]>
Commit | Line | Data |
---|---|---|
1 | { lib, pkgs, config, nodes, ... }: | |
2 | { | |
3 | config = lib.mkIf config.myServices.mail.enable { | |
4 | services.duplyBackup.profiles.mail.excludeFile = '' | |
5 | + /var/lib/postfix | |
6 | ''; | |
7 | secrets.keys = [ | |
8 | { | |
9 | dest = "postfix/mysql_alias_maps"; | |
10 | user = config.services.postfix.user; | |
11 | group = config.services.postfix.group; | |
12 | permissions = "0440"; | |
13 | text = '' | |
14 | # We need to specify that option to trigger ssl connection | |
15 | tls_ciphers = TLSv1.2 | |
16 | user = ${config.myEnv.mail.postfix.mysql.user} | |
17 | password = ${config.myEnv.mail.postfix.mysql.password} | |
18 | hosts = unix:${config.myEnv.mail.postfix.mysql.socket} | |
19 | dbname = ${config.myEnv.mail.postfix.mysql.database} | |
20 | query = SELECT DISTINCT destination | |
21 | FROM forwardings_merge | |
22 | WHERE | |
23 | ((regex = 1 AND '%s' REGEXP CONCAT('^',source,'$') ) OR (regex = 0 AND source = '%s')) | |
24 | AND active = 1 | |
25 | AND '%s' NOT IN | |
26 | ( | |
27 | SELECT source | |
28 | FROM forwardings_blacklisted | |
29 | WHERE source = '%s' | |
30 | ) UNION | |
31 | SELECT 'devnull@immae.eu' | |
32 | FROM forwardings_blacklisted | |
33 | WHERE source = '%s' | |
34 | ''; | |
35 | } | |
36 | { | |
37 | dest = "postfix/mysql_mailbox_maps"; | |
38 | user = config.services.postfix.user; | |
39 | group = config.services.postfix.group; | |
40 | permissions = "0440"; | |
41 | text = '' | |
42 | # We need to specify that option to trigger ssl connection | |
43 | tls_ciphers = TLSv1.2 | |
44 | user = ${config.myEnv.mail.postfix.mysql.user} | |
45 | password = ${config.myEnv.mail.postfix.mysql.password} | |
46 | hosts = unix:${config.myEnv.mail.postfix.mysql.socket} | |
47 | dbname = ${config.myEnv.mail.postfix.mysql.database} | |
48 | result_format = /%d/%u | |
49 | query = SELECT DISTINCT '%s' | |
50 | FROM mailboxes | |
51 | WHERE active = 1 | |
52 | AND ( | |
53 | (domain = '%d' AND user = '%u' AND regex = 0) | |
54 | OR ( | |
55 | regex = 1 | |
56 | AND '%d' REGEXP CONCAT('^',domain,'$') | |
57 | AND '%u' REGEXP CONCAT('^',user,'$') | |
58 | ) | |
59 | ) | |
60 | LIMIT 1 | |
61 | ''; | |
62 | } | |
63 | { | |
64 | dest = "postfix/mysql_sender_login_maps"; | |
65 | user = config.services.postfix.user; | |
66 | group = config.services.postfix.group; | |
67 | permissions = "0440"; | |
68 | text = '' | |
69 | # We need to specify that option to trigger ssl connection | |
70 | tls_ciphers = TLSv1.2 | |
71 | user = ${config.myEnv.mail.postfix.mysql.user} | |
72 | password = ${config.myEnv.mail.postfix.mysql.password} | |
73 | hosts = unix:${config.myEnv.mail.postfix.mysql.socket} | |
74 | dbname = ${config.myEnv.mail.postfix.mysql.database} | |
75 | query = SELECT DISTINCT destination | |
76 | FROM forwardings_merge | |
77 | WHERE | |
78 | ((regex = 1 AND '%s' REGEXP CONCAT('^',source,'$') ) OR (regex = 0 AND source = '%s')) | |
79 | AND active = 1 | |
80 | UNION SELECT '%s' AS destination | |
81 | ''; | |
82 | } | |
83 | { | |
84 | dest = "postfix/mysql_sender_relays_maps"; | |
85 | user = config.services.postfix.user; | |
86 | group = config.services.postfix.group; | |
87 | permissions = "0440"; | |
88 | text = '' | |
89 | # We need to specify that option to trigger ssl connection | |
90 | tls_ciphers = TLSv1.2 | |
91 | user = ${config.myEnv.mail.postfix.mysql.user} | |
92 | password = ${config.myEnv.mail.postfix.mysql.password} | |
93 | hosts = unix:${config.myEnv.mail.postfix.mysql.socket} | |
94 | dbname = ${config.myEnv.mail.postfix.mysql.database} | |
95 | # INSERT INTO sender_relays | |
96 | # (`from`, owner, relay, login, password, regex, active) | |
97 | # VALUES | |
98 | # ( 'sender@otherhost.org' | |
99 | # , 'me@mail.immae.eu' | |
100 | # , '[otherhost.org]:587' | |
101 | # , 'otherhostlogin' | |
102 | # , AES_ENCRYPT('otherhostpassword', '${config.myEnv.mail.postfix.mysql.password_encrypt}') | |
103 | # , '0' | |
104 | # , '1'); | |
105 | ||
106 | query = SELECT DISTINCT `owner` | |
107 | FROM sender_relays | |
108 | WHERE | |
109 | ((regex = 1 AND '%s' REGEXP CONCAT('^',`from`,'$') ) OR (regex = 0 AND `from` = '%s')) | |
110 | AND active = 1 | |
111 | ''; | |
112 | } | |
113 | { | |
114 | dest = "postfix/mysql_sender_relays_hosts"; | |
115 | user = config.services.postfix.user; | |
116 | group = config.services.postfix.group; | |
117 | permissions = "0440"; | |
118 | text = '' | |
119 | # We need to specify that option to trigger ssl connection | |
120 | tls_ciphers = TLSv1.2 | |
121 | user = ${config.myEnv.mail.postfix.mysql.user} | |
122 | password = ${config.myEnv.mail.postfix.mysql.password} | |
123 | hosts = unix:${config.myEnv.mail.postfix.mysql.socket} | |
124 | dbname = ${config.myEnv.mail.postfix.mysql.database} | |
125 | ||
126 | query = SELECT DISTINCT relay | |
127 | FROM sender_relays | |
128 | WHERE | |
129 | ((regex = 1 AND '%s' REGEXP CONCAT('^',`from`,'$') ) OR (regex = 0 AND `from` = '%s')) | |
130 | AND active = 1 | |
131 | ''; | |
132 | } | |
133 | { | |
134 | dest = "postfix/mysql_sender_relays_creds"; | |
135 | user = config.services.postfix.user; | |
136 | group = config.services.postfix.group; | |
137 | permissions = "0440"; | |
138 | text = '' | |
139 | # We need to specify that option to trigger ssl connection | |
140 | tls_ciphers = TLSv1.2 | |
141 | user = ${config.myEnv.mail.postfix.mysql.user} | |
142 | password = ${config.myEnv.mail.postfix.mysql.password} | |
143 | hosts = unix:${config.myEnv.mail.postfix.mysql.socket} | |
144 | dbname = ${config.myEnv.mail.postfix.mysql.database} | |
145 | ||
146 | query = SELECT DISTINCT CONCAT(`login`, ':', AES_DECRYPT(`password`, '${config.myEnv.mail.postfix.mysql.password_encrypt}')) | |
147 | FROM sender_relays | |
148 | WHERE | |
149 | ((regex = 1 AND '%s' REGEXP CONCAT('^',`from`,'$') ) OR (regex = 0 AND `from` = '%s')) | |
150 | AND active = 1 | |
151 | ''; | |
152 | } | |
153 | { | |
154 | dest = "postfix/ldap_ejabberd_users_immae_fr"; | |
155 | user = config.services.postfix.user; | |
156 | group = config.services.postfix.group; | |
157 | permissions = "0440"; | |
158 | text = '' | |
159 | server_host = ldaps://${config.myEnv.jabber.ldap.host}:636 | |
160 | search_base = ${config.myEnv.jabber.ldap.base} | |
161 | query_filter = ${config.myEnv.jabber.postfix_user_filter} | |
162 | domain = immae.fr | |
163 | bind_dn = ${config.myEnv.jabber.ldap.dn} | |
164 | bind_pw = ${config.myEnv.jabber.ldap.password} | |
165 | result_attribute = immaeXmppUid | |
166 | result_format = ejabberd@localhost | |
167 | version = 3 | |
168 | ''; | |
169 | } | |
170 | ]; | |
171 | ||
172 | networking.firewall.allowedTCPPorts = [ 25 465 587 ]; | |
173 | ||
174 | users.users."${config.services.postfix.user}".extraGroups = [ "keys" ]; | |
175 | services.filesWatcher.postfix = { | |
176 | restart = true; | |
177 | paths = [ | |
178 | config.secrets.fullPaths."postfix/mysql_alias_maps" | |
179 | config.secrets.fullPaths."postfix/mysql_mailbox_maps" | |
180 | config.secrets.fullPaths."postfix/mysql_sender_login_maps" | |
181 | config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr" | |
182 | ]; | |
183 | }; | |
184 | services.postfix = { | |
185 | extraAliases = let | |
186 | toScript = name: script: pkgs.writeScript name '' | |
187 | #! ${pkgs.stdenv.shell} | |
188 | mail=$(${pkgs.coreutils}/bin/cat -) | |
189 | output=$(echo "$mail" | ${script} 2>&1) | |
190 | ret=$? | |
191 | ||
192 | if [ "$ret" != "0" ]; then | |
193 | echo "$mail" \ | |
194 | | ${pkgs.procmail}/bin/formail -i "X-Return-Code: $ret" \ | |
195 | | /run/wrappers/bin/sendmail -i scripts_error+${name}@mail.immae.eu | |
196 | ||
197 | messageId=$(echo "$mail" | ${pkgs.procmail}/bin/formail -x "Message-Id:") | |
198 | repeat=$(echo "$mail" | ${pkgs.procmail}/bin/formail -X "From:" -X "Received:") | |
199 | ||
200 | ${pkgs.coreutils}/bin/cat <<EOF | /run/wrappers/bin/sendmail -i scripts_error+${name}@mail.immae.eu | |
201 | $repeat | |
202 | To: scripts_error+${name}@mail.immae.eu | |
203 | Subject: Log from script error | |
204 | Content-Type: text/plain; charset="UTF-8" | |
205 | Content-Transfer-Encoding: 8bit | |
206 | References:$messageId | |
207 | MIME-Version: 1.0 | |
208 | X-Return-Code: $ret | |
209 | ||
210 | Error code: $ret | |
211 | Output of message: | |
212 | -------------- | |
213 | $output | |
214 | -------------- | |
215 | EOF | |
216 | fi | |
217 | ''; | |
218 | scripts = lib.attrsets.mapAttrs (n: v: | |
219 | toScript n (pkgs.callPackage (builtins.fetchGit { url = v.src.url; ref = "master"; rev = v.src.rev; }) { scriptEnv = v.env; }) | |
220 | ) config.myEnv.mail.scripts // { | |
221 | testmail = pkgs.writeScript "testmail" '' | |
222 | #! ${pkgs.stdenv.shell} | |
223 | ${pkgs.coreutils}/bin/touch \ | |
224 | "/var/lib/naemon/checks/email/$(${pkgs.procmail}/bin/formail -x To: | ${pkgs.coreutils}/bin/tr -d ' <>')" | |
225 | ''; | |
226 | }; | |
227 | in builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList (n: v: ''${n}: "|${v}"'') scripts); | |
228 | mapFiles = let | |
229 | recipient_maps = let | |
230 | name = n: i: "relay_${n}_${toString i}"; | |
231 | pair = n: i: m: lib.attrsets.nameValuePair (name n i) ( | |
232 | if m.type == "hash" | |
233 | then pkgs.writeText (name n i) m.content | |
234 | else null | |
235 | ); | |
236 | pairs = n: v: lib.imap1 (i: m: pair n i m) v.recipient_maps; | |
237 | in lib.attrsets.filterAttrs (k: v: v != null) ( | |
238 | lib.attrsets.listToAttrs (lib.flatten ( | |
239 | lib.attrsets.mapAttrsToList pairs config.myEnv.mail.postfix.backup_domains | |
240 | )) | |
241 | ); | |
242 | relay_restrictions = lib.attrsets.filterAttrs (k: v: v != null) ( | |
243 | lib.attrsets.mapAttrs' (n: v: | |
244 | lib.attrsets.nameValuePair "recipient_access_${n}" ( | |
245 | if lib.attrsets.hasAttr "relay_restrictions" v | |
246 | then pkgs.writeText "recipient_access_${n}" v.relay_restrictions | |
247 | else null | |
248 | ) | |
249 | ) config.myEnv.mail.postfix.backup_domains | |
250 | ); | |
251 | virtual_map = { | |
252 | virtual = let | |
253 | cfg = config.myEnv.monitoring.email_check.eldiron; | |
254 | address = "${cfg.mail_address}@${cfg.mail_domain}"; | |
255 | in pkgs.writeText "postfix-virtual" ( | |
256 | builtins.concatStringsSep "\n" ( | |
257 | ["${address} testmail@localhost"] ++ | |
258 | lib.attrsets.mapAttrsToList ( | |
259 | n: v: lib.optionalString v.external '' | |
260 | script_${n}@mail.immae.eu ${n}@localhost, scripts@mail.immae.eu | |
261 | '' | |
262 | ) config.myEnv.mail.scripts | |
263 | ) | |
264 | ); | |
265 | }; | |
266 | sasl_access = { | |
267 | host_sender_login = with lib.attrsets; let | |
268 | addresses = zipAttrs (lib.flatten (mapAttrsToList | |
269 | (n: v: (map (e: { "${e}" = "${n}@immae.eu"; }) v.emails)) config.myEnv.servers)); | |
270 | joined = builtins.concatStringsSep ","; | |
271 | in pkgs.writeText "host-sender-login" | |
272 | (builtins.concatStringsSep "\n" (mapAttrsToList (n: v: "${n} ${joined v}") addresses)); | |
273 | host_dummy_mailboxes = pkgs.writeText "host-virtual-mailbox" | |
274 | (builtins.concatStringsSep "\n" (["immae-eu@immae.eu dummy"] ++ lib.attrsets.mapAttrsToList (n: v: "${n}@immae.eu dummy") nodes)); | |
275 | }; | |
276 | in | |
277 | recipient_maps // relay_restrictions // virtual_map // sasl_access; | |
278 | config = { | |
279 | ### postfix module overrides | |
280 | readme_directory = "${pkgs.postfix}/share/postfix/doc"; | |
281 | smtp_tls_CAfile = lib.mkForce ""; | |
282 | smtp_tls_cert_file = lib.mkForce ""; | |
283 | smtp_tls_key_file = lib.mkForce ""; | |
284 | ||
285 | message_size_limit = "1073741824"; # Don't put 0 here, it's not equivalent to "unlimited" | |
286 | mailbox_size_limit = "1073741825"; # Workaround, local delivered mails should all go through scripts | |
287 | alias_database = "\$alias_maps"; | |
288 | ||
289 | ### Virtual mailboxes config | |
290 | virtual_alias_maps = "hash:/etc/postfix/virtual mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"} ldap:${config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"}"; | |
291 | virtual_mailbox_domains = config.myEnv.mail.postfix.additional_mailbox_domains | |
292 | ++ lib.remove null (lib.flatten (map | |
293 | (zone: map | |
294 | (e: if e.receive | |
295 | then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}" | |
296 | else null | |
297 | ) | |
298 | (zone.withEmail or []) | |
299 | ) | |
300 | config.myEnv.dns.masterZones | |
301 | )); | |
302 | virtual_mailbox_maps = "hash:/etc/postfix/host_dummy_mailboxes mysql:${config.secrets.fullPaths."postfix/mysql_mailbox_maps"}"; | |
303 | dovecot_destination_recipient_limit = "1"; | |
304 | virtual_transport = "dovecot"; | |
305 | ||
306 | ### Relay domains | |
307 | relay_domains = lib.flatten (lib.attrsets.mapAttrsToList (n: v: v.domains or []) config.myEnv.mail.postfix.backup_domains); | |
308 | relay_recipient_maps = lib.flatten (lib.attrsets.mapAttrsToList (n: v: | |
309 | lib.imap1 (i: m: "${m.type}:/etc/postfix/relay_${n}_${toString i}") v.recipient_maps | |
310 | ) config.myEnv.mail.postfix.backup_domains); | |
311 | smtpd_relay_restrictions = [ | |
312 | "defer_unauth_destination" | |
313 | ] ++ lib.flatten (lib.attrsets.mapAttrsToList (n: v: | |
314 | if lib.attrsets.hasAttr "relay_restrictions" v | |
315 | then [ "check_recipient_access hash:/etc/postfix/recipient_access_${n}" ] | |
316 | else [] | |
317 | ) config.myEnv.mail.postfix.backup_domains); | |
318 | ||
319 | ### Additional smtpd configuration | |
320 | smtpd_tls_received_header = "yes"; | |
321 | smtpd_tls_loglevel = "1"; | |
322 | ||
323 | ### Email sending configuration | |
324 | smtp_tls_security_level = "may"; | |
325 | smtp_tls_loglevel = "1"; | |
326 | ||
327 | ### Force ip bind for smtp | |
328 | smtp_bind_address = config.hostEnv.ips.main.ip4; | |
329 | smtp_bind_address6 = builtins.head config.hostEnv.ips.main.ip6; | |
330 | ||
331 | # Use some relays when authorized senders are not myself | |
332 | smtp_sasl_mechanism_filter = "plain,login"; # GSSAPI Not correctly supported by postfix | |
333 | smtp_sasl_auth_enable = "yes"; | |
334 | smtp_sasl_password_maps = | |
335 | "mysql:${config.secrets.fullPaths."postfix/mysql_sender_relays_creds"}"; | |
336 | smtp_sasl_security_options = "noanonymous"; | |
337 | smtp_sender_dependent_authentication = "yes"; | |
338 | sender_dependent_relayhost_maps = | |
339 | "mysql:${config.secrets.fullPaths."postfix/mysql_sender_relays_hosts"}"; | |
340 | ||
341 | ### opendkim, opendmarc, openarc milters | |
342 | non_smtpd_milters = [ | |
343 | "unix:${config.myServices.mail.milters.sockets.opendkim}" | |
344 | ]; | |
345 | smtpd_milters = [ | |
346 | "unix:${config.myServices.mail.milters.sockets.opendkim}" | |
347 | "unix:${config.myServices.mail.milters.sockets.openarc}" | |
348 | "unix:${config.myServices.mail.milters.sockets.opendmarc}" | |
349 | ]; | |
350 | ||
351 | smtp_use_tls = true; | |
352 | smtpd_use_tls = true; | |
353 | smtpd_tls_chain_files = builtins.concatStringsSep "," [ "/var/lib/acme/mail/full.pem" "/var/lib/acme/mail-rsa/full.pem" ]; | |
354 | ||
355 | maximal_queue_lifetime = "6w"; | |
356 | bounce_queue_lifetime = "6w"; | |
357 | }; | |
358 | enable = true; | |
359 | enableSmtp = true; | |
360 | enableSubmission = true; | |
361 | submissionOptions = { | |
362 | # Don’t use "long form", only commas (cf | |
363 | # http://www.postfix.org/master.5.html long form is not handled | |
364 | # well by the submission function) | |
365 | smtpd_tls_security_level = "encrypt"; | |
366 | smtpd_sasl_auth_enable = "yes"; | |
367 | smtpd_tls_auth_only = "yes"; | |
368 | smtpd_sasl_tls_security_options = "noanonymous"; | |
369 | smtpd_sasl_type = "dovecot"; | |
370 | smtpd_sasl_path = "private/auth"; | |
371 | smtpd_reject_unlisted_recipient = "no"; | |
372 | smtpd_client_restrictions = "permit_sasl_authenticated,reject"; | |
373 | smtpd_relay_restrictions = "permit_sasl_authenticated,reject"; | |
374 | # Refuse to send e-mails with a From that is not handled | |
375 | smtpd_sender_restrictions = | |
376 | "reject_sender_login_mismatch,reject_unlisted_sender,permit_sasl_authenticated,reject"; | |
377 | smtpd_sender_login_maps = builtins.concatStringsSep "," [ | |
378 | "hash:/etc/postfix/host_sender_login" | |
379 | "mysql:${config.secrets.fullPaths."postfix/mysql_sender_relays_maps"}" | |
380 | "mysql:${config.secrets.fullPaths."postfix/mysql_sender_login_maps"}" | |
381 | ]; | |
382 | smtpd_recipient_restrictions = "permit_sasl_authenticated,reject"; | |
383 | milter_macro_daemon_name = "ORIGINATING"; | |
384 | smtpd_milters = builtins.concatStringsSep "," [ | |
385 | # FIXME: put it back when opensmtpd is upgraded and able to | |
386 | # rewrite the from header | |
387 | #"unix:/run/milter_verify_from/verify_from.sock" | |
388 | "unix:${config.myServices.mail.milters.sockets.opendkim}" | |
389 | ]; | |
390 | }; | |
391 | destination = ["localhost"]; | |
392 | # This needs to reverse DNS | |
393 | hostname = config.hostEnv.fqdn; | |
394 | setSendmail = true; | |
395 | recipientDelimiter = "+"; | |
396 | masterConfig = { | |
397 | submissions = { | |
398 | type = "inet"; | |
399 | private = false; | |
400 | command = "smtpd"; | |
401 | args = ["-o" "smtpd_tls_wrappermode=yes" ] ++ (let | |
402 | mkKeyVal = opt: val: [ "-o" (opt + "=" + val) ]; | |
403 | in lib.concatLists (lib.mapAttrsToList mkKeyVal config.services.postfix.submissionOptions) | |
404 | ); | |
405 | }; | |
406 | dovecot = { | |
407 | type = "unix"; | |
408 | privileged = true; | |
409 | chroot = false; | |
410 | command = "pipe"; | |
411 | args = let | |
412 | # rspamd could be used as a milter, but then it cannot apply | |
413 | # its checks "per user" (milter is not yet dispatched to | |
414 | # users), so we wrap dovecot-lda inside rspamc per recipient | |
415 | # here. | |
416 | rspamc_dovecot = pkgs.writeScriptBin "rspamc_dovecot" '' | |
417 | #! ${pkgs.stdenv.shell} | |
418 | sender="$1" | |
419 | original_recipient="$2" | |
420 | user="$3" | |
421 | ||
422 | ${pkgs.coreutils}/bin/cat - | \ | |
423 | (${pkgs.rspamd}/bin/rspamc -h ${config.myServices.mail.rspamd.sockets.worker-controller} -c bayes -d "$user" --mime || true) | \ | |
424 | ${pkgs.dovecot}/libexec/dovecot/dovecot-lda -f "$sender" -a "$original_recipient" -d "$user" | |
425 | ''; | |
426 | in [ | |
427 | "flags=DRhu" "user=vhost:vhost" | |
428 | "argv=${rspamc_dovecot}/bin/rspamc_dovecot \${sender} \${original_recipient} \${user}@\${nexthop}" | |
429 | ]; | |
430 | }; | |
431 | }; | |
432 | }; | |
433 | security.acme.certs."mail" = { | |
434 | postRun = '' | |
435 | systemctl restart postfix.service | |
436 | ''; | |
437 | extraDomains = { | |
438 | "smtp.immae.eu" = null; | |
439 | }; | |
440 | }; | |
441 | system.activationScripts.testmail = { | |
442 | deps = [ "users" ]; | |
443 | text = let | |
444 | allCfg = config.myEnv.monitoring.email_check; | |
445 | cfg = allCfg.eldiron; | |
446 | reverseTargets = builtins.attrNames (lib.attrsets.filterAttrs (k: v: builtins.elem "eldiron" v.targets) allCfg); | |
447 | to_email = cfg': host': | |
448 | let sep = if lib.strings.hasInfix "+" cfg'.mail_address then "_" else "+"; | |
449 | in "${cfg'.mail_address}${sep}${host'}@${cfg'.mail_domain}"; | |
450 | mails_to_receive = builtins.concatStringsSep " " (map (to_email cfg) reverseTargets); | |
451 | in '' | |
452 | install -m 0555 -o nobody -g nogroup -d /var/lib/naemon/checks/email | |
453 | for f in ${mails_to_receive}; do | |
454 | if [ ! -f /var/lib/naemon/checks/email/$f ]; then | |
455 | install -m 0644 -o nobody -g nogroup /dev/null -T /var/lib/naemon/checks/email/$f | |
456 | touch -m -d @0 /var/lib/naemon/checks/email/$f | |
457 | fi | |
458 | done | |
459 | ''; | |
460 | }; | |
461 | }; | |
462 | } |