# +---------------------------------------------------+
# Function to enable/disable greylisting
# +---------------------------------------------------+
func_greylisting(){
  func_echo-header
  local restrictions
  local array
  local flag
  local flag2
  local menu
  local TMPGREY
  
  echo -e "$green[eFa]$clean Enable/Disable greylisting"
  echo -e ""
  echo -e "$green[eFa]$clean Greylisting will temporarily reject any email from a sender it" 
  echo -e "$green[eFa]$clean does not recognize. If the mail is legitimate the originating server"
  echo -e "$green[eFa]$clean will, after a delay, try again and, if sufficient time has elapsed,"
  echo -e "$green[eFa]$clean the email will be accepted."
  echo ""
  echo -e "$green[eFa]$clean This however causes an delay in receiving mail, by default this system"
  echo -e "$green[eFa]$clean is configured to reject any email for 5 minutes."
  echo -e "$green[eFa]$clean Not all admin's like this setup so giving you the option to disable"
  echo -e "$green[eFa]$clean greylisting on this system."
  echo ""
  menu=1
  if [[ -n $(cat /etc/postfix/main.cf | grep "check_policy_service inet:127.0.0.1:2501") ]]; then
    while [ $menu -eq 1 ]; do
        # DISABLE greylisting
        echo -e "$green[eFa]$clean Greylisting is currently $green ENABLED $clean"
        echo -e -n "$green[eFa]$clean Would you like to $red DISABLE $clean greylisting? [y/N/c]: "
        read TMPGREY
        if [[ "$TMPGREY" == "Y" || "$TMPGREY" == "y" ]]; then
          # Explode and add before reject_unverified_recipient, if present
          menu=0
          restrictions=$(grep ^smtpd_recipient_restrictions /etc/postfix/main.cf | sed -e "s/^smtpd_recipient_restrictions\s\{0,1\}=\s\{0,1\}//")
          OLDIFS=$IFS
          IFS=','
          read -r -a array <<< "$restrictions"
          IFS=$OLDIFS
          restrictions=
          flag=0
          for i in "${array[@]}"; do
            i=$(echo $i | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
            if [[ ! $i =~ check_policy_service\ inet:127.0.0.1:2501 ]]; then
              if [[ $flag -eq 1  ]]; then
                restrictions="$restrictions, $i"
              else
                restrictions="$i"
                flag=1
              fi
            fi
          done

          if [[ -z $restrictions ]]; then
            # something is wrong, string is empty, reset to default
            restrictions="smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_recipient_access hash:/etc/postfix/recipient_access, reject_unverified_recipient"
          else
            restrictions="smtpd_recipient_restrictions = $restrictions"
          fi
          postconf -e "$restrictions"

          systemctl reload postfix
          systemctl stop sqlgrey
          systemctl disable sqlgrey

          # disable Greylist menu item
          sed -i "/^define('SHOW_GREYLIST', true);/ c\define('SHOW_GREYLIST', false);" /var/www/html/mailscanner/conf.php

          echo -e "$green[eFa]$clean Greylisting $red DISABLED $clean"
          pause
        elif [[ "$TMPGREY" == "" || "$TMPGREY" == "N" || "$TMPGREY" == "n" ]]; then
          menu=0
          echo -e "$green[eFa]$clean No changes made"
          echo ""
          pause
        elif [[ "$TMPGREY" == "C" || "$TMPGREY" == "c" ]]; then
          menu=0
          echo -e "$green[eFa]$clean No action taken, exiting."
          pause
        else
          echo -e "       $red ERROR: please make an selection.$clean"
          echo -e -n "$green[eFa]$clean Would you like to $red DISABLE $clean greylisting? [y/N/c]: "
          read TMPGREY
        fi
    done
  else
    # ENABLE Greylisting
    echo -e "$green[eFa]$clean Greylisting is currently $red DISABLED $clean"
    echo -e -n "$green[eFa]$clean Would you like to $green ENABLE $clean greylisting? [y/N/c]: "
    read TMPGREY
    menu=1
    while [ $menu -eq 1 ]; do
        if [[ "$TMPGREY" == "Y" || "$TMPGREY" == "y" ]]; then
          # Explode and add before reject_unverified_recipient, if present
          menu=0
          restrictions=$(grep ^smtpd_recipient_restrictions /etc/postfix/main.cf | sed -e "s/^smtpd_recipient_restrictions\s\{0,1\}=\s\{0,1\}//")
          OLDIFS=$IFS
          IFS=','
          read -r -a array <<< "$restrictions"
          IFS=$OLDIFS
          restrictions=
          flag=0
          flag2=0
          for i in "${array[@]}"; do
            i=$(echo $i | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
            if [[ $flag -eq 1 ]]; then
              restrictions="$restrictions,"
            else
              flag=1
            fi
            if [[ $i =~ reject_unverified_recipient ]]; then
              flag2=1
              restrictions="$restrictions check_policy_service inet:127.0.0.1:2501, $i"
            else
              restrictions="$restrictions $i"
            fi
          done
          if [[ $flag2 -eq 0 && $flag -eq 1 ]]; then
            restrictions="$restrictions, check_policy_service inet:127.0.0.1:2501"
          fi

          if [[ -z $restrictions ]]; then
            # something is wrong, string is empty, reset to default
            restrictions="smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_recipient_access hash:/etc/postfix/recipient_access, check_policy_service inet:127.0.0.1:2501, reject_unverified_recipient"
          else
            restrictions="smtpd_recipient_restrictions = $restrictions"
          fi
          postconf -e "$restrictions"

          systemctl reload postfix
          systemctl enable sqlgrey
          systemctl start sqlgrey

          # Enable Greylist menu item
          sed -i "/^define('SHOW_GREYLIST', false);/ c\define('SHOW_GREYLIST', true);" /var/www/html/mailscanner/conf.php

          echo -e "$green[eFa]$clean Greylisting $green ENABLED $clean"
          pause
        elif [[ "$TMPGREY" == "" || "$TMPGREY" == "N" || "$TMPGREY" == "n" ]]; then
          menu=0
          echo -e "$green[eFa]$clean No changes made"
          echo ""
          pause
        elif [[ "$TMPGREY" == "C" || "$TMPGREY" == "c" ]]; then
          menu=0
          echo -e "$green[eFa]$clean No action taken, exiting."
          pause
        else
          echo -e "       $red ERROR: please make an selection.$clean"
          echo -e -n "$green[eFa]$clean Would you like to $green ENABLE $clean greylisting? [y/N/c]: "
          read TMPGREY
        fi
    done
  fi
}
# +---------------------------------------------------+