Steve Jenkins stevejenkins
stevejenkins
/ specdiffs
Created
December 19, 2013 18:15
Differences between systemd vs. SystemV versions of OpenDKIM spec file for Fedora/EPEL repos
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- OpenDKIM-Fedora/SPECS/opendkim.spec 2013-12-18 19:51:31.927514150 -0800 | |
| +++ OpenDKIM-SysV/SPECS/opendkim.spec 2013-12-18 19:51:09.221494149 -0800 | |
| @@ -1,6 +1,4 @@ | |
| -# systemd-compatible version | |
| - | |
| -%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} | |
| +# SystemV-compatible version | |
| Summary: A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail | |
| Name: opendkim |
stevejenkins
/ Postfix SMTPD Restrictions
Last active
May 13, 2018 18:20
SteveJ's Postfix SMTPD Restrictions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SMTPD Restrictions v2015-06-02 | |
| # NOTE: Overiding restrictions are in master.cf for submission and other services | |
| smtpd_helo_required = yes | |
| disable_vrfy_command = yes | |
| smtpd_recipient_restrictions = | |
| permit_mynetworks, | |
| permit_sasl_authenticated, | |
| permit_dnswl_client list.dnswl.org=127.0.[2..14].[2..3], |
stevejenkins
/ Postfix Postscreen Options
Last active
June 17, 2018 20:57
SteveJ's Postfix:Postscreen configuration options
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # POSTSCREEN OPTIONS v2017-03-18 | |
| postscreen_access_list = permit_mynetworks, | |
| cidr:/etc/postfix/postscreen_access.cidr, | |
| cidr:/etc/postfix/postscreen_spf_whitelist.cidr, | |
| hash:/etc/postfix/postscreen_whitelist | |
| postscreen_blacklist_action = drop | |
| postscreen_dnsbl_action = enforce | |
| postscreen_greet_action = enforce | |
| postscreen_dnsbl_threshold = 3 |
stevejenkins
/ denyhosts-unban.sh
Created
April 1, 2013 22:50
Script for automatically unbanning/removing IPs and hostnames that were banned by DenyHosts. Courtesy of Cybernitus (http://www.cybertinus.nl/).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ################# | |
| # CONFIGURATION # | |
| ################# | |
| # The $WORK_DIR as set in /etc/denyhosts.conf. You can let this script find the | |
| # setting automatically, or you can set it yourself. | |
| DENYHOSTS_WORK_DIR=$(grep 'WORK_DIR' /etc/denyhosts.conf | grep -v '#' | cut -d '=' -f 2 | sed 's/ //') | |
| #DENYHOSTS_WORK_DIR="/var/lib/denyhosts" |
stevejenkins
/ make_postfix_64_mysql.sh
Last active
December 12, 2015 02:08
Creates the Postfix make files for building from source on an x86_64 (64-bit) system with MySQL support
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/bin/sh | |
| make makefiles CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DPREFIX=\\"/usr\\" -DHAS_LDAP -DLDAP_DEPRECATED=1 -DHAS_PCRE -I/usr/include/openssl -DHAS_MYSQL -I/usr/include/mysql -I/usr/include/sasl -I/usr/include' AUXLIBS='-L/usr/lib64 -L/usr/lib64/openssl -lssl -lcrypto -L/usr/lib64/mysql -lmysqlclient -L/usr/lib64/sasl2 -lsasl2 -lpcre -lz -lm -lldap -llber -Wl,-rpath,/usr/lib64/openssl -pie -Wl,-z,relro' OPT='-O' DEBUG='-g' |
stevejenkins
/ make_postfix_32_myqsl.sh
Last active
December 12, 2015 02:08
Creates the Postfix make files for building from source on an i386/I363 (32-bit) system with MySQL support
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/bin/sh | |
| make makefiles CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DPREFIX=\\"/usr\\" -DHAS_LDAP -DLDAP_DEPRECATED=1 -DHAS_PCRE -I/usr/include/openssl -DHAS_MYSQL -I/usr/include/mysql -I/usr/include/sasl -I/usr/include' AUXLIBS='-L/usr/lib -L/usr/lib/openssl -lssl -lcrypto -L/usr/lib/mysql -lmysqlclient -L/usr/lib/sasl2 -lsasl2 -lpcre -lz -lm -lldap -llber -Wl,-rpath,/usr/lib/openssl -pie -Wl,-z,relro' OPT='-O' DEBUG='-g' |
stevejenkins
/ make_postfix_32.sh
Created
February 1, 2013 23:41
Creates the Postfix make files for building from source on an i386 or i686 (32-bit) system without MySQL support
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/bin/sh | |
| make makefiles CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DPREFIX=\\"/usr\\" -DHAS_LDAP -DLDAP_DEPRECATED=1 -DHAS_PCRE -I/usr/include/openssl -I/usr/include/sasl -I/usr/include' AUXLIBS='-L/usr/lib -L/usr/lib/openssl -lssl -lcrypto -L/usr/lib/sasl2 -lsasl2 -lpcre -lz -lm -lldap -llber -Wl,-rpath,/usr/lib/openssl -pie -Wl,-z,relro' OPT='-O' DEBUG='-g' |
stevejenkins
/ make_postfix_64.sh
Last active
December 12, 2015 01:58
Creates the Postfix make files for building from source on an x86_64 (64-bit) system without MySQL support
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/bin/sh | |
| make makefiles CCARGS='-fPIC -DUSE_TLS -DUSE_SSL -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DPREFIX=\\"/usr\\" -DHAS_LDAP -DLDAP_DEPRECATED=1 -DHAS_PCRE -I/usr/include/openssl -I/usr/include/sasl -I/usr/include' AUXLIBS='-L/usr/lib64 -L/usr/lib64/openssl -lssl -lcrypto -L/usr/lib64/sasl2 -lsasl2 -lpcre -lz -lm -lldap -llber -Wl,-rpath,/usr/lib64/openssl -pie -Wl,-z,relro' OPT='-O' DEBUG='-g' |
stevejenkins
/ opendkim_multi_config.sh
Last active
December 13, 2016 19:25
Script submitted by Almir Duarte Jr. for automating OpenDKIM key generation and configuration for multiple domains.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # USAGE | |
| # Install opendkim | |
| # List all your domains in file /etc/opendkim/TrustedHosts, one per line | |
| CHOWN="$(which chown)" | |
| MKDIR="$(which mkdir)" | |
| REMOVE="$(which rm)" | |
| ECHO="$(which echo)" | |
| COPY="$(which cp)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Enable NAT on the WAN port to correct a bug in builds over 17000 | |
| iptables -t nat -I POSTROUTING -o `get_wanface` -j SNAT --to `nvram get wan_ipaddr` | |
| #Allow br1 access to br0, the WAN, and any other subnets (required if SPI firewall is on) | |
| iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT | |
| iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu | |
| #Restrict br1 from accessing br0 | |
| iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP |