improve rspamd (+sieve)

main
genofire 3 years ago
parent 5b761c2004
commit d240521c1a

@ -20,3 +20,4 @@ mailserver_postfixadmin_default_aliases:
webmaster: "webmaster@{{ mailserver_mail_domain }}"
mailserver_rspamd_enabled: true
mailserver_rspamd_dkim_selector: "2020"

@ -0,0 +1,9 @@
require "fileinto";
if header :contains "X-Spam-Flag" "YES" {
fileinto "Junk";
}
if header :is "X-Spam" "Yes" {
fileinto "Junk";
}

@ -0,0 +1,2 @@
require ["vnd.dovecot.pipe", "copy", "imapsieve"];
pipe :copy "rspamc" ["learn_ham"];

@ -0,0 +1,2 @@
require ["vnd.dovecot.pipe", "copy", "imapsieve"];
pipe :copy "rspamc" ["learn_spam"];

@ -51,8 +51,22 @@
- conf.d/90-sieve.conf
- conf.d/91-stats.conf
- name: dovecot - create sieve folder
file:
path: /srv/mail/sieve
state: directory
owner: vmail
group: vmail
- name: dovecot - sieve default spam
copy:
src: dovecot-spam.sieve
dest: /srv/mail/sieve/spam.sieve
owner: vmail
group: vmail
- name: dovecot - start and enable on boot
systemd:
name: dovecot
enabled: yes
state: restarted
state: started

@ -4,3 +4,41 @@
state: latest
name:
- rspamd
- redis
- name: rspamd - start and enable redis on boot
systemd:
name: redis
enabled: yes
state: started
- name: rspamd - create config folder
file:
path: /etc/rspamd/local.d
state: directory
- name: rspamd - config
template:
src: "rspamd/{{ item }}"
dest: "/etc/rspamd/local.d/{{ item }}"
with_items:
- arc.conf
- classifier-bayes.conf
- dkim_signing.conf
- milter_headers.conf
- redis.conf
#- worker-controller.inc
- name: rspamd - install sieve
copy:
src: "rspamd/{{ item }}"
dest: "/srv/mail/sieve/{{ item }}"
with_items:
- learn-ham.sieve
- learn-spam.sieve
- name: rspamd - start and enable on boot
systemd:
name: rspamd
enabled: yes
state: started

@ -0,0 +1,5 @@
path = "/var/lib/rspamd/dkim/$selector.key";
selector = "{{ mailserver_rspamd_dkim_selector }}";
### Enable DKIM signing for alias sender addresses
allow_username_mismatch = true;

@ -0,0 +1,3 @@
backend = "redis";
new_schema = true;
expire = 8640000;

@ -0,0 +1,5 @@
path = "/var/lib/rspamd/dkim/$selector.key";
selector = "{{ mailserver_rspamd_dkim_selector }}";
### Enable DKIM signing for alias sender addresses
allow_username_mismatch = true;

@ -0,0 +1,2 @@
use = ["x-spamd-bar", "x-spam-level", "authentication-results"];
authenticated_headers = ["authentication-results"];

@ -0,0 +1 @@
servers = "127.0.0.1";
Loading…
Cancel
Save