summaryrefslogtreecommitdiffstats
path: root/roles/IMAP/templates/etc
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2014-07-03 04:26:26 +0200
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 02:52:20 +0200
commit1c357b55931a0d4fbd15d51d61ec4e81d4f38aa5 (patch)
treed5f37b52487f75c3ffe40a39c94ea570c32816a5 /roles/IMAP/templates/etc
parentdfe8b222dc5067e1019d7ab5744df55b2c314ce8 (diff)
Install amavisd-new on the outgoing SMTP proxy.
For DKIM signing and virus checking.
Diffstat (limited to 'roles/IMAP/templates/etc')
-rw-r--r--roles/IMAP/templates/etc/amavis/conf.d/15-content_filter_mode.j229
-rw-r--r--roles/IMAP/templates/etc/amavis/conf.d/50-user.j2135
2 files changed, 0 insertions, 164 deletions
diff --git a/roles/IMAP/templates/etc/amavis/conf.d/15-content_filter_mode.j2 b/roles/IMAP/templates/etc/amavis/conf.d/15-content_filter_mode.j2
deleted file mode 100644
index cde0452..0000000
--- a/roles/IMAP/templates/etc/amavis/conf.d/15-content_filter_mode.j2
+++ /dev/null
@@ -1,29 +0,0 @@
-use strict;
-
-# You can modify this file to re-enable SPAM checking through spamassassin
-# and to re-enable antivirus checking.
-
-#
-# Default antivirus checking mode
-# Please note, that anti-virus checking is DISABLED by
-# default.
-# If You wish to enable it, please uncomment the following lines:
-
-
-@bypass_virus_checks_maps = (
- \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
-
-
-#
-# Default SPAM checking mode
-# Please note, that anti-spam checking is DISABLED by
-# default.
-# If You wish to enable it, please uncomment the following lines:
-
-
-{% if 'MDA' in group_names -%}
-@bypass_spam_checks_maps = (
- \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
-{% endif %}
-
-1; # ensure a defined return
diff --git a/roles/IMAP/templates/etc/amavis/conf.d/50-user.j2 b/roles/IMAP/templates/etc/amavis/conf.d/50-user.j2
deleted file mode 100644
index b3ae7a9..0000000
--- a/roles/IMAP/templates/etc/amavis/conf.d/50-user.j2
+++ /dev/null
@@ -1,135 +0,0 @@
-use strict;
-
-#
-# Place your configuration directives here. They will override those in
-# earlier files.
-#
-# See /usr/share/doc/amavisd-new/ for documentation and examples of
-# the directives you can use in this file
-#
-
-# $max_servers: num of pre-forked children (2..30 is common). It *must*
-# match the number set in /etc/postfix/master.cf "maxproc" column for
-# the amavisfeed service.
-$max_servers = 2;
-
-# list your internal networks
-@mynetworks = qw( 127.0.0.0/8 172.16.0.1/32 );
-
-
-# Always deliver messages (force *_lovers_maps to [1])
-$final_virus_destiny = D_PASS;
-$final_banned_destiny = D_PASS;
-$final_unchecked_destiny = D_PASS;
-$final_spam_destiny = D_PASS;
-$final_bad_header_destiny = D_PASS;
-$final_destiny_by_ccat{&CC_OVERSIZED} = D_PASS;
-
-%lovers_maps_by_ccat = (
- CC_CATCHALL, 1,
-);
-
-
-# Disable quarantine (force *_quarantine_to_maps to [1]; don't forget to
-# disable setting amavisSpamQuarantineCutoffLevel and amavisVirusQuarantine*To,
-# also)
-$QUARANTINEDIR = undef;
-%quarantine_method_by_ccat = (
- CC_CATCHALL, undef,
-);
-%admin_maps_by_ccat = (
- CC_CATCHALL, undef,
-);
-
-undef $undecipherable_subject_tag;
-
-# Defang virus only
-%defang_maps_by_ccat = (
- CC_VIRUS, 1,
- CC_CATCHALL, undef,
-);
-
-# Never BCC / DSN; don't forget to disallow setting amavisSpamDsnCutoffLevel
-# and amavis*Admin, also
-%always_bcc_by_ccat = (
- CC_CATCHALL, undef,
-);
-%dsn_bcc_by_ccat = (
- CC_CATCHALL, undef,
-);
-
-# Never warn sender / recipient; don't forget to disallow setting
-# amavisWarn*Recip, also
-%warnsender_by_ccat = ( # deprecated use, except perhaps for CC_BADH
- CC_CATCHALL, undef,
-);
-%warnrecip_maps_by_ccat = (
- CC_CATCHALL, undef,
-);
-
-@message_size_limit_maps = (); # per-recipient limits
-
-
-%banned_rules = (
- 'NO-MS-EXEC'=> new_RE( qr'^\.exe-ms$' ),
- 'PASSALL' => new_RE( [qr'^' => 0] ),
- 'ALLOW_EXE' => new_RE( qr'.\.(vbs|pif|scr|bat)$'i, [qr'^\.exe$' => 0] ),
- 'ALLOW_VBS' => new_RE( [qr'.\.vbs$' => 0] ),
-);
-
-
-$enable_ldap = 1;
-$default_ldap = {
- hostname => 'ldapi://',
- sasl => 1,
- sasl_mech => 'EXTERNAL',
- deref => 'never',
- timeout => 5,
- scope => 'one',
- base => 'fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org',
- # XXX: ideally we would use %u in the base and the query_filter, but
- # it's not supported as of amavis 2.7 (see the 'lookup_ldap'
- # subroutine in /usr/sbin/amavisd-new)
- query_filter => '(&(objectClass=amavisAccount)(ObjectClass=FripostVirtualUser)(fvl=%m))'
-};
-
-
-$recipient_delimiter = '+';
-$enable_dkim_verification = 1; # enable DKIM signatures verification
-
-
-# Per-recipient Bayes Database.
-@sa_username_maps = (
- new_RE ( [ qr'^(.+@[^@]+)$'i => '$1' ] ),
- 'amavis' # catch-all
-);
-
-# http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks-ex
-
-$inet_socket_port = 10041;
-
-$interface_policy{'10041'} = 'INBOUND';
-
-{% if 'out' in group_names %}
-$notify_method = 'smtp:[127.0.0.1]:{{ postfix_instance.out.port }}';
-{% else %}
-$notify_method = 'smtp:[outgoing.fripost.org]:{{ postfix_instance.out.port }}';
-{% endif %}
-$forward_method = 'lmtp:/var/run/dovecot/lmtp';
-$requeue_method = $forward_method;
-
-$sa_tag_level_deflt = undef;
-$sa_tag2_level_deflt = 5;
-$sa_kill_level_deflt = 5;
-$sa_dsn_cutoff_level = undef;
-$sa_quarantine_cutoff_level = undef;
-
-$policy_bank{'INBOUND'} = {
- originating => 0, # indicates a remote client, allows checking
- smtpd_greeting_banner =>
- '${helo-name} ${protocol} ${product} INBOUND service ready',
- mynetworks_maps => [], # avoids loading MYNETS policy unnecessarily
-};
-
-#------------ Do not modify anything below this line -------------
-1; # ensure a defined return