#!/usr/local/bin/perl # postfinger.cgi # check postfix configuration require './postfix-lib.pl'; ## no critic use strict; use warnings; our ($Defaultsinmain, $err, $Libraries, $Locking, $Main, $Master, $Package, $Permissions, $postf1, $postf2, $postf3, $postf4, $postf5, $postf6, $postf7, $postf8, $postfix_version, $System, $Tables, $Warn, %access, %config, %text); my $mailq; &ReadParse(); $System=1; $Package=1; $Locking=1; $Tables=1; $Main=1; $Master=1; $Permissions=1; $Libraries=1; $Warn=1; $Defaultsinmain=1; $access{'postfinger'} || &error($text{'postfinger_ecannot'}); &header($text{'postfinger_title'}, ""); &head; if (! -x $config{'postfix_config_command'} && ! -r $config{'postfix_config_file'} ) { print "Can not find postconf"; exit; } # Verify that current configuration is valid if ($config{'index_check'} && ($err = &check_postfix())) { print "

",&text('check_error'),"

\n"; print "

$err
\n"; &ui_print_footer("/", $text{'index'}); exit; } if ($System eq 1 ) { # print '
--System Parameters--
'; if (&has_command($config{'postfix_config_command'})) { print "

Postfix Version: $postfix_version

"; print ""; print "
"; print ""; open($mailq, "-|", "/bin/hostname 2>/dev/null"); while (my $hostname = <$mailq>) { print ""; } close($mailq); open($mailq, "-|", "/bin/uname -a 2>/dev/null"); while (my $uname = <$mailq>) { print ""; } close($mailq); } print "
Hostname $hostname
System $uname

"; } if ($Locking eq 1 ) { print '

Mailbox locking methods

'; print ''; open($mailq, "-|", "$config{'postfix_config_command'} -l 2>/dev/null"); while (my $locking_methods = <$mailq>) { print ""; } close($mailq); print "
$locking_methods

"; } if ($Tables eq 1 ) { print '

Supported Lookup Tables

'; print ''; # print '
--Supported Lookup tables--

'; open($mailq, "-|", "$config{'postfix_config_command'} -m 2>/dev/null"); while (my $lookup_tables = <$mailq>) { print ""; } close($mailq); print "
$lookup_tables

"; } if (($Main eq 1 || $Defaultsinmain eq 1 ) && ("x`find . -prune \( -perm 020 -o -perm 002 \) -print`" != "x")){ print "
Do not run this in a public- or group-writable directory

"; exit; } else { system ("rm postfinger.*.d postfinger.*.n"); # unlink "postfinger.*.d, postfinger.*.n"; `$config{'postfix_config_command'} -d | tr -s [:blank:] | sort > postfinger.$$.d`; `$config{'postfix_config_command'} -n | tr -s [:blank:] | sort > postfinger.$$.n`; if ($Main eq 1 ) { print '

main.cf


non-default parameters

'; print ''; # print '
--main.cf non-default parameters--

'; open($mailq, "-|", "/usr/bin/comm -13 postfinger.$$.d postfinger.$$.n 2>/dev/null"); while (my $postfinger = <$mailq>) { ($postf1,$postf2)=split(/=/,$postfinger,2); print ""; print ""; } close($mailq); print "
$postf1$postf2

"; } if ($Defaultsinmain eq 1 ) { print '

main.cf


parameters defined as per defaults

'; print ''; # print '
--main.cf parameters defined as per defaults--

'; open($mailq, "-|", "/usr/bin/comm -12 postfinger.$$.d postfinger.$$.n 2>/dev/null"); while (my $postfinger = <$mailq>) { ($postf1,$postf2)=split(/=/,$postfinger,2); print ""; print ""; } close($mailq); print "
$postf1$postf2

"; } unlink "postfinger.*.d, postfinger.*.n"; } if ($Master eq 1 ) { print '

master.cf


'; print ''; print "", "", "", ""; open($mailq, "-|", "/bin/cat `$config{'postfix_config_command'} -h config_directory`/master.cf 2>/dev/null"); while (my $postfinger = <$mailq>) { ($postf1,$postf2,$postf3,$postf4,$postf5,$postf6,$postf7,$postf8)=split(/\s+/,$postfinger,8); if ($postfinger =~ /\-o/) { print "", "", "", "" if ( !grep(/^#|^\[ \]*$/,$postfinger)); } elsif ($postfinger =~ /user=/) { print "", "", "", "" if ( !grep(/^#|^\[ \]*$/,$postfinger)); } else { print "", "", "", "" if ( !grep(/^#|^\[ \]*$/,$postfinger)); } } close($mailq); print "
servicetypeprivateunprivchrootwakeupmaxproccommand + args
$postf2
$postf1
$postf1
$postf2
$postf3
$postf4
$postf5
$postf6
$postf7
$postf8

"; } if ($Permissions eq 1 ) { print '

Specific file and directory permissions


'; print ''; print ""; open($mailq, "-|", "/bin/ls -ld `$config{'postfix_config_command'} -h queue_directory`/maildrop 2>/dev/null"); while (my $postfinger = <$mailq>) { print "" if ( !grep(/total|^#|^\[ \]*$/,$postfinger)); } close($mailq); print ""; open($mailq, "-|", "/bin/ls -ld `$config{'postfix_config_command'} -h queue_directory`/public 2>/dev/null"); while (my $postfinger = <$mailq>) { print "" if ( !grep(/total|^#|^\[ \]*$/,$postfinger)); } close($mailq); print ""; if (! open($mailq, "-|", "/bin/ls -l `$config{'postfix_config_command'} -h queue_directory`/public 2>/dev/null")) { print '
WARNING: No access to $queue_directory/public
Try running postfinger as user root or postfix

'; } else { while (my $postfinger = <$mailq>) { print "" if ( !grep(/total|^#|^\[ \]*$/,$postfinger)); } close($mailq); print ""; } open($mailq, "-|", "/bin/ls -ld `$config{'postfix_config_command'} -h queue_directory`/private 2>/dev/null"); while (my $postfinger = <$mailq>) { print "" if ( !grep(/total|^#|^\[ \]*$/,$postfinger)); } close($mailq); print ""; if (! open($mailq, "-|", "/bin/ls -l `$config{'postfix_config_command'} -h queue_directory`/private 2>/dev/null")) { print '
WARNING: No access to $queue_directory/private
Try running postfinger as user root or postfix

'; } else { while (my $postfinger = <$mailq>) { print "" if ( !grep(/total|^#|^\[ \]*$/,$postfinger)); } close($mailq); print ""; } open($mailq, "-|", "/bin/ls -l `$config{'postfix_config_command'} -h command_directory`/postdrop 2>/dev/null"); while (my $postfinger = <$mailq>) { print "" if ( !grep(/total|^#|^\[ \]*$/,$postfinger)); } close($mailq); print ""; open($mailq, "-|", "/bin/ls -l `$config{'postfix_config_command'} -h command_directory`/postqueue 2>/dev/null"); while (my $postfinger = <$mailq>) { print "" if ( !grep(/total|^#|^\[ \]*$/,$postfinger)); } close($mailq); print "
Permission Deep Owner Group Size Date Directory/File
$postfinger
$postfinger
$postfinger
$postfinger
$postfinger
$postfinger
$postfinger

"; } if ($Libraries eq 1 ) { print '

Library dependencies

'; print ''; if (! open($mailq, "-|", "/usr/bin/ldd `$config{'postfix_config_command'} -h daemon_directory`/smtpd 2>/dev/null")) { print '
WARNING: Can not find ldd. Check you have it installed and in your path

'; } else { while (my $postfinger = <$mailq>) { ($postf1,$postf2)=split(/=/,$postfinger,2); print ""; print ""; } close($mailq); print "
$postf1=$postf2

"; } } print ""; &ui_print_footer("index.cgi", $text{'index_title'}); sub head { print ""; #print "Postfinger"; #print "
"; print ""; print "
"; return; }