dist: Provide a shell script for integration with rspamd

2025-04-04 05:37:34 +03:00 · 2019-11-29 00:50:59 +03:00 · 2019-11-29 00:50:59 +03:00 · 93ccd18451
commit 93ccd18451
parent 9769bad2de
6 changed files with 83 additions and 6 deletions
--- a/dist/README.md
+++ b/dist/README.md
@ -3,6 +3,14 @@
 **Disclaimer:** Most of the files here are maintained in a "best-effort" way.
 That is, they may break or become outdated from time to time. Caveat emptor.

+## integration + scripts
+
+These directories provide pre-made configuration snippets suitable for
+easy integration with external software.
+
+Usually, this is what you use when you put `import integration/something` in
+your config.
+
 ## systemd unit

 `maddy.service` launches using default config path (/etc/maddy/maddy.conf).
--- a/dist/install.sh
+++ b/dist/install.sh
@ -6,6 +6,9 @@ fi
 if [ -z "$FAIL2BANDIR" ]; then
    FAIL2BANDIR=/etc/fail2ban
 fi
+if [ -z "$CONFDIR" ]; then
+    CONFDIR=/etc/maddy
+fi

 script_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
 cd $script_dir
@ -18,3 +21,6 @@ install -Dm 0644 -t "$FAIL2BANDIR/jail.d/" fail2ban/jail.d/*
 install -Dm 0644 -t "$FAIL2BANDIR/filter.d/" fail2ban/filter.d/*

 install -Dm 0644 -t "$PREFIX/lib/systemd/system/" systemd/maddy.service systemd/maddy@.service
+
+install -Dm 0644 -t "$CONFDIR/integration/" integration/rspamd.conf
+install -Dm 0755 -t "$PREFIX/bin/" scripts/maddy-rspamd-hook
--- a/dist/integration/rspamd.conf
+++ b/dist/integration/rspamd.conf
@ -0,0 +1,16 @@
+# vim: ft=maddy-conf
+#
+# This configuration snippet provides integration with message rspamd filtering
+# engine via the console utility called rspamc.
+#
+# To use it, put the following directive in the smtp endpoint configuration block:
+#   import integration/rspamd
+#
+
+check {
+    command maddy-rspamd-hook {source_ip} {source_host} {sender} {
+        code 1 reject
+        code 2 quarantine
+        code 3 reject 450 4.7.0 "Message rejected due to a local policy"
+    }
+}
--- a/dist/scripts/maddy-rspamd-hook
+++ b/dist/scripts/maddy-rspamd-hook
@ -0,0 +1,47 @@
+#!/bin/sh
+
+out=$(rspamc -i "$1" --helo "$2" -F "$3")
+action=$(echo "$out" | grep '^Action:' | cut -d " " -f 2-)
+score=$(echo "$out" | grep '^Score:' | cut -d " " -f 2)
+spam=$(echo "$out" | grep '^Spam:' | cut -d " " -f 2)
+
+echo 'X-Spam-Score:' "$score"
+
+case "$spam" in
+    "false")
+        echo 'X-Spam-Flag: NO'
+        ;;
+    "true")
+        echo 'X-Spam-Flag: YES'
+        ;;
+esac
+
+case "$action" in
+    "reject")
+        exit 1
+        ;;
+    "rewrite subject")
+        exit 2
+        ;;
+    "add header")
+        exit 2
+        ;;
+    "quarantine")
+        exit 2
+        ;;
+    "soft reject")
+        exit 3
+        ;;
+    "no action")
+        exit 0
+        ;;
+    "greylist")
+        # Default rspamd configuration uses 'greylist' action a lot, we ignore
+        # it explicitly since we have no support for greylisting (yet).
+        exit 0
+        ;;
+    *)
+        exit 128
+        ;;
+esac
+