mirrors/maddy
1
0
Fork 0
mirror of https://github.com/foxcpp/maddy.git synced 2025-04-04 21:47:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

dist: Provide a shell script for integration with rspamd

Browse source
This commit is contained in:
fox.cpp 2019-11-29 00:50:59 +03:00
parent 9769bad2de
commit 93ccd18451
No known key found for this signature in database
GPG key ID: E76D97CCEDE90B6C
6 changed files with 83 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

8
dist/README.md vendored
View file

@ -3,6 +3,14 @@
**Disclaimer:** Most of the files here are maintained in a "best-effort" way. **Disclaimer:** Most of the files here are maintained in a "best-effort" way.
That is, they may break or become outdated from time to time. Caveat emptor. That is, they may break or become outdated from time to time. Caveat emptor.
## integration + scripts
These directories provide pre-made configuration snippets suitable for
easy integration with external software.
Usually, this is what you use when you put `import integration/something` in
your config.
## systemd unit ## systemd unit
`maddy.service` launches using default config path (/etc/maddy/maddy.conf). `maddy.service` launches using default config path (/etc/maddy/maddy.conf).

6
dist/install.sh vendored
View file

@ -6,6 +6,9 @@ fi
if [ -z "$FAIL2BANDIR" ]; then if [ -z "$FAIL2BANDIR" ]; then
FAIL2BANDIR=/etc/fail2ban FAIL2BANDIR=/etc/fail2ban
fi fi
if [ -z "$CONFDIR" ]; then
CONFDIR=/etc/maddy
fi
script_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" script_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
cd $script_dir cd $script_dir
@ -18,3 +21,6 @@ install -Dm 0644 -t "$FAIL2BANDIR/jail.d/" fail2ban/jail.d/*
install -Dm 0644 -t "$FAIL2BANDIR/filter.d/" fail2ban/filter.d/* install -Dm 0644 -t "$FAIL2BANDIR/filter.d/" fail2ban/filter.d/*
install -Dm 0644 -t "$PREFIX/lib/systemd/system/" systemd/maddy.service systemd/maddy@.service install -Dm 0644 -t "$PREFIX/lib/systemd/system/" systemd/maddy.service systemd/maddy@.service
install -Dm 0644 -t "$CONFDIR/integration/" integration/rspamd.conf
install -Dm 0755 -t "$PREFIX/bin/" scripts/maddy-rspamd-hook

16
dist/integration/rspamd.conf vendored Normal file
View file

@ -0,0 +1,16 @@
# vim: ft=maddy-conf
#
# This configuration snippet provides integration with message rspamd filtering
# engine via the console utility called rspamc.
#
# To use it, put the following directive in the smtp endpoint configuration block:
# import integration/rspamd
#
check {
command maddy-rspamd-hook {source_ip} {source_host} {sender} {
code 1 reject
code 2 quarantine
code 3 reject 450 4.7.0 "Message rejected due to a local policy"
}
}

47
dist/scripts/maddy-rspamd-hook vendored Executable file
View file

@ -0,0 +1,47 @@
#!/bin/sh
out=$(rspamc -i "$1" --helo "$2" -F "$3")
action=$(echo "$out" | grep '^Action:' | cut -d " " -f 2-)
score=$(echo "$out" | grep '^Score:' | cut -d " " -f 2)
spam=$(echo "$out" | grep '^Spam:' | cut -d " " -f 2)
echo 'X-Spam-Score:' "$score"
case "$spam" in
"false")
echo 'X-Spam-Flag: NO'
;;
"true")
echo 'X-Spam-Flag: YES'
;;
esac
case "$action" in
"reject")
exit 1
;;
"rewrite subject")
exit 2
;;
"add header")
exit 2
;;
"quarantine")
exit 2
;;
"soft reject")
exit 3
;;
"no action")
exit 0
;;
"greylist")
# Default rspamd configuration uses 'greylist' action a lot, we ignore
# it explicitly since we have no support for greylisting (yet).
exit 0
;;
*)
exit 128
;;
esac

10
get.sh
View file

@ -14,8 +14,8 @@ fi
if [ "$SYSTEMDUNITS" == "" ]; then if [ "$SYSTEMDUNITS" == "" ]; then
SYSTEMDUNITS=$PREFIX/lib/systemd SYSTEMDUNITS=$PREFIX/lib/systemd
fi fi
if [ "$CONFPATH" == "" ]; then if [ "$CONFDIR" == "" ]; then
CONFPATH=/etc/maddy/maddy.conf CONFDIR=/etc/maddy
fi fi
if [ "$SUDO" == "" ]; then if [ "$SUDO" == "" ]; then
SUDO=sudo SUDO=sudo
@ -142,8 +142,8 @@ create_user() {
} }
install_config() { install_config() {
echo 'Using configuration path:' $CONFPATH echo 'Using configuration path:' $CONFDIR/maddy.conf
if ! [ -e "$CONFPATH" ]; then if ! [ -e "$CONFDIR/maddy.conf" ]; then
echo 'Installing default configuration...' >&2 echo 'Installing default configuration...' >&2
install "$(source_dir)/maddy.conf" /tmp/maddy.conf install "$(source_dir)/maddy.conf" /tmp/maddy.conf
@ -160,7 +160,7 @@ install_config() {
sed -Ei "s/^\\$\\(primary_domain\) = .+$/$\(primary_domain\) = $DOMAIN/" /tmp/maddy.conf sed -Ei "s/^\\$\\(primary_domain\) = .+$/$\(primary_domain\) = $DOMAIN/" /tmp/maddy.conf
sed -Ei "s/^\\$\\(hostname\) = .+$/$\(hostname\) = $DOMAIN/" /tmp/maddy.conf sed -Ei "s/^\\$\\(hostname\) = .+$/$\(hostname\) = $DOMAIN/" /tmp/maddy.conf
$SUDO install -Dm 0644 /tmp/maddy.conf "$CONFPATH" $SUDO install -Dm 0644 /tmp/maddy.conf "$CONFDIR/maddy.conf"
rm /tmp/maddy.conf rm /tmp/maddy.conf
else else
echo "Configuration already exists in /etc/maddy/maddy.conf, skipping defaults installation." >&2 echo "Configuration already exists in /etc/maddy/maddy.conf, skipping defaults installation." >&2

2
package.sh
View file

@ -15,7 +15,7 @@ if [ "$pkgdir" = "" ]; then
rm -rf "$pkgdir" rm -rf "$pkgdir"
mkdir "$pkgdir" mkdir "$pkgdir"
fi fi
export PREFIX="$pkgdir"/usr FAIL2BANDIR="$pkgdir"/etc/fail2ban CONFPATH="$pkgdir"/etc/maddy/maddy.conf NO_RUN=1 SUDO=fakeroot HOSTNAME=example.org export PREFIX="$pkgdir"/usr FAIL2BANDIR="$pkgdir"/etc/fail2ban CONFDIR="$pkgdir"/etc/maddy NO_RUN=1 SUDO=fakeroot HOSTNAME=example.org
# shellcheck source=get.sh # shellcheck source=get.sh
. "$script_dir"/get.sh . "$script_dir"/get.sh