Autoinstall.default

#!/bin/sh
#
# To use Install.sh,
# copy this file to Autoinstall.conf where it will be loaded
# when you run Install.sh.
# You can edit the values below to choose which files to install
# To remove an option change the relevant AUTO_CH value to N
#
# NB In the previous version a set of test files could be written
# in /tmp. This is no longer necessary because all files changed here
# are written into /etc/exim4/sympl-local.d and /etc/dovecot/sympl-local.d
#
# Autoinstall.conf is ignored by git, so will not impact on any future
# pull requests.
#
# *** WARNING
# The script doesn't delete old files or undo any changes that may
# have been made previously.
# If you are removing changes that were previously installed
# or moving to a new version whose config changes installed files
# Save the current sets of files by running
# mv sympl-local.d to sympl-local.d.old
# in /etc/exim4 and /etc/dovecot
# and run then the script to create files from current copies
#
# You can create trial config files by using
# make exim4.conf.tmp
# or
# make dovecot-conf.tmp
#
# *** WARNING
#
# Change 1: Dovecot
# Add Authentication Logging
AUTO_CH1=Y

#
# Change 2: Dovecot
# Supply private IMAP and IMAPS ports
# Add your ports
AUTO_CH2=Y
AUTO_IMAP_PORT=
AUTO_IMAPS_PORT=

#
# Change 3: Exim
# Add +smtp_protocol_error to logging
AUTO_CH3=Y

#
# Change 4: Exim
# replace 'ident' suppression by approved recipe
AUTO_CH4=Y

#
# Change 5: Exim
# Allow skipping of connect ip checking
AUTO_CH5=Y

#
# Change 6: Exim
# Use the Sympl/Symbiosis/Nftfw firewall database to block IPs
AUTO_CH6=Y
# NB to use this option the script wants to set values in
# the file installed in AUTO_CH5.
#
# Set AUTO_CH6_DATABASE to
# sympl or nftfw
# depending on which firewall system you are using
# if this is not defined, the script will look for the system
# you are using in the following order
# nftfw - if /etc/nftfw/config.ini or /var/lib/nftfw/firewall.db  exists
# nftfw - if /usr/local/etc/nftfw/config.ini or /usr/local//var/lib/nftfw/firewall.db  exists
# sympl - if /var/lib/sympl/firewall-blacklist-count.db exists
# symbiosis - if /var/lib/symbiosis/firewall-blacklist-count.db exists
AUTO_CH6_DATABASE=

#
# Change 7: Exim
# Ratelimiting connections
AUTO_CH7=Y

#
# Change 8: Exim
# Adding Extra Blacklists
# NB these need activating in
# srv/domain.example/config/blacklists
AUTO_CH8=Y

#
# Change 9: Exim
# Reject connections in the RCPT ACL if there is no reverse PTR record for the IP
# see Change 11 below
AUTO_CH9=Y

#
# Change 10: Exim
# Use Spamhaus Data Query Service for DNSBL lookups
AUTO_CH10=Y
# NB these need activating in
# srv/domain.example/config/blacklists
# You need to sign up at
# https://www.spamhaustech.com/free-trial/sign-up-for-a-free-data-query-service-account/
# and insert your key here
AUTO_SPAMHAUS_DB_KEY=

# Change 11: Exim
# Stop annoying no IP for no_matching_hosts error
# Not needed for Sympl
AUTO_CH11=N

#
# Change 12: Exim (2024)
# Reject connections in the CONNECT ACL if there is no reverse PTR record for the IP
# you don't need AUTO_CH9 if you use this, but I've left it actioned
# for backwards compatibility
AUTO_CH12=Y

#
# Change 13: Exim (2024)
# Reject connections in the CONNECT ACL if the IP address is flagged as
# bad in a DNSBL. This needs AUTO_CH10 to set a Spamhaus Key
#
AUTO_CH13=Y
# This is an exim4 list and is edited into the new control file
# 00-main/22-dns-check-in-connect
# NB you cannot alter the order of tests
DNSBL_CHECK_IN_CONNECT='spamhaus : spamcop : barracuda'

# Change 14: Exim (2024)
# Accept email from known local domains in RCPT ACL
# This avoids DNS and other checks for local senders
AUTO_CH14=Y

# Version for Autoinstall - don't change this
# it's used by Install to cope with future changes
AUTO_VERSION=3

# Do not remove this line
export AUTO_CH1 AUTO_CH2 AUTO_IMAP_PORT AUTO_IMAPS_PORT AUTO_CH3 AUTO_CH4 AUTO_CH5 AUTO_CH6 AUTO_CH6_DATABASE AUTO_CH7 AUTO_CH8 AUTO_CH9 AUTO_CH10 AUTO_CH11 AUTO_SPAMHAUS_DB_KEY AUTO_CH12 AUTO_CH13 DNSBL_CHECK_IN_CONNECT AUTO_CH14 AUTO_VERSION