diff options
| author | Jesse Luehrs <doy@tozt.net> | 2019-03-19 02:30:40 -0400 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2019-03-19 02:36:14 -0400 |
| commit | 6066787bd2a25cd58841b338fb9797e7c61ec728 (patch) | |
| tree | eb10de733d7dab4a63e29c86bfe5d6c453ed32e7 /modules/mail | |
| parent | 219782a7352d6571eab79fa7a70358f17f88d073 (diff) | |
| download | puppet-tozt-6066787bd2a25cd58841b338fb9797e7c61ec728.tar.gz puppet-tozt-6066787bd2a25cd58841b338fb9797e7c61ec728.zip | |
try testing a change
Diffstat (limited to 'modules/mail')
| -rw-r--r-- | modules/mail/files/patch/dovecot.conf | 159 | ||||
| -rwxr-xr-x | modules/mail/files/patch/ham | 5 | ||||
| -rw-r--r-- | modules/mail/files/patch/learn.sieve | 17 | ||||
| -rwxr-xr-x | modules/mail/files/patch/spam | 5 | ||||
| -rw-r--r-- | modules/mail/manifests/mailu.pp | 2 | ||||
| -rw-r--r-- | modules/mail/manifests/mailu/testing.pp | 24 | ||||
| -rw-r--r-- | modules/mail/templates/docker-compose.yml.erb | 4 |
7 files changed, 216 insertions, 0 deletions
diff --git a/modules/mail/files/patch/dovecot.conf b/modules/mail/files/patch/dovecot.conf new file mode 100644 index 0000000..e0b0728 --- /dev/null +++ b/modules/mail/files/patch/dovecot.conf @@ -0,0 +1,159 @@ +############### +# General +############### +log_path = /dev/stderr +protocols = imap pop3 lmtp sieve +postmaster_address = {{ POSTMASTER }}@{{ DOMAIN }} +hostname = {{ HOSTNAMES.split(",")[0] }} +submission_host = {{ FRONT_ADDRESS }} + +############### +# Mailboxes +############### +first_valid_gid = 8 +first_valid_uid = 8 +mail_location = maildir:/mail/%u +mail_home = /mail/%u +mail_uid = mail +mail_gid = mail +mail_privileged_group = mail +mail_access_groups = mail +maildir_stat_dirs = yes +mailbox_list_index = yes +mail_vsize_bg_after_count = 100 +mail_plugins = $mail_plugins quota quota_clone zlib + +namespace inbox { + inbox = yes + {% for mailbox in ("Trash", "Drafts", "Sent", "Junk") %} + mailbox {{ mailbox }} { + auto = subscribe + special_use = \{{ mailbox }} + } + {% endfor %} +} + +plugin { + quota = count:User quota + quota_vsizes = yes + quota_clone_dict = proxy:/tmp/podop.socket:quota + + {% if COMPRESSION in [ 'gz', 'bz2' ] %} + zlib_save = {{ COMPRESSION }} + {% endif %} + + {% if COMPRESSION_LEVEL %} + zlib_save_level = {{ COMPRESSION_LEVEL }} + {% endif %} +} + +############### +# Authentication +############### +auth_username_chars = +auth_mechanisms = plain login +disable_plaintext_auth = no + +passdb { + driver = dict + args = /etc/dovecot/auth.conf +} + +userdb { + driver = dict + args = /etc/dovecot/auth.conf +} + +service auth { + user = dovecot + unix_listener auth-userdb { + } +} + +service auth-worker { + unix_listener auth-worker { + user = dovecot + group = mail + mode = 0660 + } + user = mail +} + +############### +# IMAP & POP +############### +protocol imap { + mail_plugins = $mail_plugins imap_quota imap_sieve + mail_max_userip_connections = 20 +} + +protocol pop3 { + +} + +service imap-login { + inet_listener imap { + port = 143 + } +} + +############### +# Delivery +############### +protocol lmtp { + mail_plugins = $mail_plugins sieve + recipient_delimiter = {{ RECIPIENT_DELIMITER }} +} + +service lmtp { + inet_listener lmtp { + port = 2525 + } +} + +############### +# Filtering +############### +service managesieve-login { + inet_listener sieve { + port = 4190 + } +} + +service managesieve { +} + +plugin { + sieve = file:~/sieve;active=~/.dovecot.sieve + sieve_before = dict:proxy:/tmp/podop.socket:sieve + sieve_plugins = sieve_imapsieve sieve_extprograms + sieve_extensions = +spamtest +spamtestplus +editheader + sieve_global_extensions = +vnd.dovecot.execute + + # Sieve execute + sieve_execute_bin_dir = /conf/bin + + # Send vacation replies even for aliases + # See the Pigeonhole documentation about warnings: http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/Vacation + # It appears that our implemntation of mail delivery meets criteria of section 4.5 + # from RFC 5230 and that disabling the recipient checks is not an issue here. + sieve_vacation_dont_check_recipient = yes + + # Include the recipient in vacation replies so that DKIM applies + sieve_vacation_send_from_recipient = yes + + # extract spam score from headers + sieve_spamtest_status_type = strlen + sieve_spamtest_status_header = X-Spam-Level + sieve_spamtest_max_value = 15 + + # Learn from spam + imapsieve_mailbox1_name = * + imapsieve_mailbox1_before = file:/conf/learn.sieve +} + +############### +# Extensions +############### + +!include_try /overrides/dovecot.conf diff --git a/modules/mail/files/patch/ham b/modules/mail/files/patch/ham new file mode 100755 index 0000000..815e538 --- /dev/null +++ b/modules/mail/files/patch/ham @@ -0,0 +1,5 @@ +#!/bin/bash + +tee >(rspamc -h antispam:11334 -P mailu learn_ham /dev/stdin) \ + >(rspamc -h antispam:11334 -P mailu -f 11 fuzzy_del /dev/stdin) \ + >(rspamc -h antispam:11334 -P mailu -f 13 fuzzy_add /dev/stdin) diff --git a/modules/mail/files/patch/learn.sieve b/modules/mail/files/patch/learn.sieve new file mode 100644 index 0000000..e56b593 --- /dev/null +++ b/modules/mail/files/patch/learn.sieve @@ -0,0 +1,17 @@ +require ["vnd.dovecot.execute", "imap4flags", "imapsieve", "environment", "variables"]; + +if environment :matches "imap.mailbox" "*" { + set "mailbox" "${1}"; +} + +if string "${mailbox}" "Junk" { + setflag "\\seen"; + execute :pipe "spam"; +} +else { + if string "${mailbox}" "Trash" { + stop; + } + + execute :pipe "ham"; +} diff --git a/modules/mail/files/patch/spam b/modules/mail/files/patch/spam new file mode 100755 index 0000000..a2421ba --- /dev/null +++ b/modules/mail/files/patch/spam @@ -0,0 +1,5 @@ +#!/bin/bash + +tee >(rspamc -h antispam:11334 -P mailu learn_spam /dev/stdin) \ + >(rspamc -h antispam:11334 -P mailu -f 13 fuzzy_del /dev/stdin) \ + >(rspamc -h antispam:11334 -P mailu -f 11 fuzzy_add /dev/stdin) diff --git a/modules/mail/manifests/mailu.pp b/modules/mail/manifests/mailu.pp index 4f7a348..dd8ff85 100644 --- a/modules/mail/manifests/mailu.pp +++ b/modules/mail/manifests/mailu.pp @@ -111,4 +111,6 @@ class mail::mailu { File["/etc/systemd/system/mailu.service"], ]; } + + include mail::mailu::testing } diff --git a/modules/mail/manifests/mailu/testing.pp b/modules/mail/manifests/mailu/testing.pp new file mode 100644 index 0000000..a0dbb29 --- /dev/null +++ b/modules/mail/manifests/mailu/testing.pp @@ -0,0 +1,24 @@ +class mail::mailu::testing { + file { + "/media/persistent/overrides/patch": + ensure => directory, + require => File["/media/persistent/overrides"], + notify => Service["mailu"]; + "/media/persistent/overrides/patch/learn.sieve": + source => "puppet:///modules/mail/patch/learn.sieve", + require => File["/media/persistent/overrides/patch"], + notify => Service["mailu"]; + "/media/persistent/overrides/patch/dovecot.conf": + source => "puppet:///modules/mail/patch/dovecot.conf", + require => File["/media/persistent/overrides/patch"], + notify => Service["mailu"]; + "/media/persistent/overrides/patch/ham": + source => "puppet:///modules/mail/patch/ham", + require => File["/media/persistent/overrides/patch"], + notify => Service["mailu"]; + "/media/persistent/overrides/patch/spam": + source => "puppet:///modules/mail/patch/spam", + require => File["/media/persistent/overrides/patch"], + notify => Service["mailu"]; + } +} diff --git a/modules/mail/templates/docker-compose.yml.erb b/modules/mail/templates/docker-compose.yml.erb index 75f4836..876bc24 100644 --- a/modules/mail/templates/docker-compose.yml.erb +++ b/modules/mail/templates/docker-compose.yml.erb @@ -33,6 +33,10 @@ services: volumes: - "/media/persistent/certs:/certs" - "/media/persistent/overrides/nginx:/overrides" + - "/media/persistent/overrides/patch/learn.sieve:/conf/learn.sieve" + - "/media/persistent/overrides/patch/dovecot.conf:/conf/dovecot.conf" + - "/media/persistent/overrides/patch/ham:/conf/bin/ham" + - "/media/persistent/overrides/patch/spam:/conf/bin/spam" resolver: image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-1.6} |