix, proftpd-mod-mysql, proftpd-basic, postfix-tls, bind9, wget, rsync, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), adduser, mysql-client, sudo, dovecot-common (>= 1:2.1.7), dovecot-imapd, dovecot-pop3d, dovecot-mysql, vlogger, mailutils | mailx, incron, cron, opendkim, ${misc:Depends}
  Recommends: dovecot-managesieved, dovecot-sieve, dovecot-mysql, quota
  Conflicts: alternc-admintools, alternc-awstats (<= 0.3.2), alternc-webalizer (<= 0.9.4), alternc
  Provides: alternc