spf-dkim-dmarc-demo/recipient/web-api/lib/Email/SpoofingDemo/PostfixConfig.pm

117 lines
2.7 KiB
Perl

#
# SPDX-FileCopyrightText: 2023 Afnic
#
# SPDX-License-Identifier: GPL-3.0-or-later
#
package Email::SpoofingDemo::PostfixConfig;
use strict;
use warnings;
use v5.10;
use utf8;
use Exporter 'import';
our @EXPORT_OK = qw(spf_dkim_dmarc_status
set_spf_dkim_dmarc_status);
my $CHECK_SPF_POLICY = 'check_policy_service unix:private/policy';
my $DKIM_MILTER = 'inet:127.0.0.1:8891';
my $DMARC_MILTER = 'inet:127.0.0.1:8893';
my $POSTCONF = '/usr/sbin/postconf';
sub safe_system {
system @_;
my $exit_status = ($? >> 8);
die "$_[0] exited with status $exit_status" unless $exit_status == 0;
return;
}
sub reload_postfix {
safe_system(qw(postfix reload));
}
sub postconf_read {
my ($variable) = @_;
my $output = '';
open (my $fh, '-|', $POSTCONF, '-h', $variable) or die "postconf: $!";
while (<$fh>) {
chomp;
$output .= $_;
}
close($fh);
my $exit_status = ($? >> 8);
die "postconf failed" unless $exit_status == 0;
if (wantarray) {
return split(/,\s*/, $output);
}
else {
return $output;
}
}
sub postconf_set {
die "Need an even number of parameters" if scalar(@_) % 2 != 0;
my @vars_to_set;
while (@_) {
my $parameter = shift;
my $value = shift;
push(@vars_to_set, "$parameter=$value");
}
my ($parameter, $value) = @_;
safe_system($POSTCONF, '-e', @vars_to_set);
}
sub smtpd_recipient_restrictions {
my ($enabled) = @_;
return ($enabled) ? $CHECK_SPF_POLICY : '';
}
sub spf_dkim_dmarc_status {
my @smtpd_recipient_restrictions = postconf_read('smtpd_recipient_restrictions');
my @smtpd_milters = postconf_read('smtpd_milters');
return {
spf => scalar(grep { $_ eq $CHECK_SPF_POLICY } @smtpd_recipient_restrictions),
dkim => scalar(grep { $_ eq $DKIM_MILTER } @smtpd_milters),
dmarc => scalar(grep { $_ eq $DMARC_MILTER } @smtpd_milters)
};
}
sub smtpd_milters {
my ($dkim_enabled, $dmarc_enabled) = @_;
my @milters;
push @milters, $DKIM_MILTER if $dkim_enabled;
push @milters, $DMARC_MILTER if $dmarc_enabled;
return join(', ', @milters);
}
sub set_spf_dkim_dmarc_status {
my ($spf_enabled, $dkim_enabled, $dmarc_enabled) = @_;
say STDERR "Setting configuration";
postconf_set(
smtpd_recipient_restrictions => smtpd_recipient_restrictions($spf_enabled),
smtpd_milters => smtpd_milters($dkim_enabled, $dmarc_enabled)
);
say STDERR "Reloading Postfix";
reload_postfix();
say STDERR "Done";
}
1;