added Postfix MX-Access, fixes #119

lib/configfiles/etch.inc.php

@@ -135,6 +135,19 @@ return Array(
 							'newaliases'
 						)
 					),
+					'postfix_mxaccess' => Array(
+						'label' => 'Postfix MX-Access (anti spam)',
+						'files' => Array(
+							'etc_postfix_mx_access' => '/etc/postfix/mx_access',
+							'etc_postfix_main.cf' => '/etc/postfix/main.cf'
+						),
+						'commands_1' => Array(
+							'postmap /etc/postfix/mx_access'
+						),
+						'restart' => Array(
+							'/etc/init.d/postfix restart'
+						)
+					),
 					'exim4' => Array(
 						'label' => 'Exim4',
 						'commands_1' => Array(

lib/configfiles/gentoo.inc.php

@@ -128,6 +128,19 @@ return Array(
 							'/etc/init.d/postfix restart'
 						)
 					),
+					'postfix_mxaccess' => Array(
+						'label' => 'Postfix MX-Access (anti spam)',
+						'files' => Array(
+							'etc_postfix_mx_access' => '/etc/postfix/mx_access',
+							'etc_postfix_main.cf' => '/etc/postfix/main.cf'
+						),
+						'commands_1' => Array(
+							'postmap /etc/postfix/mx_access'
+						),
+						'restart' => Array(
+							'/etc/init.d/postfix restart'
+						)
+					),
 					'dkim' => Array(
 						'label' => 'DomainKey filter',
 						'commands_1' => Array(

lib/configfiles/hardy.inc.php

@@ -135,6 +135,19 @@ return Array(
 							'newaliases'
 						)
 					),
+					'postfix_mxaccess' => Array(
+						'label' => 'Postfix MX-Access (anti spam)',
+						'files' => Array(
+							'etc_postfix_mx_access' => '/etc/postfix/mx_access',
+							'etc_postfix_main.cf' => '/etc/postfix/main.cf'
+						),
+						'commands_1' => Array(
+							'postmap /etc/postfix/mx_access'
+						),
+						'restart' => Array(
+							'/etc/init.d/postfix restart'
+						)
+					),
 					'exim4' => Array(
 						'label' => 'Exim4',
 						'commands_1' => Array(

lib/configfiles/lenny.inc.php

@@ -135,6 +135,19 @@ return Array(
 							'newaliases'
 						)
 					),
+					'postfix_mxaccess' => Array(
+						'label' => 'Postfix MX-Access (anti spam)',
+						'files' => Array(
+							'etc_postfix_mx_access' => '/etc/postfix/mx_access',
+							'etc_postfix_main.cf' => '/etc/postfix/main.cf'
+						),
+						'commands_1' => Array(
+							'postmap /etc/postfix/mx_access'
+						),
+						'restart' => Array(
+							'/etc/init.d/postfix restart'
+						)
+					),
 					'exim4' => Array(
 						'label' => 'Exim4',
 						'commands_1' => Array(

lib/configfiles/suse10.inc.php

@@ -89,6 +89,19 @@ return Array(
 						'restart' => Array(
 							'/etc/init.d/postfix restart'
 						)
+					),
+					'postfix_mxaccess' => Array(
+						'label' => 'Postfix MX-Access (anti spam)',
+						'files' => Array(
+							'etc_postfix_mx_access' => '/etc/postfix/mx_access',
+							'etc_postfix_main.cf' => '/etc/postfix/main.cf'
+						),
+						'commands_1' => Array(
+							'postmap /etc/postfix/mx_access'
+						),
+						'restart' => Array(
+							'/etc/init.d/postfix restart'
+						)
 					)
 				)
 			),

templates/misc/configfiles/debian_etch/postfix_mxaccess/etc_postfix_main.cf

@@ -0,0 +1,25 @@
+#
+# ATTENTION - this is not the full postfix-main.cf file
+#
+# it only provides additional configuration-entries!
+#
+
+#
+# look for the follow statement
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+
+#
+# and extend it with the following line
+# so it looks like this
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient,
+	check_recipient_mx_access cidr:/etc/postfix/mx_access

templates/misc/configfiles/debian_etch/postfix_mxaccess/etc_postfix_mx_access

@@ -0,0 +1,10 @@
+0.0.0.0/8         REJECT Domain MX in broadcast network
+10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
+127.0.0.0/8       REJECT Domain MX in loopback network
+169.254.0.0/16    REJECT Domain MX in link local network
+172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
+192.0.2.0/24      REJECT Domain MX in TEST-NET network
+192.168.0.0/16    REJECT Domain MX in RFC 1918 private network
+224.0.0.0/4       REJECT Domain MX in class D multicast network
+240.0.0.0/5       REJECT Domain MX in class E reserved network
+248.0.0.0/5       REJECT Domain MX in reserved network

templates/misc/configfiles/debian_lenny/postfix_mxaccess/etc_postfix_main.cf

@@ -0,0 +1,25 @@
+#
+# ATTENTION - this is not the full postfix-main.cf file
+#
+# it only provides additional configuration-entries!
+#
+
+#
+# look for the follow statement
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+
+#
+# and extend it with the following line
+# so it looks like this
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient,
+	check_recipient_mx_access cidr:/etc/postfix/mx_access

templates/misc/configfiles/debian_lenny/postfix_mxaccess/etc_postfix_mx_access

@@ -0,0 +1,10 @@
+0.0.0.0/8         REJECT Domain MX in broadcast network
+10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
+127.0.0.0/8       REJECT Domain MX in loopback network
+169.254.0.0/16    REJECT Domain MX in link local network
+172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
+192.0.2.0/24      REJECT Domain MX in TEST-NET network
+192.168.0.0/16    REJECT Domain MX in RFC 1918 private network
+224.0.0.0/4       REJECT Domain MX in class D multicast network
+240.0.0.0/5       REJECT Domain MX in class E reserved network
+248.0.0.0/5       REJECT Domain MX in reserved network

templates/misc/configfiles/gentoo/postfix_mxaccess/etc_postfix_main.cf

@@ -0,0 +1,25 @@
+#
+# ATTENTION - this is not the full postfix-main.cf file
+#
+# it only provides additional configuration-entries!
+#
+
+#
+# look for the follow statement
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+
+#
+# and extend it with the following line
+# so it looks like this
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient,
+	check_recipient_mx_access cidr:/etc/postfix/mx_access

templates/misc/configfiles/gentoo/postfix_mxaccess/etc_postfix_mx_access

@@ -0,0 +1,10 @@
+0.0.0.0/8         REJECT Domain MX in broadcast network
+10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
+127.0.0.0/8       REJECT Domain MX in loopback network
+169.254.0.0/16    REJECT Domain MX in link local network
+172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
+192.0.2.0/24      REJECT Domain MX in TEST-NET network
+192.168.0.0/16    REJECT Domain MX in RFC 1918 private network
+224.0.0.0/4       REJECT Domain MX in class D multicast network
+240.0.0.0/5       REJECT Domain MX in class E reserved network
+248.0.0.0/5       REJECT Domain MX in reserved network

templates/misc/configfiles/suse_linux_10_0/postfix_mxaccess/etc_postfix_main.cf

@@ -0,0 +1,25 @@
+#
+# ATTENTION - this is not the full postfix-main.cf file
+#
+# it only provides additional configuration-entries!
+#
+
+#
+# look for the follow statement
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+
+#
+# and extend it with the following line
+# so it looks like this
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient,
+	check_recipient_mx_access cidr:/etc/postfix/mx_access

templates/misc/configfiles/suse_linux_10_0/postfix_mxaccess/etc_postfix_mx_access

@@ -0,0 +1,10 @@
+0.0.0.0/8         REJECT Domain MX in broadcast network
+10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
+127.0.0.0/8       REJECT Domain MX in loopback network
+169.254.0.0/16    REJECT Domain MX in link local network
+172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
+192.0.2.0/24      REJECT Domain MX in TEST-NET network
+192.168.0.0/16    REJECT Domain MX in RFC 1918 private network
+224.0.0.0/4       REJECT Domain MX in class D multicast network
+240.0.0.0/5       REJECT Domain MX in class E reserved network
+248.0.0.0/5       REJECT Domain MX in reserved network

templates/misc/configfiles/ubuntu_hardy/postfix_mxaccess/etc_postfix_main.cf

@@ -0,0 +1,25 @@
+#
+# ATTENTION - this is not the full postfix-main.cf file
+#
+# it only provides additional configuration-entries!
+#
+
+#
+# look for the follow statement
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient
+
+#
+# and extend it with the following line
+# so it looks like this
+#
+smtpd_recipient_restrictions = permit_mynetworks,
+	permit_sasl_authenticated,
+	reject_unauth_destination,
+	reject_unauth_pipelining,
+	reject_non_fqdn_recipient,
+	check_recipient_mx_access cidr:/etc/postfix/mx_access

templates/misc/configfiles/ubuntu_hardy/postfix_mxaccess/etc_postfix_mx_access

@@ -0,0 +1,10 @@
+0.0.0.0/8         REJECT Domain MX in broadcast network
+10.0.0.0/8        REJECT Domain MX in RFC 1918 private network
+127.0.0.0/8       REJECT Domain MX in loopback network
+169.254.0.0/16    REJECT Domain MX in link local network
+172.16.0.0/12     REJECT Domain MX in RFC 1918 private network
+192.0.2.0/24      REJECT Domain MX in TEST-NET network
+192.168.0.0/16    REJECT Domain MX in RFC 1918 private network
+224.0.0.0/4       REJECT Domain MX in class D multicast network
+240.0.0.0/5       REJECT Domain MX in class E reserved network
+248.0.0.0/5       REJECT Domain MX in reserved network