From a4905ec3bccb2ceb3c6c466e4bc90d20eae3d656 Mon Sep 17 00:00:00 2001
From: Alex Denes <caskd@redxen.eu>
Date: Wed, 13 Jan 2021 15:21:08 +0000
Subject: [PATCH] Few fixes for mail and backup scripts

---
 configs/dovecot/APKBUILD                   |  4 +--
 configs/dovecot/dovecot.conf               | 37 +++++++++++-----------
 configs/postfix/APKBUILD                   |  4 +--
 configs/postfix/main.cf                    | 10 +++---
 configs/rspamd/APKBUILD                    |  8 ++---
 configs/rspamd/modules/milter_headers.conf |  9 +++---
 configs/rspamd/rspamd.conf                 |  2 +-
 cron/mail/APKBUILD                         | 22 +++++++++++++
 cron/mail/cron-daily                       |  3 ++
 9 files changed, 61 insertions(+), 38 deletions(-)
 create mode 100644 cron/mail/APKBUILD
 create mode 100644 cron/mail/cron-daily

diff --git a/configs/dovecot/APKBUILD b/configs/dovecot/APKBUILD
index fe5fa39..943f570 100644
--- a/configs/dovecot/APKBUILD
+++ b/configs/dovecot/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Alex Denes <caskd@redxen.eu>
 pkgname=redxen-config-dovecot
 pkgver=2021.01.13
-pkgrel=0
+pkgrel=1
 pkgdesc="Dovecot configuration"
 url="https://git.redxen.eu/RedXen"
 arch="noarch"
@@ -23,6 +23,6 @@ package() {
 	install -d "$pkgdir"/var/mail
 }
 
-sha512sums="becbc91f12def8de87b550b4e1ee6e055e971b68fb57b651f7040250e59b93a5e0deff2bf74036b975d50b56d81237a3141f6f11048a0b4be5bb9eef7af37503  dovecot.conf
+sha512sums="b96eab7f066bf1a1baa729cba152f3190a5179e6c3940c9b28dbbdc2439052d7983f9e79d22675fc84420fb4a932dcfdb589547b77391ae27ec26cb4e6d60405  dovecot.conf
 d4646d31915b6fc0df7cc9c06d66c369f6a622f2f0c783fd9463a05a53d1b3b3ba2ebcbe32b2391f0e44fe2a67c6eeeef3b00d3067325152054e184ac67ff745  pgsql.conf
 e305a5ee8196f09d805278acf27a2b66eae9c9e3c6e3458bca391597b1c720c063f8c92034d1af070c750fd0858da7eaa16e75a3b060064eac6b5bcb7b2452e7  rspamd.sieve"
diff --git a/configs/dovecot/dovecot.conf b/configs/dovecot/dovecot.conf
index 7b6469f..1f07409 100644
--- a/configs/dovecot/dovecot.conf
+++ b/configs/dovecot/dovecot.conf
@@ -67,10 +67,6 @@ service auth {
 }
 
 
-protocol lmtp {
-	mail_plugins = $mail_plugins sieve
-}
-
 # Mailbox
 mail_home=/var/mail/%u
 mail_location = maildir:/var/mail/%u:INBOX=/var/mail/%u/Inbox:LAYOUT=fs
@@ -100,18 +96,21 @@ namespace inbox {
 	}
 }
 
-plugin {
-	sieve_plugins = sieve_extprograms
-	sieve_extensions = +editheader +mboxmetadata +servermetadata +imapflags +notify +spamtest +spamtestplus +virustest
-
-	sieve_spamtest_status_type = score
-	sieve_spamtest_status_header = X-Spamd-Result: .*? \[([[:digit:]]+\.[[:digit:]]+) / [[:digit:]]+\.[[:digit:]]+\];
-	sieve_spamtest_max_value = 6
-	sieve_spamtest_max_header = X-Spamd-Result: .*? \[[[:digit:]]+\.[[:digit:]]+ / ([[:digit:]]+\.[[:digit:]]+)\];
-
-	sieve_spamtest_status_type = text
-	sieve_spamtest_status_header = X-Spam
-	sieve_spamtest_text_value1 = No
-	sieve_spamtest_text_value10 = Yes
-	sieve_default = /etc/dovecot/redxen/rspamd.sieve
-}
+#protocol lmtp {
+#	mail_plugins = $mail_plugins sieve
+#}
+#plugin {
+#	sieve_plugins = sieve_extprograms
+#	sieve_extensions = +editheader +mboxmetadata +servermetadata +imapflags +notify +spamtest +spamtestplus +virustest
+#
+#	sieve_spamtest_status_type = score
+#	sieve_spamtest_status_header = X-Spamd-Result: .*? \[([[:digit:]]+\.[[:digit:]]+) / [[:digit:]]+\.[[:digit:]]+\];
+#	sieve_spamtest_max_value = 6
+#	sieve_spamtest_max_header = X-Spamd-Result: .*? \[[[:digit:]]+\.[[:digit:]]+ / ([[:digit:]]+\.[[:digit:]]+)\];
+#
+#	sieve_spamtest_status_type = text
+#	sieve_spamtest_status_header = X-Spam
+#	sieve_spamtest_text_value1 = No
+#	sieve_spamtest_text_value10 = Yes
+#	sieve_default = /etc/dovecot/redxen/rspamd.sieve
+#}
diff --git a/configs/postfix/APKBUILD b/configs/postfix/APKBUILD
index dd2bff4..5522477 100644
--- a/configs/postfix/APKBUILD
+++ b/configs/postfix/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Alex Denes <caskd@redxen.eu>
 pkgname=redxen-config-postfix
 pkgver=2021.01.13
-pkgrel=0
+pkgrel=1
 pkgdesc="Postfix configuration files"
 url="https://git.redxen.eu/RedXen"
 arch="noarch"
@@ -25,6 +25,6 @@ package() {
 }
 
 sha512sums="0c7bcc9e63762b12937938e31b25ed6a84508061fef2913625d7c89b1d6e4f27dfbe2065aca2f75e7c3a62d38cd613afc70af40526d7fd11c942bc4ba8b59515  master.cf
-192da6dfc142b73c71b8cb8e8bdfd2e8a06a64b557a47fb4b17b0176a8be9856266343e1ff62cd2342f925d711235e1775fc2b90e62918c591ddcd2ea924ddd3  main.cf
+5e9b1fffced9067af0c76fc4aadce828b002e4e90eb406393da6624a68b6b7ca5f19649a66956b267c18cb9d12be79b624dbb40371baf8eeb085fa99b24f887f  main.cf
 a1778901dbc12de543d9d5897b9d50ee5ebe47b7ef6ed87a0087249657f146ff8493de455d32016660cca3c8d669592e0ea9fbe9b6696d92cac6f014277f29e5  pgsql-aliases.cf
 72c50fe20b4d1a7ea2e60fb2cac0164814ab41011eb7f0d67a8a5715a0cc43d3ad573f198a7933eb130f68ec5c25c558fad791300e5bb25e020ca76a4303db4c  pgsql-users.cf"
diff --git a/configs/postfix/main.cf b/configs/postfix/main.cf
index a3be391..d14139a 100644
--- a/configs/postfix/main.cf
+++ b/configs/postfix/main.cf
@@ -63,11 +63,9 @@ smtpd_sasl_local_domain = $myorigin
 mailbox_transport = lmtp:unix:/run/dovecot/lmtp
 
 # OpenDKIM & RSpamD
-milter_default_action = tempfail
 milter_protocol = 6
-smtpd_milters = inet:opendkim.routinginfo.redxen.localhost:11335 inet:rspamd.routinginfo.redxen.localhost:11332
-non_smtpd_milters = inet:opendkim.routinginfo.redxen.localhost:11335 inet:rspamd.routinginfo.redxen.localhost:11332
-
-milter_connect_macros = j {daemon_name} v {if_name} _
-milter_mail_macros="i {mail_addr} {client_addr} {client_name} {auth_type} {auth_authen}"
+milter_default_action = tempfail
 internal_mail_filter_classes = bounce, notify
+
+non_smtpd_milters = inet:rspamd.routinginfo.redxen.localhost:11332
+smtpd_milters = inet:opendkim.routinginfo.redxen.localhost:11335 $non_smtpd_milters
diff --git a/configs/rspamd/APKBUILD b/configs/rspamd/APKBUILD
index 1d4204d..0a5a717 100644
--- a/configs/rspamd/APKBUILD
+++ b/configs/rspamd/APKBUILD
@@ -1,8 +1,8 @@
 # Contributor: Alex Denes <caskd@redxen.eu>
 # Maintainer: Alex Denes <caskd@redxen.eu>
 pkgname=redxen-config-rspamd
-pkgver=2021.01.10
-pkgrel=9
+pkgver=2021.01.13
+pkgrel=2
 pkgdesc="RSpamD configuration"
 url="https://git.redxen.eu/RedXen"
 arch="noarch"
@@ -58,14 +58,14 @@ sha512sums="99985993e5d7c525280020e7dc30106b3efbaa8ae2830a5069ad4270a8336d33efca
 d42a74d17771497960477878eedda2a00a434cbc1e994b015c21b4f631e24836cb6a7b14a24a2cb42ed15425b7758dc307a6cf602a770cfb0cc20b6f90064af9  redis.conf
 a3849ae55a68c90afd913ed18f6b210803f5dbaa2beab5abf23a84b9b4bcb48e617023123724222c1f74a005bf03e1c94e3fa1ded5a6f252d9c2ac317dabc1a2  rbl.conf
 6ca83b91e70e43eff6de380065fc5591c6669a27497a47d74e5e096df68afea6269cfad41be982bb144f2dfb92fd5765a600cf9c4067c4612bd1aa1bf5e6ebfd  phishing.conf
-213c45837e9e09dd69b194b9ed5e938fbcef102d0549f820a6881744c7b91cb41f98961bbfa8346dcef1f05e276761195945ba852fc6683defe6b26fbd411019  milter_headers.conf
+5a4ecc8ed31bfc0373a272e8a53fe399b6850dc258fba4ad12cdeedd0c9a5cb007b7fe69d66936c85b3be25cdc200232e3939b369a2aec63d767d91a6910e671  milter_headers.conf
 08966d0a3c077a12a1113f774e11d51d3c7d04bb45914e295324e8aa51c3d75b55395c256a905c6d9ae1e98a004a9e6b3b37d36fce810a426dd5d90408331c0a  maillist.conf
 8660fd01589476bbc01bbe75bed392faa55f55fa9b6fea77be79f339cefb43ddbacdbe193ad136c42da91d4ef7f1e1ec40fc5f8f4f398d04bcebf51d5a59ad1f  greylist.conf
 227f215b4e65bff86428502425f1295b21e0f6e8c4b990e4f19aa8e1bb3f1cee18d1b8644e1223edb606292c786e814acc68d276562c8fb4f23fdce6b538689a  fuzzy_check.conf
 e14c3683b48dde5584cbcd0bd5811f6111a201635dd7400d7703003b4c98255d10be9b64ee81784c1fe1df50159e12d6777086c5a18ee9b14be852d233cf6dc5  dmarc.conf
 ad3fa5e3c4c3d7b882c9e85bdde3b1949a32f2f2c9dd43e38977d828e7b6740d31002c502f24a0ea2e27105d5a6b1af7b7140c5d8e306f90c3f7d28c1e4607d5  dkim.conf
 dcec5c53bd29c345ed5c47727af9a8d11328cc8f69ae61064ba3b053ee306baa79b747067097b2354a1fecd6e6527d56d14c79be22c94531f2a5ddc41ce3ca7e  chartable.conf
-8c72f2172f306fea251303e4c88661041dd217999dc0b8e42076cb4e6832e279bf078eca44e7c7c36ee5ec18a1ec94cf0bed9bd6853498678a7664a783aa54f7  rspamd.conf
+8d7978390a97ab7c3a07d38e6a8e9834f073051a7779b29f79cbcafe73ff2084d3260f75ae11ce20b7c8fa5bb9f888f37dfccd67d244f194ed9cc08fc329c704  rspamd.conf
 667ec0331c811730e096e27f5e8659062239f46e3ccd148411984bb4d83b8770cc0d7d3c74dd5a2da71781e9b99d4bcb5a700cbd5f56ae8e17f7c4e50519ffb2  composites.conf
 4ea651877607573126a731619801458798c1e8e4de3522462af4c71adc38141d09a0c75c2c83a33698e3c51095d0b7d364e1ceb3aa534a4157106370a7800e4a  groups.conf
 78df39cbc6e09cdc5e01d27e123d82aa677a70a6f5d59ba0be8d0ce6af012c5311e4a2527e4fbc586f9cdd8da033e9f05e2371970fa23db60eaa8c16c8e85f05  logging.conf
diff --git a/configs/rspamd/modules/milter_headers.conf b/configs/rspamd/modules/milter_headers.conf
index 730ce4f..3a028f2 100644
--- a/configs/rspamd/modules/milter_headers.conf
+++ b/configs/rspamd/modules/milter_headers.conf
@@ -1,9 +1,10 @@
 milter_headers {
-	use = ["authentication-results"];
-	extended_spam_headers = true;
-	authenticated_headers = ["authentication-results"];
 	skip_local = false;
-	skip_authenticated = true;
+	skip_authenticated = false;
+	extended_spam_headers = false;
+	use = ["x-spamd-bar", "authentication-results"];
+	authenticated_headers = ["authentication-results"];
+	local_headers = ["x-spamd-bar"];
 	spf_symbols {
 		pass = "R_SPF_ALLOW";
 		fail = "R_SPF_FAIL";
diff --git a/configs/rspamd/rspamd.conf b/configs/rspamd/rspamd.conf
index bfed20d..09c590a 100644
--- a/configs/rspamd/rspamd.conf
+++ b/configs/rspamd/rspamd.conf
@@ -34,7 +34,7 @@ options {
 	words_decay = 600;
 
 	# Local networks
-	local_addrs = [10.0.0.0/8];
+	local_addrs = [127.0.0.0/8, 10.0.0.0/8, 0200::/7];
 	hs_cache_dir = "${DBDIR}/";
 
 	# Timeout for messages processing (must be larger than any internal timeout used)
diff --git a/cron/mail/APKBUILD b/cron/mail/APKBUILD
new file mode 100644
index 0000000..d7dec2c
--- /dev/null
+++ b/cron/mail/APKBUILD
@@ -0,0 +1,22 @@
+# Contributor: Alex Denes <caskd@redxen.eu>
+# Maintainer: Alex Denes <caskd@redxen.eu>
+pkgname=redxen-cron-mail
+pkgver=2021.01.13
+pkgrel=1
+pkgdesc="Mail backup maintenance scripts"
+url="https://git.redxen.eu/RedXen"
+arch="noarch"
+license="none"
+install_if="redxen-config-dovecot"
+depends="dcron"
+source="
+	cron-daily
+"
+options="!check"
+
+package() {
+	mkdir -p "$pkgdir"/var/mail/snapshots
+	install -Dm544 cron-daily "$pkgdir"/etc/periodic/daily/snapshot-mail
+}
+
+sha512sums="f89295c25569d57bd5b52255d06036be3d5bd8e40c2f9eeb8f4d6468d2dd510e9c7382348936f47e075d64105888fba9c6a2245c419acea862cd20f6339b1d42  cron-daily"
diff --git a/cron/mail/cron-daily b/cron/mail/cron-daily
new file mode 100644
index 0000000..f028e4e
--- /dev/null
+++ b/cron/mail/cron-daily
@@ -0,0 +1,3 @@
+#!/bin/sh
+/sbin/btrfs subvolume delete /var/mail/snapshots/`date +"%u"`
+/sbin/btrfs subvolume snapshot -r /var/mail /var/mail/snapshots/`date +"%u"`