cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests 8 Projects Releases Wiki Activity

mailserver-autoconfig

Browse source
This commit is contained in:
mwiegand 2021-11-18 21:23:56 +01:00
parent 59a598448d
commit 8cfa3575f8
7 changed files with 254 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
bundles/mailserver-autoconfig/README.md Normal file
View file

@ -0,0 +1,3 @@
test autodiscover.php:
`curl -X POST https://autoconfig.mail.example.com/Autodiscover/Autodiscover.xml -d '<EMailAddress>test@example.com</EMailAddress>'`

83
bundles/mailserver-autoconfig/files/autodiscover.php Normal file
View file

@ -0,0 +1,83 @@
<?php
// https://raw.githubusercontent.com/Radiergummi/autodiscover/master/autodiscover/autodiscover.php
/********************************
* Autodiscover responder
********************************
* This PHP script is intended to respond to any request to http(s)://mydomain.com/autodiscover/autodiscover.xml.
* If configured properly, it will send a spec-complient autodiscover XML response, pointing mail clients to the
* appropriate mail services.
* If you use MAPI or ActiveSync, stick with the Autodiscover service your mail server provides for you. But if
* you use POP/IMAP servers, this will provide autoconfiguration to Outlook, Apple Mail and mobile devices.
*
* To work properly, you'll need to set the service (sub)domains below in the settings section to the correct
* domain names, adjust ports and SSL.
*/
//get raw POST data so we can extract the email address
$request = file_get_contents("php://input");
// optional debug log
# file_put_contents( 'request.log', $request, FILE_APPEND );
// retrieve email address from client request
preg_match( "/\<EMailAddress\>(.*?)\<\/EMailAddress\>/", $request, $email );
// check for invalid mail, to prevent XSS
if (filter_var($email[1], FILTER_VALIDATE_EMAIL) === false) {
throw new Exception('Invalid E-Mail provided');
}
// get domain from email address
$domain = substr( strrchr( $email[1], "@" ), 1 );
/**************************************
* Port and server settings below *
**************************************/
// IMAP settings
$imapServer = 'imap.' . $domain; // imap.example.com
$imapPort = 993;
$imapSSL = true;
// SMTP settings
$smtpServer = 'smtp.' . $domain; // smtp.example.com
$smtpPort = 587;
$smtpSSL = true;
//set Content-Type
header( 'Content-Type: application/xml' );
?>
<?php echo '<?xml version="1.0" encoding="utf-8" ?>'; ?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Protocol>
<Type>IMAP</Type>
<Server><?php echo $imapServer; ?></Server>
<Port><?php echo $imapPort; ?></Port>
<DomainRequired>off</DomainRequired>
<LoginName><?php echo $email[1]; ?></LoginName>
<SPA>off</SPA>
<SSL><?php echo $imapSSL ? 'on' : 'off'; ?></SSL>
<AuthRequired>on</AuthRequired>
</Protocol>
<Protocol>
<Type>SMTP</Type>
<Server><?php echo $smtpServer; ?></Server>
<Port><?php echo $smtpPort; ?></Port>
<DomainRequired>off</DomainRequired>
<LoginName><?php echo $email[1]; ?></LoginName>
<SPA>off</SPA>
<SSL><?php echo $smtpSSL ? 'on' : 'off'; ?></SSL>
<AuthRequired>on</AuthRequired>
<UsePOPAuth>on</UsePOPAuth>
<SMTPLast>on</SMTPLast>
</Protocol>
</Account>
</Response>
</Autodiscover>

57
bundles/mailserver-autoconfig/files/config-v1.1.xml Normal file
View file

@ -0,0 +1,57 @@
<?xml version="1.0"?>
<clientConfig version="1.1">
<!-- Outgoing Server -->
<emailProvider id="${mailserver}">
<!-- Hosted Domains -->
<domain>${mailserver}</domain>
<displayName>${mailserver}</displayName>
<displayShortName>${mailserver}</displayShortName>
<!-- Incoming Mail Servers -->
<incomingServer type="imap">
<hostname>${mailserver}</hostname>
<port>993</port>
<socketType>SSL</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username>
</incomingServer>
<incomingServer type="imap">
<hostname>${mailserver}</hostname>
<port>143</port>
<socketType>STARTTLS</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username>
</incomingServer>
<!-- Outgoing Mail Servers -->
<outgoingServer type="smtp">
<hostname>${mailserver}</hostname>
<port>465</port>
<socketType>SSL</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username>
</outgoingServer>
<outgoingServer type="smtp">
<hostname>${mailserver}</hostname>
<port>587</port>
<socketType>STARTTLS</socketType>
<authentication>password-cleartext</authentication>
<username>%EMAILADDRESS%</username>
</outgoingServer>
<!-- Documentation -->
<documentation url="http://www.example.com/help/mail/thunderbird">
<descr lang="en">Configure Thunderbird 2.0 for IMAP</descr>
<descr lang="de">Thunderbird 2.0 mit IMAP konfigurieren</descr>
</documentation>
</emailProvider>
<clientConfigUpdate url="https://${autoconfig}/mail/config-v1.1.xml" />
</clientConfig>

16
bundles/mailserver-autoconfig/items.py Normal file
View file

@ -0,0 +1,16 @@
autoconfig_hostname = node.metadata.get('mailserver/autoconfig_hostname')
files = {
f'/var/www/{autoconfig_hostname}/mail/config-v1.1.xml': {
'content_type': 'mako',
'context': {
'mailserver': node.metadata.get('mailserver/hostname'),
'autoconfig': autoconfig_hostname,
},
'owner': 'www-data',
},
f'/var/www/{autoconfig_hostname}/autodiscover/autodiscover.php': {
'content_type': 'mako',
'owner': 'www-data',
},
}

78
bundles/mailserver-autoconfig/metadata.py Normal file
View file

@ -0,0 +1,78 @@
defaults = {}
@metadata_reactor.provides(
'mailserver/autoconfig_hostname',
)
def hostname(metadata):
return {
'mailserver': {
'autoconfig_hostname': f"autoconfig.{metadata.get('mailserver/hostname')}",
},
}
@metadata_reactor.provides(
'nginx/vhosts',
)
def nginx(metadata):
return {
'nginx': {
'vhosts': {
metadata.get('mailserver/autoconfig_hostname'): {
'content': 'mailserver-autodiscover/vhost.conf',
'context': {
'root': f"/var/www/{metadata.get('mailserver/autoconfig_hostname')}",
},
},
},
},
}
@metadata_reactor.provides(
'letsencrypt/domains',
)
def letsencrypt(metadata):
return {
'letsencrypt': {
'domains': {
metadata.get('mailserver/autoconfig_hostname'): {
'aliases': {
*{
f'autoconfig.{domain}'
for domain in metadata.get('mailserver/domains')
},
*{
f'autodiscover.{domain}'
for domain in metadata.get('mailserver/domains')
},
},
},
},
},
}
@metadata_reactor.provides(
'dns',
)
def autoconfig(metadata):
dns = {}
for domain in metadata.get('mailserver/domains'):
dns.update({
f'autoconfig.{domain}': {
'CNAME': {f"{metadata.get('mailserver/autoconfig_hostname')}."},
},
f'_autodiscover._tcp.{domain}': {
'SRV': {f"10 10 443 {metadata.get('mailserver/autoconfig_hostname')}."},
},
f'autodiscover.{domain}': {
'CNAME': {f"{metadata.get('mailserver/autoconfig_hostname')}."},
},
})
return {
'dns': dns,
}

16
data/mailserver-autodiscover/vhost.conf Normal file
View file

@ -0,0 +1,16 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${server_name};
ssl_certificate /var/lib/dehydrated/certs/${server_name}/fullchain.pem;
ssl_certificate_key /var/lib/dehydrated/certs/${server_name}/privkey.pem;
root ${root};
location ~ /(?:a|A)utodiscover/(?:a|A)utodiscover.xml {
try_files /autodiscover/autodiscover.php =404;
fastcgi_pass php-handler;
include fastcgi.conf;
}
}

1
groups/applications/mailserver.py
View file

@ -4,6 +4,7 @@
'dovecot',
'letsencrypt',
'mailserver',
'mailserver-autoconfig',
'nginx',
'php',
'postfix',