###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.6.5
+SUMMARY = A fast, secure, and flexible mailer
+
+VER = 3.8.4
THISAPP = postfix-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = postfix
-PAK_VER = 6
+PAK_VER = 44
+
+DEPS =
+
+SERVICES = postfix
+
+CCARGS = `getconf LFS_CFLAGS` \
+ -DDEF_DAEMON_DIR="'\"/usr/lib/postfix\"'" \
+ -DDEF_MANPAGE_DIR="'\"/usr/share/man\"'" \
+ -DNO_NIS
+AUXLIBS =
+
+# LDAP
+CCARGS += -DHAS_LDAP -DLDAP_DEPRECATED=1
+AUXLIBS += -lldap -llber
-DEPS = "amavisd mysql"
+# PCRE
+CCARGS += -DHAS_PCRE -I/usr/include/pcre
+AUXLIBS += -lpcre
+
+# SASL
+CCARGS += -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl
+AUXLIBS += -L/usr/lib/sasl2 -lsasl2
+
+# TLS
+CCARGS += -DUSE_TLS `pkg-config --cflags openssl`
+AUXLIBS += `pkg-config --libs openssl`
###############################################################################
# Top-level Rules
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6b954cfb3eb6141dac1e773281211717
+$(DL_FILE)_BLAKE2 = 200ce3d72444da05e42fc8627002d53d68c1b3d78b7f74b0130ac958c23d16454783ef4849a8c9a4e3cba8ae36646e921f7e94ac4fb819b597e1a5ab1a875272
install : $(TARGET)
download :$(patsubst %,$(DIR_DL)/%,$(objects))
-md5 : $(subst %,%_MD5,$(objects))
+b2 : $(subst %,%_BLAKE2,$(objects))
-dist:
+dist:
@$(PAK)
###############################################################################
-# Downloading, checking, md5sum
+# Downloading, checking, b2sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
-$(subst %,%_MD5,$(objects)) :
- @$(MD5)
+$(subst %,%_BLAKE2,$(objects)) :
+ @$(B2SUM)
###############################################################################
# Installation Details
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+
cd $(DIR_APP) && make -f Makefile.init makefiles \
- 'CCARGS=-DDEF_DAEMON_DIR=\"/usr/lib/postfix\" -DDEF_MANPAGE_DIR=\"/usr/share/man\" -DUSE_TLS -I/usr/include/openssl -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl -DHAS_MYSQL -I/usr/include/mysql' \
- 'AUXLIBS=-L/usr/lib -L/usr/lib/sasl2 -lz -lm -lssl -lcrypto -lmysqlclient -L/usr/lib/mysql -lsasl2 -L/usr/lib'
+ DEBUG="" OPT="$(CFLAGS) -fno-strict-aliasing" CCARGS="$(CCARGS)" AUXLIBS="$(AUXLIBS)"
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && sh postfix-install -non-interactive
## Install configuration
rm -vf /etc/postfix/main.cf.default
- cp -vf $(DIR_CONF)/postfix/* /etc/postfix
- mv -vf /etc/postfix/aliases /etc/aliases
+
+ # update main.cf parameters to prevent smtp smuggling attack
+ postconf -e 'smtpd_forbid_bare_newline = yes'
+ postconf -e 'smtpd_forbid_unauth_pipelining = yes'
+ postconf -e 'smtpd_data_restrictions = reject_unauth_pipelining'
+ postconf -e 'smtpd_discard_ehlo_keywords = chunking'
+
mkdir -p /var/lib/postfix
chown postfix.root /var/lib/postfix
+
+ install -v -m 644 $(DIR_SRC)/config/backup/includes/postfix \
+ /var/ipfire/backup/addons/includes/postfix
+ mv /usr/sbin/sendmail /usr/sbin/sendmail.postfix
+
+ #install initscripts
+ $(call INSTALL_INITSCRIPTS,$(SERVICES))
+
@rm -rf $(DIR_APP)
@$(POSTBUILD)