From 5751906c2c2908b8fabb226b09cc8f0d11a4ac86 Mon Sep 17 00:00:00 2001
From: Massimiliano Adamo <maxadamo@gmail.com>
Date: Mon, 6 May 2024 15:40:53 +0200
Subject: [PATCH] allow enabling ports 465 and 587

---
 README.md                                     |  3 +++
 .../11-postfix-generate-master.cf.sh          | 25 +++++++++++++------
 2 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 286128e..6552f5a 100644
--- a/README.md
+++ b/README.md
@@ -183,6 +183,7 @@ services:
       POSTFIX_RELAYHOST: "exchange.server.IP.addr"
       POSTFIX_RELAY_DOMAINS: "yourdomain.tld,someotherdomain.tld"
       POSTFIX_DNSBL_SITES: "hostkarma.junkemailfilter.com=127.0.0.2, bl.spamcop.net, cbl.abuseat.org=127.0.0.2, zen.spamhaus.org"
+      ENABLE_SUBMISSION_PORT: "true"
       ENABLE_OPENDKIM: "true"
       OPENDKIM_MODE: "v"
       OPENDKIM_LOGRESULTS: "true"
@@ -273,6 +274,8 @@ volumes:
 | `POSTFIX_RELAY_DOMAINS`            | See [documentation link](http://www.postfix.org/postconf.5.html#relay_domains). |
 | `POSTFIX_RELAYHOST_PORT`           | Optional port argument for `POSTFIX_RELAYHOST`. Default is `25` so only need to change if you're `relayhost` is running on a different port. |
 | `POSTFIX_RELAYHOST`                | See [documentation link](http://www.postfix.org/postconf.5.html#relayhost). |
+| `ENABLE_SUBMISSION_PORT`           | Enable port 587. See [documentation link](https://www.postfix.org/postconf.5.html#service_name). |
+| `ENABLE_SMTPS_PORT`                | Enable legacy port 465. See [documentation link](https://www.postfix.org/postconf.5.html#service_name). |
 | `POSTFIX_SMTP_TLS_CHAIN_FILES`     | See [documentation link](http://www.postfix.org/postconf.5.html#smtp_tls_chain_files). |
 | `POSTFIX_SMTPD_MILTERS`            | Any milters given here are applied after DKIM & ClamAV. See [documentation link](http://www.postfix.org/postconf.5.html#smtpd_milters). |
 | `POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS_PERMIT_SASL_AUTHENTICATED` | Set to `true` to include in `smtpd_recipient_restrictions`. See [documentation link](http://www.postfix.org/postconf.5.html#permit_sasl_authenticated). |
diff --git a/rootfs/etc/cont-init.d/11-postfix-generate-master.cf.sh b/rootfs/etc/cont-init.d/11-postfix-generate-master.cf.sh
index c607378..cd6b5a8 100644
--- a/rootfs/etc/cont-init.d/11-postfix-generate-master.cf.sh
+++ b/rootfs/etc/cont-init.d/11-postfix-generate-master.cf.sh
@@ -10,18 +10,29 @@ cp -v ${POSTFIX_MASTERCF_ORIGINAL_FILE} ${POSTFIX_MASTERCF_FILE}
 # Enable postscreen
 # See: http://www.postfix.org/POSTSCREEN_README.html
 # Comment out the "smtp inet ... smtpd" service in master.cf
-sed -i 's/^smtp *inet.*smtpd$/#&/' /etc/postfix/master.cf
+sed -i 's/^smtp *inet.*smtpd$/#&/' $POSTFIX_MASTERCF_FILE
 # Uncomment the new "smtpd pass ... smtpd" service in master.cf
-sed -i '/^#smtpd *pass.*smtpd$/s/^#//g' /etc/postfix/master.cf
+sed -i '/^#smtpd *pass.*smtpd$/s/^#//g' $POSTFIX_MASTERCF_FILE
 # Uncomment the new "smtp inet ... postscreen" service in master.cf
-sed -i '/^#smtp *inet.*postscreen$/s/^#//g' /etc/postfix/master.cf
+sed -i '/^#smtp *inet.*postscreen$/s/^#//g' $POSTFIX_MASTERCF_FILE
 # Uncomment the new "tlsproxy unix ... tlsproxy" service in master.cf
-sed -i '/^#tlsproxy *unix.*tlsproxy$/s/^#//g' /etc/postfix/master.cf
+sed -i '/^#tlsproxy *unix.*tlsproxy$/s/^#//g' $POSTFIX_MASTERCF_FILE
 # Uncomment the new "dnsblog unix ... dnsblog" service in master.cf
-sed -i '/^#dnsblog *unix.*dnsblog$/s/^#//g' /etc/postfix/master.cf
+sed -i '/^#dnsblog *unix.*dnsblog$/s/^#//g' $POSTFIX_MASTERCF_FILE
 
 # Do we enable & configure spf-engine?
 if [ "${ENABLE_SPF}" = "true" ]; then
-    echo "policy  unix  -       n       n       -       0       spawn" >> "${POSTFIX_MASTERCF_FILE}"
-    echo "    user=nobody argv=/usr/local/lib/policyd-spf-perl" >> "${POSTFIX_MASTERCF_FILE}"
+    echo "policy  unix  -       n       n       -       0       spawn" >>"${POSTFIX_MASTERCF_FILE}"
+    echo "    user=nobody argv=/usr/local/lib/policyd-spf-perl" >>"${POSTFIX_MASTERCF_FILE}"
+fi
+
+# Please note that on Debian submission port (587) and smtps port (465) are called
+# "submission" and "submissions" either in /etc/postfix/master.cf and in /etc/services
+# Do we enable & configure submission port?
+if [ "${ENABLE_SUBMISSION_PORT}" = "true" ]; then
+    sed -i '/^#submission *inet.*smtpd$/s/^#//g' $POSTFIX_MASTERCF_FILE
+fi
+# Do we enable & configure smtps port?
+if [ "${ENABLE_SMTPS_PORT}" = "true" ]; then
+    sed -i '/^#submissions *inet.*smtpd$/s/^#//g' $POSTFIX_MASTERCF_FILE
 fi