postfix/debian/postfix-add-filter

#!/usr/bin/python3
'''
postfix-add-filter - A script to append new services to Postfix master.cf to
simplify integration of content filters.

Copyright (c) 2008 Scott Kitterman <scott@kitterman.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
'''
__author__ = "Scott Kitterman"
__email__ = "scott@kitterman.com"
__version__ = "0.11: August 2, 2008"

import sys
import shutil
import time

def makeservice(name, port):
    # Recommendations from amavisd-new 2.6.0 documentation plus chrooted to
    # match Debian Postfix package defaults.
    header = """# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
# Added using postfix-add-filter script:
"""
    smtp = ("""%s unix    -       -       -       -       2     smtp
     -o smtp_data_done_timeout=1200
     -o smtp_send_xforward_command=yes
     -o smtp_tls_note_starttls_offer=no

""" % (name))

    smtpd = ("""127.0.0.1:%s inet n    -       -       -       -     smtpd
     -o content_filter=
     -o smtpd_delay_reject=no
     -o smtpd_client_restrictions=permit_mynetworks,reject
     -o smtpd_helo_restrictions=
     -o smtpd_sender_restrictions=
     -o smtpd_recipient_restrictions=permit_mynetworks,reject
     -o smtpd_data_restrictions=reject_unauth_pipelining
     -o smtpd_end_of_data_restrictions=
     -o smtpd_restriction_classes=
     -o mynetworks=127.0.0.0/8
     -o smtpd_error_sleep_time=0
     -o smtpd_soft_error_limit=1001
     -o smtpd_hard_error_limit=1000
     -o smtpd_client_connection_count_limit=0
     -o smtpd_client_connection_rate_limit=0
     -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
     -o local_header_rewrite_clients=
     -o smtpd_milters=
     -o local_recipient_maps=
     -o relay_recipient_maps=
""" % (port))
    additions = header + smtp + smtpd
    return additions


USAGE = """To add a new filter service to your master.cf:
    % sudo postfix-add-filter {smtp client name} {smtpd service port}

Example:
    % sudo postfix-add-filter amavisfeed 10025

Adds the following to master.cf:
""" + makeservice('amavisfeed', '10025') + """
To output this usage message:
    % postfix-add-filter
"""


if __name__ == '__main__':
    if len(sys.argv) < 3:
        print(USAGE + "\n")
    elif len(sys.argv) == 3:
        servicename = sys.argv[1]
        listenerport = sys.argv[2]
        # Read in master.cf and check to make sure specified names aren't
        # already used
        with open('/etc/postfix/master.cf', mode='r') as masterfile:
            master = masterfile.readlines()
        bailout = False
        for line in master:
            if servicename in line or listenerport in line:
                # Service name or listen port already used, print error and bail
                print('Selected service name, %s, or smtpd port, %s, \
                    already in master.cf.  Master.cf not updated.\n'
                    % (servicename, listenerport))
                bailout = True
                break
        if not bailout:
            # Make backup copy
            backupname = '/etc/postfix/master.cf.' + str(int(time.time()))
            shutil.copy2('/etc/postfix/master.cf', backupname)
            # Make working copy
            shutil.copy2('/etc/postfix/master.cf', \
                '/etc/postfix/master.cf.working')
            # Add stuff in
            stuff = makeservice(servicename, listenerport)
            # Append stuff to the working copy:
            with open('/etc/postfix/master.cf.working', mode='a') as newmaster:
                newmaster.writelines(stuff)
            # Put working copy in place.
            shutil.move('/etc/postfix/master.cf.working', \
                '/etc/postfix/master.cf')
    else:
        print(USAGE + '\n')