filipnet
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 2 deletions b/‎.gitignore‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 29 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 172 additions & 54 deletions b/‎README.md‎
Lines changed: 172 additions & 54 deletions
diff --git a/‎config.xml.sample‎
Lines changed: 0 additions & 13 deletions b/‎config.xml.sample‎
Lines changed: 0 additions & 13 deletions
@@ -1,2 +1,2 @@
-config.xml
-+config.xml.sample
+postfix-bounce-report.conf
++postfix-bounce-report.conf.example
@@ -0,0 +1,29 @@
+# Changelog
+
+## [2025-07-11] Improved Version
+
+### Changed
+
+- Switched configuration format from `.xml` to `.conf` (bash-compatible).
+- Replaced unstructured `MAILINFO` HTML string concatenation with structured `$'\n'`-based formatting for better readability.
+- Improved line breaks and indentation in HTML email output.
+- Replaced hardcoded HTML with external template system.
+- Improved internal date parsing.
+
+### Added
+
+- Introduced `html_escape()` function to properly escape special characters in HTML output.
+- Added runtime duration output in the final report.
+- Included command-line debug messages (`[INFO]`, `[CRITICAL]`) for better traceability.
+- Add `ONELINE` option to disable line wrapping and enable horizontal scrolling in HTML table output
+- Separated CSS into external template files for cleaner HTML and easier customization.
+- Enabled usage of custom HTML and CSS templates via configuration (TEMPLATE_BASENAME).
+- Added fallback to default templates if custom templates are missing.
+- Updated script to dynamically load and embed CSS from external files into the email HTML.
+- Implemented example log entries in anonymized form for documentation/testing purposes.
+
+### Updated
+
+- Reworked and structured `README.md` instructions for better readability.
+- General code cleanup and structural improvements for maintainability.
+- Updated script shebang and ensured POSIX compatibility.
@@ -1,83 +1,201 @@
-# postfix-bounce-report
-The script generates an HTML report based on rejected messages. Another script continuously writes "recipient addresses" into a list. If an incoming message is rejected and is present in the list of "recipients", the subject of email is changing.
+![Postfix Compatible](https://img.shields.io/badge/Postfix-compatible-green)
+![Perl interpreter](https://img.shields.io/badge/Perl-required-orange)
+
+# Postfix Bounce Report
+
+<img src="images/logo-postfix-bounce-report.png" alt="Logo" width="30%" align="right" hspace="30" vspace="20"/>
+This script generates an HTML report based on rejected messages. Another script continuously writes "recipient addresses" to a list. If an incoming message is rejected and the recipient is present in the list, the subject of the email is adjusted.
 
 <!-- TOC -->
 
-- [postfix-bounce-report](#postfix-bounce-report)
-    - [FEATURES](#features)
-    - [EXAMPLE](#example)
-    - [HOW TO INSTALL](#how-to-install)
-        - [PREREQUISITES PERL INTERPRETER AND XML EXTENSION](#prerequisites-perl-interpreter-and-xml-extension)
-        - [CLONE REPOSITORY](#clone-repository)
-    - [HOW TO USE](#how-to-use)
-        - [CONFIGURATION](#configuration)
-        - [CREATE SCHEDULED TASKS](#create-scheduled-tasks)
-    - [ADDITIONAL INFORMATION](#additional-information)
-    - [LICENSE](#license)
+- [Postfix Bounce Report](#postfix-bounce-report)
+  - [Features](#features)
+  - [Example](#example)
+  - [Installation](#installation)
+    - [Install Perl (Required Dependency)](#install-perl-required-dependency)
+      - [Red Hat-based distributions (RHEL, CentOS, AlmaLinux, Rocky, Fedora)](#red-hat-based-distributions-rhel-centos-almalinux-rocky-fedora)
+      - [Debian-based distributions (Ubuntu, Debian, etc.)](#debian-based-distributions-ubuntu-debian-etc)
+      - [Check Perl version:](#check-perl-version)
+    - [Clone the Repository](#clone-the-repository)
+  - [Configuration](#configuration)
+    - [Configuration via `.conf` File](#configuration-via-conf-file)
+  - [Scheduled Execution (Cron)](#scheduled-execution-cron)
+    - [Option A: User Crontab (crontab -e)](#option-a-user-crontab-crontab--e)
+    - [Option B: System-wide Cron File (/etc/crontab)](#option-b-system-wide-cron-file-etccrontab)
+    - [Log Rotation Compatibility](#log-rotation-compatibility)
+  - [Contributions](#contributions)
+  - [License](#license)
 
 <!-- /TOC -->
 
-## FEATURES
-- build_submission_recipients.sh	: Analyzes the postfix maillog for outgoing e-mails and continuously creates a list of recipients
-- postfix-bounce-report.sh		: Analyzes the postfix logfile for bounced emails by DDNS blacklist, optionaly validate/cross check FROM-value against submission list. Script also generates HTML report and send via sendmail
-- The subject is regular "[INFO] Postfix Bounce Report", a threshold value can be parameterized where the subject is changed to [WARNING]. For a match with the submission recipients list a [CRITIAL] is created
-- Since a spoofed e-mail address would lead to a CRITICAL, the definition of toplevel domains has been implemented in version 1.1.2. Spoofed addresses are thus recognized and marked accordingly in the HTML report.
+## Features
+
+- `build_submission_recipients.sh`: Analyzes the Postfix mail log for outgoing emails and continuously creates a recipient list.
+- `postfix-bounce-report.sh`: Analyzes the Postfix log file for bounced emails due to DDNS blacklist, optionally validates/matches the FROM value with the submission list. The script also generates an HTML report and sends it via sendmail.
+- The default subject is "[INFO] Postfix Bounce Report". A threshold can be set to change the subject to [WARNING]. If there is a match with the submission recipient list, [CRITICAL] is set.
+
+> ⚠️ **Important Notice**  
+> This script has undergone **significant changes** in the latest version (2025-07-11).  
+> If you have used a previous version, please consult the updated [CHANGELOG.md](./CHANGELOG.md) before upgrading.  
+> Existing setups may require adaptation to the new format and template handling.
+
+## Example
+
+The following screenshot shows a **sample HTML report** generated by the script.  
+All personal or sensitive data has been **anonymized** for demonstration purposes.
+
+This example illustrates the typical layout, formatting, and information structure included in the bounce report email.
 
-## EXAMPLE
 <img src="images/postfix-bounce-report-html-example.png" alt="Postfix Bounce Report HTML Example" width="100%"/>
 
-## HOW TO INSTALL
+## Installation
+
+### Install Perl (Required Dependency)
+
+The script relies on basic Perl tools like `perl` or `perl-compatible regular expressions (PCRE)`. These are not always pre-installed, especially on minimal or container-based systems.
 
-### PREREQUISITES PERL INTERPRETER AND XML EXTENSION
+#### Red Hat-based distributions (RHEL, CentOS, AlmaLinux, Rocky, Fedora)
 
-Install XML library to read the XML files
-- Once System is fully updated, you can install libxml2-utils package through command:
- - RedHat-based: ```dnf install perl libxml2-utils```
- - Debian-based: ```apt install perl libxml2-utils```
+To install Perl:
 
-Check Perl Version
-- Since the package is installed now, you can check the Perl version through ```perl -v``` command.
+```bash
+sudo dnf install perl
+```
 
-### CLONE REPOSITORY
-Change to the root-directory of your linux-system: ```cd ~```
+On older systems, use yum instead of dnf.
 
-Clone the repository to this directory: ```git clone https://github.com/filipnet/postfix-bounce-report.git```
-Afterwards you will find a new folder called "postfix-bounce-report" inside your root-directory
-To make the scripts universally applicable, some settings like email addresses are stored in a separate ```config.xml``` and must be adjusted here, the existing ```config.xml.sample``` renamed and adjusted before.
-Please note that the scripts must be made executable before the first use. ```chmod +x ~/*.sh```
+#### Debian-based distributions (Ubuntu, Debian, etc.)
 
-## HOW TO USE
+To install Perl:
 
-### CONFIGURATION
-Rename the file ```config.xml.sample``` to ```config.xml``` and adapt it to your system environment.
+```bash
+sudo apt update
+sudo apt install perl
 ```
+
+Most full Ubuntu/Debian installations already include Perl by default. Use the command above if not present.
+
+#### Check Perl version:
+
+- After installation, check the Perl version with `perl -v`.
+
+### Clone the Repository
+
+- Change to your home directory: `cd ~`
+- Clone the repository: `git clone https://github.com/filipnet/postfix-bounce-report.git`
+- A new folder "postfix-bounce-report" will appear in your home directory.
+- Make the scripts executable before first use: `chmod +x ~/*.sh`
+
+## Configuration
+
+> **Note:** Configuration is now done via a simple `.conf` file. The previous `config.xml.sample` is no longer used.
+
+1. Rename the file `postfix-bounce-report.conf.example` to `postfix-bounce-report.conf`.
+2. Adjust the variables in this file to match your system environment.
+
+```bash
 cd ~/postfix-bounce-report
-cp config.xml.sample config.xml
-vim/nano config.xml
+cp postfix-bounce-report.conf.example postfix-bounce-report.conf
+vim postfix-bounce-report.conf
+```
+
+Using a `.conf` file eliminates the need for additional XML parser dependencies. The script can be run directly on a standard Linux system.
+
+### Configuration via `.conf` File
+
+The script reads its settings from a configuration file. Below is a list of supported options:
+
+| Variable             | Description                                                                                    | Example Value(s)                      |
+| -------------------- | ---------------------------------------------------------------------------------------------- | ------------------------------------- |
+| `LC_ALL`             | Locale setting for consistent date/time and string formatting during script execution.         | `"de_DE.utf8"`                        |
+| `RED`                | ANSI escape code for red terminal text.                                                        | `"\033[0;31m"`                        |
+| `GREEN`              | ANSI escape code for green terminal text.                                                      | `"\033[0;32m"`                        |
+| `YELLOW`             | ANSI escape code for yellow terminal text.                                                     | `"\033[0;33m"`                        |
+| `NC`                 | ANSI escape code to reset terminal color.                                                      | `"\033[0m"`                           |
+| `TEMPLATE_BASENAME`  | Basename (without extension) of the HTML/CSS template files used for the report.               | `"template.custom"`                   |
+| `MAILLOG`            | Path to the Postfix mail log file to be analyzed.                                              | `"/var/log/maillog"`                  |
+| `MAILLOG_PERIOD`     | Time range in hours to scan for relevant log entries.                                          | `"24"`                                |
+| `MAILLOG_PATTERN`    | Regular expression to match relevant log lines (e.g. bounces or rejections).                   | `"blocked "`                          |
+| `LOGMAIL_FROM`       | Email address used as sender of the bounce report.                                             | `"do-not-reply@example.com"`          |
+| `LOGMAIL_TO`         | Email address of the recipient who will receive the report.                                    | `"user@example.com"`                  |
+| `LOGMAIL_SUBJECT`    | Subject line for the report email.                                                             | `"Postfix Bounce Report"`             |
+| `RECIPIENTS_CHECK`   | Enables verification of sender addresses against a known list when set to `true`.              | `"true"` or `"false"`                 |
+| `RECIPIENTS_LIST`    | Path to file with one valid recipient address per line.                                        | `"/etc/postfix/submission_recipient"` |
+| `SEVERETY_THRESHOLD` | Numeric threshold to classify bounce severity (e.g. highlight known spoof attempts).           | `"50"`                                |
+| `ONELINE`            | Disables line wrapping and enables horizontal scrolling in the HTML report when set to `true`. | `"true"` or `"false"`                 |
+| `DOMAINS`            | Pipe-separated list of trusted internal domains for spoof detection.                           | `"example.com"`                       |
+
+## Scheduled Execution (Cron)
+
+You can run the script automatically once per day using one of the two options below.
+
+### Option A: User Crontab (crontab -e)
+
+Run the script as a specific user (e.g., root):
+
+```bash
+sudo crontab -e
+```
+
+Add the following line:
+
+```bash
+0 0 \* \* \* /root/postfix-bounce-report/postfix-bounce-report.sh > /dev/null 2>&1
+```
+
+This executes the script every day at midnight.
+To log output for debugging, use:
+
+```bash
+0 0 \* \* \* /root/postfix-bounce-report/postfix-bounce-report.sh >> /var/log/bounce-report.log 2>&1
+```
+
+### Option B: System-wide Cron File (/etc/crontab)
+
+Edit the system crontab file:
+
+```bash
+sudo vim /etc/crontab
+```
+
+Add the following line (note the required root user field):
+
+```bash
+0 0 \* \* \* root /root/postfix-bounce-report/postfix-bounce-report.sh > /dev/null 2>&1
 ```
 
-### CREATE SCHEDULED TASKS
+This also executes the script daily at midnight.
 
-Create a new file in  ```/etc/cron.d/``` directory:
+### Log Rotation Compatibility
 
-``` touch /etc/cron.d/postfix-bounce-report ```
+The script `postfix-bounce-report.sh` always analyzes log entries **from the previous calendar day** (`yesterday`) based on the system time.  
+It uses tools like `date` and `grep` to extract matching lines from `/var/log/maillog` (or another specified log file).
 
-The content should be:
+Make sure the following conditions are met:
 
+- Your log rotation (e.g., via `logrotate`) **does not rotate the log file before midnight** if the bounce report is scheduled at `00:00`.
+- Rotated logs (e.g., `maillog.1`) are still **available and readable** when the script runs.
+- If your system compresses logs immediately (e.g., `.gz`), the script **will not find entries from yesterday** unless you extend it to support compressed files.
+
+**Recommendation:**  
+Schedule the bounce report script **shortly after midnight**, e.g., `00:05`, and ensure that log rotation (e.g., via `logrotate`) occurs **later**, e.g., `01:00`.
+
+You can check the logrotate schedule via:
+
+```bash
+cat /etc/cron.daily/logrotate
 ```
-# https://github.com/filipnet/postfix-bounce-report
-# Hourly script that collects the recipients for the report
-@hourly root /root/postfix-bounce-report/postfix-build-submission-recipients.sh > /dev/null
-# Daily script that sens out the report as an e-mail
-@daily root /root/postfix-bounce-report/postfix-bounce-report.sh > /dev/null
+
+Or if your system uses systemd timers:
+
+```bash
+systemctl list-timers --all | grep logrotate
 ```
 
-Description
-- The script ```postfix-build-submission-recipients.sh``` scans the mail log every hour for sent e-mails, extracts the recipient's address and adds it to the list ```/etc/postfix/submission_recipients``` if not already present.
-- The script ```postfix-bounce-report.sh``` is executed once a day, returns as content an HTML table with cross-check to the submission list, sends it via e-mail.
+## Contributions
+
+Contributions are welcome! If you would like to improve this project, please feel free to submit a pull request. All contributions, bug reports, and feature suggestions are appreciated.
 
-## ADDITIONAL INFORMATION
-Please note that the script ```postfix-bounce-report.sh``` always generates the day before. Note if there are no conflict with your log-rotation jobs.
+## License
 
-## LICENSE
-postfix-bounce-report and all individual scripts are under the BSD 3-Clause license unless explicitly noted otherwise. Please refer to the LICENSE
+postfix-bounce-report and all individual scripts are under the BSD 3-Clause license unless explicitly noted otherwise. See the [LICENSE](LICENSE) file for more details.