Merge pull request #362 from shawniverson:012124postfix

Conditions for postfix on EL7 and EL8

rpmbuild/SOURCES/eFa-4.0.4/updates/update-4.0.4.sh

@@ -2,7 +2,7 @@
 #-----------------------------------------------------------------------------#
 # eFa 4.0.4-x cumulative updates script
 #-----------------------------------------------------------------------------#
-# Copyright (C) 2013~2023 https://efa-project.org
+# Copyright (C) 2013~2024 https://efa-project.org
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -393,7 +393,12 @@ gpgkey = https://repo.ius.io/RPM-GPG-KEY-IUS-7
 EOF
 fi
 
-if [[ -z $(grep smtpd_forbid_bare_newline /etc/postfix/main.cf) ]; then
+# Openssl too old on CentOS 7 to support latest postfix build
+if [[ $centosver -eq 7 && -z $(grep smtpd_forbid_unauth_pipelining /etc/postfix/main.cf) ]]; then
+    # Protect against SMTP smuggling
+    postconf -e "smtpd_forbid_unauth_pipelining = yes"
+    postconf -e "smtpd_discard_ehlo_keywords = chunking, silent-discard"
+elif [[ $centosver -eq 8 && -z $(grep smtpd_forbid_bare_newline /etc/postfix/main.cf) ]]; then
     # Protect against SMTP smuggling
     postconf -e "smtpd_forbid_unauth_pipelining = yes"
     postconf -e "smtpd_discard_ehlo_keywords = chunking, silent-discard"

rpmbuild/SOURCES/eFa-base-4.0.0/postfix-config-4.0.0.sh

@@ -2,7 +2,7 @@
 #-----------------------------------------------------------------------------#
 # eFa 4.0.0 initial postfix-configuration script
 #-----------------------------------------------------------------------------#
-# Copyright (C) 2013~2018 https://efa-project.org
+# Copyright (C) 2013~2024 https://efa-project.org
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -75,8 +75,10 @@ postconf -e "smtpd_sender_restrictions = permit_sasl_authenticated, check_sender
 postconf -e "smtpd_data_restrictions =  reject_unauth_pipelining"
 postconf -e "smtpd_forbid_unauth_pipelining = yes"
 postconf -e "smtpd_discard_ehlo_keywords = chunking, silent-discard"
-postconf -e "smtpd_forbid_bare_newline = yes"
-postconf -e "smtpd_forbid_bare_newline_exclusions = \$mynetworks"
+if [[ $centosver -eq 8 ]]; then
+  postconf -e "smtpd_forbid_bare_newline = yes"
+  postconf -e "smtpd_forbid_bare_newline_exclusions = \$mynetworks"
+fi
 postconf -e "smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client zen.spamhaus.org"
 postconf -e "smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination"
 postconf -e "smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_recipient_access hash:/etc/postfix/recipient_access, check_policy_service inet:127.0.0.1:2501, reject_unverified_recipient"

rpmbuild/SPECS/eFa4.spec

@@ -1,7 +1,7 @@
 #-----------------------------------------------------------------------------#
 # eFa SPEC file definition
 #-----------------------------------------------------------------------------#
-# Copyright (C) 2013~2022 https://efa-project.org
+# Copyright (C) 2013~2024 https://efa-project.org
 #
 # This SPEC is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -205,7 +205,9 @@ Requires:  libtool-ltdl >= 2.4.2-22
     # libtool-ltdl                               # base    # MailScanner
 Requires:  unrar >= 6.1.7-1
     # unrar                                      # eFa     # MailScanner
-Requires:  postfix_eFa >= 3.5.23-1
+%{?el7:Requires:  postfix_eFa >= 3.5.9-1}
+    # postfix_eFa                                # eFa     # MTA
+%{?el8:Requires:  postfix_eFa >= 3.5.23-1}
     # postfix_eFa                                # eFa     # MTA
 %{?el7:Requires:  sqlgrey >= 1.8.0-8}
     # sqlgrey                                    # epel    # Greylisting