hasufell/exherbo-dockermail
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove amavis

Browse Source 
We will use spamassasin instead.
This commit is contained in:
hasufell 2015-10-02 14:53:01 +02:00
parent 111a0ec131
commit 8d28bce22a
No known key found for this signature in database
GPG Key ID: 220CD1C5BDEED020
9 changed files with 1 additions and 233 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -8,7 +8,6 @@ The setup is modular and so far has (more to come, feel free to contribute :)
* `core` - base SMTP and IMAP server * `core` - base SMTP and IMAP server
* `opendkim` - adds DKIM signing service to the core * `opendkim` - adds DKIM signing service to the core
* `amavis` - adds incoming SPAM filter
Please see the README in each folder for more information on each image. Please see the README in each folder for more information on each image.
@ -32,4 +31,4 @@ and it will spin up both container and link them together, easy!
* Testing * Testing
### TODO ### TODO
* gentoo support for amavis and opendkim * gentoo support for opendkim

36
amavis/Dockerfile
View File

@ -1,36 +0,0 @@
FROM ubuntu:14.10
ENV DEBIAN_FRONTEND noninteractive
RUN locale-gen en_GB en_GB.UTF-8 && dpkg-reconfigure locales
# Prerequisites
RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
apt-get update && apt-get install -y \
amavisd-new \
spamassassin \
libnet-dns-perl \
libmail-spf-perl \
pyzor \
razor && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Set up razor and pyzor
RUN su - amavis -s /bin/bash && razor-admin -create && razor-admin -register && pyzor discover
COPY ./config/05-node_id /etc/amavis/conf.d/05-node_id
COPY ./config/15-content_filter_mode /etc/amavis/conf.d/15-content_filter_mode
COPY ./config/50-user /etc/amavis/conf.d/50-user
COPY ./config/rsyslog.conf /etc/rsyslog.conf
# Nice place for your settings
VOLUME ["/mail_settings"]
# Configure boot script
COPY boot /
RUN chmod 755 /boot
ENV AMAVIS=true
EXPOSE 10024
ENTRYPOINT ./boot; amavisd-new; rsyslogd -n

8
amavis/README.md
View File

@ -1,8 +0,0 @@
Dockermail - Amavis
===
Once configured and linked to the `email_core`, this image will filter incoming mail for SPAM.
This does not scan email for viruses/malware, only SPAM scoring.
### Configuration
This images only needs to know the domains, and will use the same `domains` file from `email_core` for easy administration. See `email_core` README for info on `domains` syntax.

16
amavis/boot
View File

@ -1,16 +0,0 @@
#!/bin/bash
# Update hostname if given
if [ -f /mail_settings/myhostname ]; then
echo $(sed 's:/:\\/:g' /mail_settings/myhostname) > /etc/mailname
fi
readarray -t domains < /mail_settings/domains
first_fqdn="\$myhostname = \"${domains[0]}\";"
domain_string=$(printf "'%s' " "${domains[@]}") | tr ' ' ,
domain_acl="@local_domains_acl = ( $domain_string );"
sed "/# DOCKERMAIL DOMAINS START/,/# DOCKERMAIL DOMAINS END/{//!d}" /etc/amavis/conf.d/05-node_id -i
sed "/# DOCKERMAIL DOMAINS START/,/# DOCKERMAIL DOMAINS END/{//!d}" /etc/amavis/conf.d/50-user -i
sed "/# DOCKERMAIL DOMAINS START/a $first_fqdn" /etc/amavis/conf.d/05-node_id -i
sed "/# DOCKERMAIL DOMAINS START/a $domain_acl" /etc/amavis/conf.d/50-user -i

15
amavis/config/05-node_id
View File

@ -1,15 +0,0 @@
use strict;
# $myhostname is used by amavisd-new for node identification, and it is
# important to get it right (e.g. for ESMTP EHLO, loop detection, and so on).
chomp($myhostname = `hostname --fqdn`);
# To manually set $myhostname, edit the following line with the correct Fully
# Qualified Domain Name (FQDN) and remove the # at the beginning of the line.
#
#$myhostname = "mail.example.com";
# DOCKERMAIL DOMAINS START
# DOCKERMAIL DOMAINS END
1; # ensure a defined return

27
amavis/config/15-content_filter_mode
View File

@ -1,27 +0,0 @@
use strict;
# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.
#
# Default antivirus checking mode
# Please note, that anti-virus checking is DISABLED by
# default.
# If You wish to enable it, please uncomment the following lines:
#@bypass_virus_checks_maps = (
# \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
#
# Default SPAM checking mode
# Please note, that anti-spam checking is DISABLED by
# default.
# If You wish to enable it, please uncomment the following lines:
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
1; # ensure a defined return

25
amavis/config/50-user
View File

@ -1,25 +0,0 @@
use strict;
#
# Place your configuration directives here. They will override those in
# earlier files.
#
# See /usr/share/doc/amavisd-new/ for documentation and examples of
# the directives you can use in this file
#
# DOCKERMAIL DOMAINS START
# DOCKERMAIL DOMAINS END
# See http://opensource.apple.com/source/amavisd/amavisd-114/amavisd/amavisd-new-2.4.4/amavisd.conf-sample
# for details on asterisk reinjection configuration
$forward_method = 'smtp:*:10025';
$notify_method = $forward_method;
# Bind on all interfaces (needed to expose this to linked containers)
$inet_socket_bind = '0.0.0.0';
# Accept incoming requests from private ip range
@inet_acl = qw(172.0.0.0/8);
#------------ Do not modify anything below this line -------------
1; # ensure a defined return

28
amavis/config/rsyslog.conf
View File

@ -1,28 +0,0 @@
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
###########################
#### GLOBAL DIRECTIVES ####
###########################
# Filter duplicated messages
$RepeatedMsgReduction on
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
# Write everything to stdout
$template fmt,"%timestamp:::date-rfc3164%\n"
*.* /dev/stdout

76
core/boot.d/amavis
View File

@ -1,76 +0,0 @@
#!/bin/bash
echo 'Running amavis boot script'
POSTFIX_MAIN_CF=/etc/postfix/main.cf
POSTFIX_MASTER_CF=/etc/postfix/master.cf
env_dump=$(printenv)
AMAVIS_CONFIG_HEADER="# Amavis - dockermail - start"
AMAVIS_CONFIG_FOOTER="# Amavis - dockermail - end"
function remove_amavis () {
# main.cf
if grep -q "$AMAVIS_CONFIG_HEADER" "$POSTFIX_MAIN_CF"; then
sed "/$AMAVIS_CONFIG_HEADER/,/$AMAVIS_CONFIG_FOOTER/d" "$POSTFIX_MAIN_CF" -i
fi
# master.cf
sed '/^pickup/,/^cleanup/{//!d}' "$POSTFIX_MASTER_CF" -i
sed "/$AMAVIS_CONFIG_HEADER/,/$AMAVIS_CONFIG_FOOTER/d" "$POSTFIX_MASTER_CF" -i
}
function add_amavis () {
# main.cf
if ! grep -q "$AMAVIS_CONFIG_HEADER" "$POSTFIX_MAIN_CF"; then
echo "$AMAVIS_CONFIG_HEADER" >> "$POSTFIX_MAIN_CF"
echo "content_filter = smtp-amavis:[amavis]:10024" >> "$POSTFIX_MAIN_CF"
echo "$AMAVIS_CONFIG_FOOTER" >> "$POSTFIX_MAIN_CF"
else
echo "Warning: $POSTFIX_MAIN_CF already contains Amavis configuration, skipping"
fi
# master.cf
if ! grep -q "$AMAVIS_CONFIG_HEADER" "$POSTFIX_MASTER_CF"; then
sed "/^pickup.*/a \ -o content_filter= \n -o receive_override_options=no_header_body_checks" $POSTFIX_MASTER_CF -i
echo "$AMAVIS_CONFIG_HEADER" >> $POSTFIX_MASTER_CF
echo "smtp-amavis unix - - - - 2 smtp" >> $POSTFIX_MASTER_CF
echo " -o smtp_data_done_timeout=1200" >> $POSTFIX_MASTER_CF
echo " -o smtp_send_xforward_command=yes" >> $POSTFIX_MASTER_CF
echo " -o disable_dns_lookups=yes" >> $POSTFIX_MASTER_CF
echo " -o max_use=20" >> $POSTFIX_MASTER_CF
echo "0.0.0.0:10025 inet n - - - - smtpd" >> $POSTFIX_MASTER_CF
echo " -o content_filter=" >> $POSTFIX_MASTER_CF
echo " -o local_recipient_maps=" >> $POSTFIX_MASTER_CF
echo " -o relay_recipient_maps=" >> $POSTFIX_MASTER_CF
echo " -o smtpd_restriction_classes=" >> $POSTFIX_MASTER_CF
echo " -o smtpd_delay_reject=no" >> $POSTFIX_MASTER_CF
echo " -o smtpd_client_restrictions=permit_mynetworks,reject" >> $POSTFIX_MASTER_CF
echo " -o smtpd_helo_restrictions=" >> $POSTFIX_MASTER_CF
echo " -o smtpd_sender_restrictions=" >> $POSTFIX_MASTER_CF
echo " -o smtpd_recipient_restrictions=permit_mynetworks,reject" >> $POSTFIX_MASTER_CF
echo " -o smtpd_data_restrictions=reject_unauth_pipelining" >> $POSTFIX_MASTER_CF
echo " -o smtpd_end_of_data_restrictions=" >> $POSTFIX_MASTER_CF
# Allow the private ip range 172.x.x.x that Docker apparently uses
echo " -o mynetworks=172.0.0.0/8" >> $POSTFIX_MASTER_CF
echo " -o smtpd_error_sleep_time=0" >> $POSTFIX_MASTER_CF
echo " -o smtpd_soft_error_limit=1001" >> $POSTFIX_MASTER_CF
echo " -o smtpd_hard_error_limit=1000" >> $POSTFIX_MASTER_CF
echo " -o smtpd_client_connection_count_limit=0" >> $POSTFIX_MASTER_CF
echo " -o smtpd_client_connection_rate_limit=0" >> $POSTFIX_MASTER_CF
echo " -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks" >> $POSTFIX_MASTER_CF
echo "$AMAVIS_CONFIG_FOOTER" >> $POSTFIX_MASTER_CF
else
echo "Warning: $POSTFIX_MASTER_CF already contains Amavis configuration, skipping"
fi
}
if [[ $env_dump =~ ^(.+AMAVIS)= ]] ; then
if [ ! -z "${BASH_REMATCH[1]}" ]; then
echo "AMAVIS env set, enabling SPAM filter"
add_amavis
fi
else
echo "Cant find AMAVIS env, SPAM filter will be disabled"
remove_amavis
fi
echo 'Finished amavis boot script'