Configure the content filter.

Antispam & antivirus, using ClamAV and SpamAssassin through Amavisd-new.
Each user has his/her amavis preferences, and own Bayes filter (to
maximize privacy).

One question remains, though: how to set spamassassin's trusted_networks
/ internal_networks / msa_networks? It seems not obivious to get it
write with IPSec and dynamic IPs.
(Cf. https://wiki.apache.org/spamassassin/AwlWrongWay)

1 files changed, 56 insertions, 0 deletions

diff --git a/roles/IMAP/tasks/amavis.yml b/roles/IMAP/tasks/amavis.yml
new file mode 100644
index 0000000..6f47328
--- /dev/null
+++ b/roles/IMAP/tasks/amavis.yml
@@ -0,0 +1,56 @@
+- name: Install amavis and its decoders
+  apt: pkg={{ item }}
+  with_items:
+    - amavisd-new
+    - libnet-ldap-perl
+    - libauthen-sasl-perl
+    - gzip
+    - bzip2
+    - xz-utils
+    - lzop
+    - rpm2cpio
+    - pax
+    - binutils
+    - p7zip-full
+    - unrar-free
+    - arj
+    - nomarch
+    - zoo
+    - ripole
+    - cabextract
+    - unar
+    - tnef
+  notify:
+    - Restart Amavis
+
+- name: Add 'clamav' to the group 'amavis'
+  user: name=clamav groups=amavis append=yes
+  register: r1
+  notify:
+    - Restart ClamAV
+    - Restart Amavis
+
+- name: Configure Amavis (1)
+  copy: src=etc/amavis/conf.d/05-domain_id
+        dest=/etc/amavis/conf.d/05-domain_id
+        owner=root group=root
+        mode=0644
+  register: r2
+  notify:
+    - Restart Amavis
+
+- name: Configure Amavis (2)
+  template: src=etc/amavis/conf.d/{{ item }}.j2
+            dest=/etc/amavis/conf.d/{{ item }}
+            owner=root group=root
+            mode=0644
+  register: r3
+  with_items:
+    - 15-content_filter_mode
+    - 50-user
+  notify:
+    - Restart Amavis
+
+- name: Start Amavis
+  service: name=amavis state=started
+  when: not (r1.changed or r2.changed or r3.changed)