diff --git a/configs/postfix/APKBUILD b/configs/postfix/APKBUILD index ea8745c..8d3fd6e 100644 --- a/configs/postfix/APKBUILD +++ b/configs/postfix/APKBUILD @@ -1,8 +1,8 @@ # Contributor: Alex Denes # Maintainer: Alex Denes pkgname=redxen-config-postfix -pkgver=2021.01.07 -pkgrel=12 +pkgver=2021.01.10 +pkgrel=0 pkgdesc="Postfix configuration files" url="https://git.redxen.eu/RedXen" arch="noarch" @@ -25,6 +25,6 @@ package() { } sha512sums="0c7bcc9e63762b12937938e31b25ed6a84508061fef2913625d7c89b1d6e4f27dfbe2065aca2f75e7c3a62d38cd613afc70af40526d7fd11c942bc4ba8b59515 master.cf -255a7e27c066573615028974edee02f929863d3e7801e293dce9bae12b5c9806101f22741fef32f2e828d8d017bcb492da70bd2ac93b16ab6cc200e4a343702e main.cf +b79fe66dbdd52c5e30bb06a13ce973d87136dd5dc50c749ba676b118d930343590d2e93c836ee0c5e9c622dfb6b8d082b5a557b8cf19bee7fa45b24fab8c4715 main.cf a1778901dbc12de543d9d5897b9d50ee5ebe47b7ef6ed87a0087249657f146ff8493de455d32016660cca3c8d669592e0ea9fbe9b6696d92cac6f014277f29e5 pgsql-aliases.cf 72c50fe20b4d1a7ea2e60fb2cac0164814ab41011eb7f0d67a8a5715a0cc43d3ad573f198a7933eb130f68ec5c25c558fad791300e5bb25e020ca76a4303db4c pgsql-users.cf" diff --git a/configs/postfix/main.cf b/configs/postfix/main.cf index 3fdce3f..a79cbb1 100644 --- a/configs/postfix/main.cf +++ b/configs/postfix/main.cf @@ -63,9 +63,9 @@ smtpd_sasl_local_domain = $myorigin mailbox_transport = lmtp:unix:/run/dovecot/lmtp # OpenDKIM & RSpamD -#milter_default_action = tempfail -#milter_protocol = 6 +milter_default_action = tempfail +milter_protocol = 6 -#smtpd_milters = local:/run/opendkim/opendkim.sock inet:127.0.0.1:11332 -#non_smtpd_milters = local:/run/opendkim/opendkim.sock inet:127.0.0.1:11332 -#internal_mail_filter_classes = bounce, notify +smtpd_milters = inet:rspamd.routinginfo.redxen.localhost:11332 +non_smtpd_milters = inet:rspamd.routinginfo.redxen.localhost:11332 +internal_mail_filter_classes = bounce, notify diff --git a/configs/rspamd/APKBUILD b/configs/rspamd/APKBUILD index 5907184..1d4204d 100644 --- a/configs/rspamd/APKBUILD +++ b/configs/rspamd/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Alex Denes pkgname=redxen-config-rspamd pkgver=2021.01.10 -pkgrel=6 +pkgrel=9 pkgdesc="RSpamD configuration" url="https://git.redxen.eu/RedXen" arch="noarch" @@ -58,16 +58,16 @@ sha512sums="99985993e5d7c525280020e7dc30106b3efbaa8ae2830a5069ad4270a8336d33efca d42a74d17771497960477878eedda2a00a434cbc1e994b015c21b4f631e24836cb6a7b14a24a2cb42ed15425b7758dc307a6cf602a770cfb0cc20b6f90064af9 redis.conf a3849ae55a68c90afd913ed18f6b210803f5dbaa2beab5abf23a84b9b4bcb48e617023123724222c1f74a005bf03e1c94e3fa1ded5a6f252d9c2ac317dabc1a2 rbl.conf 6ca83b91e70e43eff6de380065fc5591c6669a27497a47d74e5e096df68afea6269cfad41be982bb144f2dfb92fd5765a600cf9c4067c4612bd1aa1bf5e6ebfd phishing.conf -72840316e3a8905a6e087147b33355c1250209831423871783a4cda5c22dd1ec376ff4da1db05a3a763bd763b6a8ce8b0af9cccf7a3b0c0d0bc507fd3fe40f8f milter_headers.conf +213c45837e9e09dd69b194b9ed5e938fbcef102d0549f820a6881744c7b91cb41f98961bbfa8346dcef1f05e276761195945ba852fc6683defe6b26fbd411019 milter_headers.conf 08966d0a3c077a12a1113f774e11d51d3c7d04bb45914e295324e8aa51c3d75b55395c256a905c6d9ae1e98a004a9e6b3b37d36fce810a426dd5d90408331c0a maillist.conf 8660fd01589476bbc01bbe75bed392faa55f55fa9b6fea77be79f339cefb43ddbacdbe193ad136c42da91d4ef7f1e1ec40fc5f8f4f398d04bcebf51d5a59ad1f greylist.conf 227f215b4e65bff86428502425f1295b21e0f6e8c4b990e4f19aa8e1bb3f1cee18d1b8644e1223edb606292c786e814acc68d276562c8fb4f23fdce6b538689a fuzzy_check.conf e14c3683b48dde5584cbcd0bd5811f6111a201635dd7400d7703003b4c98255d10be9b64ee81784c1fe1df50159e12d6777086c5a18ee9b14be852d233cf6dc5 dmarc.conf ad3fa5e3c4c3d7b882c9e85bdde3b1949a32f2f2c9dd43e38977d828e7b6740d31002c502f24a0ea2e27105d5a6b1af7b7140c5d8e306f90c3f7d28c1e4607d5 dkim.conf dcec5c53bd29c345ed5c47727af9a8d11328cc8f69ae61064ba3b053ee306baa79b747067097b2354a1fecd6e6527d56d14c79be22c94531f2a5ddc41ce3ca7e chartable.conf -e95cd76aacc8c24ba499e5ff2853a3bef17a0b2b76fa46bb2fb7b31f73f7a62027f3569ee5ed283ede8611af68bd246e10e38dfe71665dea3073aad39068f109 rspamd.conf +8c72f2172f306fea251303e4c88661041dd217999dc0b8e42076cb4e6832e279bf078eca44e7c7c36ee5ec18a1ec94cf0bed9bd6853498678a7664a783aa54f7 rspamd.conf 667ec0331c811730e096e27f5e8659062239f46e3ccd148411984bb4d83b8770cc0d7d3c74dd5a2da71781e9b99d4bcb5a700cbd5f56ae8e17f7c4e50519ffb2 composites.conf 4ea651877607573126a731619801458798c1e8e4de3522462af4c71adc38141d09a0c75c2c83a33698e3c51095d0b7d364e1ceb3aa534a4157106370a7800e4a groups.conf 78df39cbc6e09cdc5e01d27e123d82aa677a70a6f5d59ba0be8d0ce6af012c5311e4a2527e4fbc586f9cdd8da033e9f05e2371970fa23db60eaa8c16c8e85f05 logging.conf 2d27d5ac1800ee28948f8fcc276cc5c62c97a19d01dde2263eadf3ec4f8eb3bbb8417f4271324c5cfbf1ebd60759aa9047849ea803da96c8632c21966b794e6c statistic.conf -8fd778a46ce497a2399b455ba423c5a6308082ac41ac21cac4dbf65447e151e115ef21ac9820ab84f445af8530bc915b8c7394d28eb4b8179c3143c1817093b8 workers.conf" +6d8cec7d31b7eeae5f62697f300c6dd2c85dd882240d11aa8db70e1870130607388b6823d3bfbebcfa2b8fc4c2f29650d9f53d3313b4a369f862576215ccb4cb workers.conf" diff --git a/configs/rspamd/modules/milter_headers.conf b/configs/rspamd/modules/milter_headers.conf index 1e411b1..730ce4f 100644 --- a/configs/rspamd/modules/milter_headers.conf +++ b/configs/rspamd/modules/milter_headers.conf @@ -1,6 +1,9 @@ milter_headers { + use = ["authentication-results"]; extended_spam_headers = true; authenticated_headers = ["authentication-results"]; + skip_local = false; + skip_authenticated = true; spf_symbols { pass = "R_SPF_ALLOW"; fail = "R_SPF_FAIL"; diff --git a/configs/rspamd/rspamd.conf b/configs/rspamd/rspamd.conf index 3e622ed..bfed20d 100644 --- a/configs/rspamd/rspamd.conf +++ b/configs/rspamd/rspamd.conf @@ -57,7 +57,7 @@ actions { .include "${CONFDIR}/redxen/statistic.conf" lua = "$RULESDIR/rspamd.lua" -.include(glob=true) "${CONFDIR}/redxen/modules/*.conf" modules { path = "${PLUGINSDIR}"; } +.include(glob=true) "${CONFDIR}/redxen/modules/*.conf" diff --git a/configs/rspamd/workers.conf b/configs/rspamd/workers.conf index 22a1ba8..5d5fa4d 100644 --- a/configs/rspamd/workers.conf +++ b/configs/rspamd/workers.conf @@ -1,17 +1,18 @@ worker "normal" { count = 1; - bind_socket = "localhost:11333"; + bind_socket = "*:11333"; mime = true; } worker "controller" { + enabled = false; count = -1; - bind_socket = "localhost:11334"; + bind_socket = "*:11334"; } worker "rspamd_proxy" { count = 1; - bind_socket = "localhost:11332"; + bind_socket = "*:11332"; milter = yes; timeout = 120s; # Needed for Milter usually max_retries = 5; @@ -27,7 +28,7 @@ worker "rspamd_proxy" { worker "fuzzy" { count = 1; - bind_socket = "localhost:11335"; + bind_socket = "*:11335"; backend = "redis"; expire = 90d; allow_update = []; diff --git a/configs/unbound/APKBUILD b/configs/unbound/APKBUILD index 1ebdf8c..8874d8a 100644 --- a/configs/unbound/APKBUILD +++ b/configs/unbound/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Alex Denes # Maintainer: Alex Denes pkgname=redxen-config-unbound -pkgver=2021.01.07 +pkgver=2021.01.10 pkgrel=0 pkgdesc="Unbound configurations and some other stuff." url="https://git.redxen.eu/RedXen" @@ -61,6 +61,6 @@ sha512sums="f402b87071a3059992242b7dbce0aaea2f20ec4e5fc4e855160d5ebc75be7dd3d4cb d3754ced9d8055ff7f1d364a93c403bba3f220a60ea519bceee5e9c43112d6a00d20d15cf659fdd6ad6834cf14afd6ecb5d9e1497ff2932572fd970750655749 base.conf 75709787e0872197c83def93b343550934f6b2e4903873aaf72f357fb8b4a1d7c5b8ba84913f052ad01aeca03f58ca589a22bf867c1c2e40e01f9588c7c580c4 acl.conf d94ad338e2ea43c3ecdc62c861eddc0bb706807b738dd985309bcdf0b5fb435d7260bf272e2bbe40a774ec5b8fa49cbf23624c2c5213eea94f4f14aa3720abfa rctrl.conf -2183abc076166cd2026ccbf8d65e51870ca26a6fe11fbe48f2dbf9e8b8801b8b7c91c3607b2a48a254aeb8e364564fea361a2e3eccf13e0477542f7f3919bb5c internal.conf +0571d43230f420ef9ba1fe2b20aba7fca9bedc986363610368473289e9b636a8a4b76b20cb7efbe4a355d65c0633bc6aa97f826cec596d993240157cd5fa2493 internal.conf 28c917fe7f69643887097553312c4f1ffc747dffdbf150430e6c4b2e5833567922810716cb59a27887915664777ac3263be3c826956f504499f0ebdcc0b3aac5 auth-zones.conf 06ff10c9bc4f75fea4d04125d1fd24d311cbf4c7d9d89be07ceca296f5bd2bc237064fc98597ccb31f572721690ea50e8eafac6804ac2338268065f3f86abaae redxen.eu" diff --git a/configs/unbound/internal.conf b/configs/unbound/internal.conf index 5656a0a..082867f 100644 --- a/configs/unbound/internal.conf +++ b/configs/unbound/internal.conf @@ -27,6 +27,7 @@ server: local-data: "postgresql.routinginfo.redxen.localhost. 86400 IN AAAA 201:5d63:154:f0c6:9789:1899:6acb:1805" local-data: "redis.routinginfo.redxen.localhost. 86400 IN AAAA 201:5d63:154:f0c6:9789:1899:6acb:1805" local-data: "influxdb.routinginfo.redxen.localhost. 86400 IN AAAA 201:5d63:154:f0c6:9789:1899:6acb:1805" + local-data: "rspamd.routinginfo.redxen.localhost. 86400 IN AAAA 200:2749:8af:bdf9:f011:997e:7bbb:35f3" # Legacy machines (pre-migration) local-data: "6051167.nbg1-dc3.hetzner.redxen.localhost. 86400 IN A 10.0.0.4" diff --git a/openrc/rspamd/APKBUILD b/openrc/rspamd/APKBUILD new file mode 100644 index 0000000..891fab4 --- /dev/null +++ b/openrc/rspamd/APKBUILD @@ -0,0 +1,22 @@ +# Contributor: Alex Denes +# Maintainer: Alex Denes +pkgname=redxen-openrc-rspamd +pkgver=2021.01.10 +pkgrel=0 +pkgdesc="RSpamD OpenRC service files" +url="https://git.redxen.eu/RedXen" +arch="noarch" +license="none" +depends="openrc rspamd-openrc redxen-config-rspamd" +options="!check" +source=" + conffile +" +builddir="$srcdir" + +package() { + mkdir -p "$pkgdir"/etc/init.d + ln -s rspamd "$pkgdir"/etc/init.d/rspamd.redxen + install -Dm644 conffile "$pkgdir"/etc/conf.d/rspamd.redxen +} +sha512sums="917a359a4aa48d36b62838db6e21c7e55df5d5394366511c49bb8d9f3c61e682eee6d76d9482ce8d572d96aeeb704dd460ab95d14ad7384c5f31cd869146dced conffile" diff --git a/openrc/rspamd/conffile b/openrc/rspamd/conffile new file mode 100644 index 0000000..97b50cf --- /dev/null +++ b/openrc/rspamd/conffile @@ -0,0 +1,13 @@ +# Configuration for /etc/init.d/rspamd + +# User and group to run rspamd workers. +#command_user="rspamd:rspamd" + +# Path of the main configuration file. +cfgfile="/etc/rspamd/redxen/rspamd.conf" + +# Where to log startup configuration checking: +# - /dev/null - silent if check pass (default) +# - /dev/stdout - always print output on the curent terminal +# - /path/filename - append output to the specified logfile +#startuplog="/var/log/rspamd/startup.log"