From 47f90d0916ac34ef132e3bb6da92a4a67dffbba8 Mon Sep 17 00:00:00 2001
From: Cullum Smith <cullum@sacredheartsc.com>
Date: Thu, 3 Oct 2024 08:37:38 -0400
Subject: add postfix/rspamd

---
 .../etc/rspamd/local.d/classifier-bayes.conf.smtp_server     |  3 +++
 .../local/etc/rspamd/local.d/dkim_signing.conf.smtp_server   |  3 +++
 files/usr/local/etc/rspamd/local.d/logging.inc.smtp_server   |  2 ++
 files/usr/local/etc/rspamd/local.d/multimap.conf.smtp_server |  9 +++++++++
 files/usr/local/etc/rspamd/local.d/phishing.conf.smtp_server |  1 +
 files/usr/local/etc/rspamd/local.d/redis.conf.smtp_server    |  1 +
 files/usr/local/etc/rspamd/local.d/replies.conf.smtp_server  |  1 +
 .../etc/rspamd/local.d/worker-controller.inc.smtp_server     | 12 ++++++++++++
 .../local/etc/rspamd/local.d/worker-normal.inc.smtp_server   |  1 +
 .../local/etc/rspamd/local.d/worker-proxy.inc.smtp_server    |  7 +++++++
 10 files changed, 40 insertions(+)
 create mode 100644 files/usr/local/etc/rspamd/local.d/classifier-bayes.conf.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/dkim_signing.conf.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/logging.inc.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/multimap.conf.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/phishing.conf.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/redis.conf.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/replies.conf.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/worker-controller.inc.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/worker-normal.inc.smtp_server
 create mode 100644 files/usr/local/etc/rspamd/local.d/worker-proxy.inc.smtp_server

(limited to 'files/usr/local/etc/rspamd')

diff --git a/files/usr/local/etc/rspamd/local.d/classifier-bayes.conf.smtp_server b/files/usr/local/etc/rspamd/local.d/classifier-bayes.conf.smtp_server
new file mode 100644
index 0000000..38dcf1d
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/classifier-bayes.conf.smtp_server
@@ -0,0 +1,3 @@
+backend = "redis";
+servers = "${rspamd_bayes_redis_sock}";
+autolearn = true;
diff --git a/files/usr/local/etc/rspamd/local.d/dkim_signing.conf.smtp_server b/files/usr/local/etc/rspamd/local.d/dkim_signing.conf.smtp_server
new file mode 100644
index 0000000..f988541
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/dkim_signing.conf.smtp_server
@@ -0,0 +1,3 @@
+path = "${rspamd_data_dir}/dkim/\$domain.key";
+selector = "${rspamd_dkim_selector}";
+allow_username_mismatch = true;
diff --git a/files/usr/local/etc/rspamd/local.d/logging.inc.smtp_server b/files/usr/local/etc/rspamd/local.d/logging.inc.smtp_server
new file mode 100644
index 0000000..7e38af5
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/logging.inc.smtp_server
@@ -0,0 +1,2 @@
+type = syslog;
+facility = mail;
diff --git a/files/usr/local/etc/rspamd/local.d/multimap.conf.smtp_server b/files/usr/local/etc/rspamd/local.d/multimap.conf.smtp_server
new file mode 100644
index 0000000..40b90ee
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/multimap.conf.smtp_server
@@ -0,0 +1,9 @@
+sender_from_whitelist_domain {
+  type = "header";
+  header = "from";
+  filter = "email:domain";
+  map = "file://$LOCAL_CONFDIR/local.d/maps.d/domain-whitelist.map";
+  symbol = "SENDER_FROM_WHITELIST_DOMAIN";
+  description = "Local sender domain whitelist";
+  score = -6.0;
+}
diff --git a/files/usr/local/etc/rspamd/local.d/phishing.conf.smtp_server b/files/usr/local/etc/rspamd/local.d/phishing.conf.smtp_server
new file mode 100644
index 0000000..caa3afe
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/phishing.conf.smtp_server
@@ -0,0 +1 @@
+openphish_enabled = true;
diff --git a/files/usr/local/etc/rspamd/local.d/redis.conf.smtp_server b/files/usr/local/etc/rspamd/local.d/redis.conf.smtp_server
new file mode 100644
index 0000000..cbd32dc
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/redis.conf.smtp_server
@@ -0,0 +1 @@
+servers = "${rspamd_redis_sock}";
diff --git a/files/usr/local/etc/rspamd/local.d/replies.conf.smtp_server b/files/usr/local/etc/rspamd/local.d/replies.conf.smtp_server
new file mode 100644
index 0000000..5f7bc7c
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/replies.conf.smtp_server
@@ -0,0 +1 @@
+action = "no action";
diff --git a/files/usr/local/etc/rspamd/local.d/worker-controller.inc.smtp_server b/files/usr/local/etc/rspamd/local.d/worker-controller.inc.smtp_server
new file mode 100644
index 0000000..26b9b2a
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/worker-controller.inc.smtp_server
@@ -0,0 +1,12 @@
+bind_socket = "0.0.0.0:${rspamd_port}";
+
+password = "${rspamd_ro_password_hash}";
+enable_password = "${rspamd_rw_password_hash}";
+
+keypair {
+  algorithm = "curve25519";
+  privkey = "${rspamd_privkey}";
+  type = "kex";
+  encoding = "base32";
+  pubkey = "${rspamd_pubkey}";
+}
diff --git a/files/usr/local/etc/rspamd/local.d/worker-normal.inc.smtp_server b/files/usr/local/etc/rspamd/local.d/worker-normal.inc.smtp_server
new file mode 100644
index 0000000..a6ee831
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/worker-normal.inc.smtp_server
@@ -0,0 +1 @@
+enabled = false;
diff --git a/files/usr/local/etc/rspamd/local.d/worker-proxy.inc.smtp_server b/files/usr/local/etc/rspamd/local.d/worker-proxy.inc.smtp_server
new file mode 100644
index 0000000..f28080b
--- /dev/null
+++ b/files/usr/local/etc/rspamd/local.d/worker-proxy.inc.smtp_server
@@ -0,0 +1,7 @@
+bind_socket = "${rspamd_milter_sock} owner=${rspamd_user} group=${postfix_user} mode=0660";
+
+count = ${rspamd_processes};
+
+upstream "local" {
+  self_scan = yes;
+}
-- 
cgit v1.2.3