#! /bin/bash ############################################################# #### PostFix (Sendonly) install Script for Oracle Linux, #### #### Centos/Redhat and Ubuntu Servers. #### #### #### #### Author: Phil Connor 02/10/2021 #### #### Contact: contact@mylinux.work #### #### Version 1.20-12.13.22 #### #### #### #### To use this script chmod it to 755 #### #### or simply type bash #### ############################################################# ############################# #### User Configurations #### ############################# DomainName=myserver.mydomain.com # <-- Name of the server you are configuring this on EnableForw=yes # <-- Do you want the server to forward the mail (yes/no) ForwardMail=my_email@mydomain.com # <-- What is the email you want to forward to? ########################## #### System Variables #### ########################## macnf=/etc/postfix/main.cf sslcerts=/etc/letsencrypt/live/$DomainName if [ "$(command -v lsb_release)" ]; then OS=$(lsb_release -i | awk '{print $3}' | tr '[:upper:]' '[:lower:]') OSVER=$(lsb_release -r | awk '{print $2}' | awk -F. '{print $1}') else OS=$(grep PRETTY_NAME /etc/os-release | sed 's/PRETTY_NAME=//g' | tr -d '="' | awk '{print $1}' | tr '[:upper:]' '[:lower:]') OSVER=$(grep VERSION_ID /etc/os-release | sed 's/VERSION_ID=//g' | tr -d '="' | awk -F. '{print $1}') fi ########################################################### #### Detect Package Manger from OS and OSVer Variables #### ########################################################### if [[ ${OS} = alma || ${OS} = amazon || ${OS} = centos || ${OS} = red || ${OS} = rocky || ${OS} = oracle ]]; then if [[ "${OSVER}" = 7 || "${OSVER}" = 7 ]]; then PAKMGR="yum -y" else PAKMGR="dnf -y" fi elif [[ "${OS}" = ubuntu || "${OS}" = debian ]]; then PAKMGR="apt -y" fi ######################################################## #### Install PostFix, Configure and Start/Enable it #### ######################################################## if [[ "${OS}" = ubuntu || "${OS}" = debian ]]; then echo "postfix postfix/mailname string $DomainName" | debconf-set-selections echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections DEBIAN_FRONTEND=noninteractive $PAKMGR install postfix bsd-mailx else $PAKMGR install postfix mailx fi sed -i "s/inet_interfaces = all/inet_interfaces = loopback-only/g" $macnf postconf -e "myhostname = $DomainName" sed -i "s/#myorigin = \$myhostname/myorigin = \$myhostname/g" $macnf sed -i "s/mydestination = \$myhostname, domain-name.com, localhost.\$mydomain, localhost/mydestination = \$myhostname, $DomainName, localhost.\$mydomain, localhost/g" $macnf systemctl enable --now postfix hostnamectl set-hostname $DomainName echo "Mail delivery test" | mail -s "[Server] New e-mail" $ForwardMail if [ $EnableForw = yes ]; then sed -i "s/root: /root: $ForwardMail/g" newaliases systemctl restart postfix fi ######################## #### Add Encryption #### ######################## function encrypt() { { $PAKMGR install certbot if [ "$(command -v ufw)" ]; then ufw allow http elif [ "$(command -v firewall-cmd)" ]; then firewall-cmd --zone=public --add-port=80/tcp firewall-cmd --zone=public --permanent --add-port=80/tcp elif [ "$(command -v iptables)" ]; then iptables -I INPUT -p tcp -m tcp –dport 80 -j ACCEPT service iptables save ip6tables -I INPUT -p tcp -m tcp –dport 80 -j ACCEPT service ip6tables save systemctl restart iptables ip6tables fi certbot certonly --standalone --rsa-key-size 4096 --agree-tos --preferred-challenges http -d $DomainName #### TLS parameters #### sed -i "s/smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem/smtpd_tls_cert_file=$sslcerts/fullchain.pem/g" $macnf sed -1 "s/smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key/smtpd_tls_key_file=$sslcerts/privkey.pem/g" $macnf systemctl restart postfix echo "This is a test of an encrypted email" | mail -s "This is Just a Test" $ForwardMail } }