Gnous/mailcow
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

[Rspamd] allow_hdrfrom_mismatch true, auth_only false (sieve)

Browse Source
This commit is contained in:
andryyy 2020-01-10 20:39:11 +01:00
parent dc97d4f365
commit 03cbed5002
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
data/Dockerfiles/rspamd/docker-entrypoint.sh
View File

@ -27,7 +27,7 @@ until [[ ! -z ${DOVECOT_V4} ]]; do
DOVECOT_V4=$(dig a dovecot +short) DOVECOT_V4=$(dig a dovecot +short)
DOVECOT_V6=$(dig aaaa dovecot +short) DOVECOT_V6=$(dig aaaa dovecot +short)
[[ ! -z ${DOVECOT_V4} ]] && break; [[ ! -z ${DOVECOT_V4} ]] && break;
echo "Waiting for Dovecot" echo "Waiting for Dovecot..."
sleep 3 sleep 3
done done
echo ${DOVECOT_V4}/32 > /etc/rspamd/custom/dovecot_trusted.map echo ${DOVECOT_V4}/32 > /etc/rspamd/custom/dovecot_trusted.map
@ -35,6 +35,20 @@ if [[ ! -z ${DOVECOT_V6} ]]; then
echo ${DOVECOT_V6}/128 >> /etc/rspamd/custom/dovecot_trusted.map echo ${DOVECOT_V6}/128 >> /etc/rspamd/custom/dovecot_trusted.map
fi fi
RSPAMD_V4=
RSPAMD_V6=
until [[ ! -z ${RSPAMD_V4} ]]; do
RSPAMD_V4=$(dig a rspamd +short)
RSPAMD_V6=$(dig aaaa rspamd +short)
[[ ! -z ${RSPAMD_V4} ]] && break;
echo "Waiting for Rspamd..."
sleep 3
done
echo ${RSPAMD_V4}/32 > /etc/rspamd/custom/rspamd_trusted.map
if [[ ! -z ${RSPAMD_V6} ]]; then
echo ${RSPAMD_V6}/128 >> /etc/rspamd/custom/rspamd_trusted.map
fi
chown -R _rspamd:_rspamd /var/lib/rspamd \ chown -R _rspamd:_rspamd /var/lib/rspamd \
/etc/rspamd/local.d \ /etc/rspamd/local.d \
/etc/rspamd/override.d \ /etc/rspamd/override.d \
@ -53,6 +67,7 @@ touch /etc/rspamd/custom/global_mime_from_blacklist.map \
/etc/rspamd/custom/bad_languages.map \ /etc/rspamd/custom/bad_languages.map \
/etc/rspamd/custom/sa-rules \ /etc/rspamd/custom/sa-rules \
/etc/rspamd/custom/dovecot_trusted.map \ /etc/rspamd/custom/dovecot_trusted.map \
/etc/rspamd/custom/rspamd_trusted.map \
/etc/rspamd/custom/ip_wl.map \ /etc/rspamd/custom/ip_wl.map \
/etc/rspamd/custom/fishy_tlds.map \ /etc/rspamd/custom/fishy_tlds.map \
/etc/rspamd/custom/bad_words.map \ /etc/rspamd/custom/bad_words.map \

4
data/conf/rspamd/local.d/dkim_signing.conf
View File

@ -1,13 +1,13 @@
# If false, messages with empty envelope from are not signed # If false, messages with empty envelope from are not signed
allow_envfrom_empty = false; allow_envfrom_empty = false;
# If true, envelope/header domain mismatch is ignored # If true, envelope/header domain mismatch is ignored
allow_hdrfrom_mismatch = false; allow_hdrfrom_mismatch = true;
# If true, multiple from headers are allowed (but only first is used) # If true, multiple from headers are allowed (but only first is used)
allow_hdrfrom_multiple = true; allow_hdrfrom_multiple = true;
# If true, username does not need to contain matching domain # If true, username does not need to contain matching domain
allow_username_mismatch = true; allow_username_mismatch = true;
# If false, messages from authenticated users are not selected for signing # If false, messages from authenticated users are not selected for signing
auth_only = true; auth_only = false;
# Default path to key, can include '$domain' and '$selector' variables # Default path to key, can include '$domain' and '$selector' variables
path = "/data/dkim/keys/$domain.dkim"; path = "/data/dkim/keys/$domain.dkim";
# Default selector to use # Default selector to use