summaryrefslogtreecommitdiffstats
path: root/roles/IMAP/templates/etc
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2016-05-22 17:57:38 +0200
committerGuilhem Moulin <guilhem@fripost.org>2016-05-22 17:59:01 +0200
commitb536632f32d81dceb11f2b7ebf2ec1a284498901 (patch)
treec4a8cbbd68c7985d91ec6b501586049028d2f666 /roles/IMAP/templates/etc
parentdeb4777fb64a8427fa029bcd932a0c58adf203d6 (diff)
spamassassin: list our IPSec subnet in trusted_networks.
Diffstat (limited to 'roles/IMAP/templates/etc')
-rw-r--r--roles/IMAP/templates/etc/spamassassin/local.cf.j2120
1 files changed, 120 insertions, 0 deletions
diff --git a/roles/IMAP/templates/etc/spamassassin/local.cf.j2 b/roles/IMAP/templates/etc/spamassassin/local.cf.j2
new file mode 100644
index 0000000..edef554
--- /dev/null
+++ b/roles/IMAP/templates/etc/spamassassin/local.cf.j2
@@ -0,0 +1,120 @@
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# Only a small subset of options are listed below
+#
+###########################################################################
+
+# Add *****SPAM***** to the Subject header of spam e-mails
+#
+rewrite_header Subject [*****SPAM*****]
+
+
+# Save spam messages as a message/rfc822 MIME attachment instead of
+# modifying the original message (0: off, 2: use text/plain instead)
+#
+report_safe 0
+
+
+# Set which networks or hosts are considered 'trusted' by your mail
+# server (i.e. not spammers)
+#
+clear_trusted_networks
+trusted_networks 127.0.0.1/8 {{ ipsec_subnet }} {{ groups.MX | join(' ') }}
+
+# MXes and internal relays should be listed in bouth trusted_networks
+# and clear_internal_networks, cf.
+# https://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html
+clear_internal_networks
+internal_networks {{ groups.MX | join(' ') }}
+
+
+# Set file-locking method (flock is not safe over NFS, but is faster)
+#
+lock_method flock
+
+
+# Set the threshold at which a message is considered spam (default: 5.0)
+#
+required_score 5.0
+
+
+# Use Bayesian classifier (default: 1)
+#
+use_bayes 1
+
+
+# Bayesian classifier auto-learning (default: 1)
+#
+bayes_auto_learn 1
+bayes_auto_expire 0
+
+
+# Enable or disable network checks
+#
+# http://en.linuxreviews.org/Spam_blacklists
+# The best bets are zen.spamhaus.org and bl.spamcop.net .
+skip_rbl_checks 0
+use_razor2 1
+use_pyzor 0
+use_auto_whitelist 1
+
+# http://www.spamtips.org/2011/01/disable-dnsfromahblrhsbl.html
+score DNS_FROM_AHBL_RHSBL 0
+# http://www.spamtips.org/2011/01/disable-rfc-ignorantorg-rules.html
+score __RFC_IGNORANT_ENVFROM 0
+score DNS_FROM_RFC_DSN 0
+score DNS_FROM_RFC_BOGUSMX 0
+score __DNS_FROM_RFC_POST 0
+score __DNS_FROM_RFC_ABUSE 0
+score __DNS_FROM_RFC_WHOIS 0
+
+# Set headers which may provide inappropriate cues to the Bayesian
+# classifier
+#
+# bayes_ignore_header X-Bogosity
+# bayes_ignore_header X-Spam-Flag
+# bayes_ignore_header X-Spam-Status
+
+
+# Some shortcircuiting, if the plugin is enabled
+#
+ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
+#
+# default: strongly-whitelisted mails are *really* whitelisted now, if the
+# shortcircuiting plugin is active, causing early exit to save CPU load.
+# Uncomment to turn this on
+#
+# shortcircuit USER_IN_WHITELIST on
+# shortcircuit USER_IN_DEF_WHITELIST on
+# shortcircuit USER_IN_ALL_SPAM_TO on
+# shortcircuit SUBJECT_IN_WHITELIST on
+
+# the opposite; blacklisted mails can also save CPU
+#
+# shortcircuit USER_IN_BLACKLIST on
+# shortcircuit USER_IN_BLACKLIST_TO on
+# shortcircuit SUBJECT_IN_BLACKLIST on
+
+# if you have taken the time to correctly specify your "trusted_networks",
+# this is another good way to save CPU
+#
+# shortcircuit ALL_TRUSTED on
+
+# and a well-trained bayes DB can save running rules, too
+#
+# shortcircuit BAYES_99 spam
+# shortcircuit BAYES_00 ham
+
+endif # Mail::SpamAssassin::Plugin::Shortcircuit
+
+
+bayes_store_module Mail::SpamAssassin::BayesStore::MySQL
+bayes_sql_dsn DBI:mysql:spamassassin
+bayes_sql_username amavis
+
+auto_whitelist_factory Mail::SpamAssassin::SQLBasedAddrList
+user_awl_dsn DBI:mysql:spamassassin
+user_awl_sql_username amavis