Commit 5af7908d authored by Marius Burkard's avatar Marius Burkard

- fixed apache vhost and ssl settings

- changed some rspamd config to new syntax
parent 4a95363a
......@@ -2,7 +2,7 @@ clamav {
# If set force this action if any virus is found (default unset: no action is forced)
#action = "reject";
# if `true` only messages with non-image attachments will be checked (default true)
attachments_only = true;
scan_mime_parts = true;
# If `max_size` is set, messages > n bytes in size are not scanned
#max_size = 20000000;
# symbol to add (add it to metric if you want non-zero weight)
......
subject = "***SPAM*** %s";
symbol {
weight = 50;
name = "CLAM_VIRUS";
description = "Clamav has found a virus.";
}
symbol {
weight = 50;
name = "JUST_EICAR";
description = "Clamav has found a virus.";
}
symbol {
weight = 0.0;
name = "R_DUMMY";
description = "Dummy symbol";
}
\ No newline at end of file
# RBL
symbol "RBL_SENDERSCORE" {
weight = 4.0;
description = "From address is listed in senderscore.com BL";
}
symbol "RBL_SPAMHAUS_SBL" {
weight = 2.0;
description = "From address is listed in zen sbl";
}
symbol "RBL_SPAMHAUS_CSS" {
weight = 2.0;
description = "From address is listed in zen css";
}
symbol "RBL_SPAMHAUS_XBL" {
weight = 4.0;
description = "From address is listed in zen xbl";
}
symbol "RBL_SPAMHAUS_XBL_ANY" {
weight = 4.0;
description = "From or receive address is listed in zen xbl (any list)";
}
symbol "RBL_SPAMHAUS_PBL" {
weight = 2.0;
description = "From address is listed in zen pbl (ISP list)";
}
symbol "RBL_SPAMHAUS_DROP" {
weight = 7.0;
description = "From address is listed in zen drop bl";
}
symbol "RECEIVED_SPAMHAUS_XBL" {
weight = 3.0;
description = "Received address is listed in zen xbl";
one_shot = true;
}
symbol "RBL_MAILSPIKE_WORST" {
weight = 2.0;
description = "From address is listed in RBL - worst possible reputation";
}
symbol "RBL_MAILSPIKE_VERYBAD" {
weight = 1.5;
description = "From address is listed in RBL - very bad reputation";
}
symbol "RBL_MAILSPIKE_BAD" {
weight = 1.0;
description = "From address is listed in RBL - bad reputation";
}
symbol "RBL_SEM" {
weight = 1.0;
description = "Address is listed in Spameatingmonkey RBL";
}
# /RBL
# SURBL
symbol "PH_SURBL_MULTI" {
weight = 5.5;
description = "SURBL: Phishing sites";
}
symbol "MW_SURBL_MULTI" {
weight = 5.5;
description = "SURBL: Malware sites";
}
symbol "ABUSE_SURBL" {
weight = 5.5;
description = "SURBL: ABUSE";
}
symbol "CRACKED_SURBL" {
weight = 4.0;
description = "SURBL: cracked site";
}
symbol "RAMBLER_URIBL" {
weight = 4.5;
description = "Rambler uribl";
one_shot = true;
}
symbol "RAMBLER_EMAILBL" {
weight = 9.5;
description = "Rambler emailbl";
one_shot = true;
}
symbol "MSBL_EBL" {
weight = 7.5;
description = "MSBL emailbl";
one_shot = true;
}
symbol "SEM_URIBL" {
weight = 3.5;
description = "Spameatingmonkey uribl";
}
symbol "SEM_URIBL_FRESH15" {
weight = 3.0;
description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)";
}
symbol "DBL" {
weight = 0.0;
description = "DBL unknown result";
}
symbol "DBL_SPAM" {
weight = 6.5;
description = "DBL uribl spam";
}
symbol "DBL_PHISH" {
weight = 6.5;
description = "DBL uribl phishing";
}
symbol "DBL_MALWARE" {
weight = 6.5;
description = "DBL uribl malware";
}
symbol "DBL_BOTNET" {
weight = 5.5;
description = "DBL uribl botnet C&C domain";
}
symbol "DBL_ABUSE" {
weight = 6.5;
description = "DBL uribl abused legit spam";
}
symbol "DBL_ABUSE_REDIR" {
weight = 1.5;
description = "DBL uribl abused spammed redirector domain";
}
symbol "DBL_ABUSE_PHISH" {
weight = 7.5;
description = "DBL uribl abused legit phish";
}
symbol "DBL_ABUSE_MALWARE" {
weight = 7.5;
description = "DBL uribl abused legit malware";
}
symbol "DBL_ABUSE_BOTNET" {
weight = 5.5;
description = "DBL uribl abused legit botnet C&C";
}
symbol "URIBL_BLACK" {
weight = 7.5;
description = "uribl.com black url";
}
symbol "URIBL_RED" {
weight = 3.5;
description = "uribl.com red url";
}
symbol "URIBL_GREY" {
weight = 1.5;
description = "uribl.com grey url";
one_shot = true;
}
symbol "URIBL_SBL" {
weight = 6.5;
description = "Spamhaus SBL URIBL";
}
symbol "URIBL_SBL_CSS" {
weight = 6.5;
description = "Spamhaus SBL CSS URIBL";
}
symbol "RBL_SARBL_BAD" {
weight = 2.5;
description = "A domain listed in the mail is blacklisted in SARBL";
}
# /SURBL
actions {
}
\ No newline at end of file
# RBL
symbols = {
"RBL_SENDERSCORE" {
weight = 4.0;
description = "From address is listed in senderscore.com BL";
}
"RBL_SPAMHAUS_SBL" {
weight = 2.0;
description = "From address is listed in zen sbl";
}
"RBL_SPAMHAUS_CSS" {
weight = 2.0;
description = "From address is listed in zen css";
}
"RBL_SPAMHAUS_XBL" {
weight = 4.0;
description = "From address is listed in zen xbl";
}
"RBL_SPAMHAUS_XBL_ANY" {
weight = 4.0;
description = "From or receive address is listed in zen xbl (any list)";
}
"RBL_SPAMHAUS_PBL" {
weight = 2.0;
description = "From address is listed in zen pbl (ISP list)";
}
"RBL_SPAMHAUS_DROP" {
weight = 7.0;
description = "From address is listed in zen drop bl";
}
"RECEIVED_SPAMHAUS_XBL" {
weight = 3.0;
description = "Received address is listed in zen xbl";
one_shot = true;
}
"RBL_MAILSPIKE_WORST" {
weight = 2.0;
description = "From address is listed in RBL - worst possible reputation";
}
"RBL_MAILSPIKE_VERYBAD" {
weight = 1.5;
description = "From address is listed in RBL - very bad reputation";
}
"RBL_MAILSPIKE_BAD" {
weight = 1.0;
description = "From address is listed in RBL - bad reputation";
}
"RBL_SEM" {
weight = 1.0;
description = "Address is listed in Spameatingmonkey RBL";
}
# /RBL
}
symbols = {
# SURBL
"PH_SURBL_MULTI" {
weight = 5.5;
description = "SURBL: Phishing sites";
}
"MW_SURBL_MULTI" {
weight = 5.5;
description = "SURBL: Malware sites";
}
"ABUSE_SURBL" {
weight = 5.5;
description = "SURBL: ABUSE";
}
"CRACKED_SURBL" {
weight = 4.0;
description = "SURBL: cracked site";
}
"RAMBLER_URIBL" {
weight = 4.5;
description = "Rambler uribl";
one_shot = true;
}
"RAMBLER_EMAILBL" {
weight = 9.5;
description = "Rambler emailbl";
one_shot = true;
}
"MSBL_EBL" {
weight = 7.5;
description = "MSBL emailbl";
one_shot = true;
}
"SEM_URIBL" {
weight = 3.5;
description = "Spameatingmonkey uribl";
}
"SEM_URIBL_FRESH15" {
weight = 3.0;
description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)";
}
"DBL" {
weight = 0.0;
description = "DBL unknown result";
}
"DBL_SPAM" {
weight = 6.5;
description = "DBL uribl spam";
}
"DBL_PHISH" {
weight = 6.5;
description = "DBL uribl phishing";
}
"DBL_MALWARE" {
weight = 6.5;
description = "DBL uribl malware";
}
"DBL_BOTNET" {
weight = 5.5;
description = "DBL uribl botnet C&C domain";
}
"DBL_ABUSE" {
weight = 6.5;
description = "DBL uribl abused legit spam";
}
"DBL_ABUSE_REDIR" {
weight = 1.5;
description = "DBL uribl abused spammed redirector domain";
}
"DBL_ABUSE_PHISH" {
weight = 7.5;
description = "DBL uribl abused legit phish";
}
"DBL_ABUSE_MALWARE" {
weight = 7.5;
description = "DBL uribl abused legit malware";
}
"DBL_ABUSE_BOTNET" {
weight = 5.5;
description = "DBL uribl abused legit botnet C&C";
}
"URIBL_BLACK" {
weight = 7.5;
description = "uribl.com black url";
}
"URIBL_RED" {
weight = 3.5;
description = "uribl.com red url";
}
"URIBL_GREY" {
weight = 1.5;
description = "uribl.com grey url";
one_shot = true;
}
"URIBL_SBL" {
weight = 6.5;
description = "Spamhaus SBL URIBL";
}
"URIBL_SBL_CSS" {
weight = 6.5;
description = "Spamhaus SBL CSS URIBL";
}
"RBL_SARBL_BAD" {
weight = 2.5;
description = "A domain listed in the mail is blacklisted in SARBL";
}
# /SURBL
}
subject = "***SPAM*** %s";
symbols = {
"CLAM_VIRUS" {
weight = 50;
description = "Clamav has found a virus.";
}
"JUST_EICAR" {
weight = 50;
description = "Clamav has found a virus.";
}
"R_DUMMY" {
weight = 0.0;
description = "Dummy symbol";
}
}
\ No newline at end of file
......@@ -67,7 +67,7 @@ class letsencrypt {
return false;
}
$cmd = $letsencrypt . " --issue $cmd -w /usr/local/ispconfig/interface/acme && " . $letsencrypt . " --install-cert " . $cmd . " --key-file " . escapeshellarg($key_file) . " --fullchain-file " . escapeshellarg($bundle_file) . " --cert-file " . escapeshellarg($cert_file) . " --reloadcmd " . escapeshellarg($this->get_reload_command());
$cmd = 'R=0 ; C=0 ; ' . $letsencrypt . ' --issue ' . $cmd . ' -w /usr/local/ispconfig/interface/acme ; R=$? ; if [[ $R -eq 0 || $R -eq 2 ]] ; then ' . $letsencrypt . ' --install-cert ' . $cmd . ' --key-file ' . escapeshellarg($key_file) . ' --fullchain-file ' . escapeshellarg($bundle_file) . ' --cert-file ' . escapeshellarg($cert_file) . ' --reloadcmd ' . escapeshellarg($this->get_reload_command()) . '; C=$? ; fi ; if [[ $C -eq 0 ]] ; then exit $R ; else exit $C ; fi';
return $cmd;
}
......
......@@ -394,7 +394,7 @@ class plugin_webserver_apache {
* @param array $data
* @param array $vhost_data
*/
public function processVhosts(&$tpl, &$data, &$vhost_data, $ssl_data) {
public function processVhosts(&$tpl, &$data, &$vhost_data) {
global $app, $conf;
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
......@@ -419,7 +419,7 @@ class plugin_webserver_apache {
unset($tmp_vhost_arr);
//* Add vhost for ipv4 IP with SSL
if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($ssl_data['crt_file']) && @is_file($ssl_data['key_file']) && (@filesize($ssl_data['crt_file'])>0) && (@filesize($ssl_data['key_file'])>0)) {
if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($vhost_data['ssl_crt_file']) && @is_file($vhost_data['ssl_key_file']) && (@filesize($vhost_data['ssl_crt_file'])>0) && (@filesize($vhost_data['ssl_key_file'])>0)) {
$tmp_vhost_arr = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443');
if(count($this->rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $this->rewrite_rules);
$ipv4_ssl_alias_seo_redirects = $this->alias_seo_redirects;
......@@ -456,7 +456,7 @@ class plugin_webserver_apache {
unset($tmp_vhost_arr);
//* Add vhost for ipv6 IP with SSL
if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($ssl_data['crt_file']) && @is_file($ssl_data['key_file']) && (@filesize($ssl_data['crt_file'])>0) && (@filesize($ssl_data['key_file'])>0)) {
if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($vhost_data['ssl_crt_file']) && @is_file($vhost_data['ssl_key_file']) && (@filesize($vhost_data['ssl_crt_file'])>0) && (@filesize($vhost_data['ssl_key_file'])>0)) {
$tmp_vhost_arr = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443');
if(count($this->rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $this->rewrite_rules);
$ipv6_ssl_alias_seo_redirects = $this->alias_seo_redirects;
......@@ -470,7 +470,7 @@ class plugin_webserver_apache {
unset($tmp_vhost_arr, $ipv6_ssl_alias_seo_redirects);
}
}
//* Set the vhost loop
$tpl->setLoop('vhosts', $vhosts);
return;
......
......@@ -1337,16 +1337,11 @@ class plugin_webserver_base {
$config_prefix = '';
if($server_type === 'apache') {
$ssl_data = array(
'crt_file' => $crt_file,
'key_file' => $key_file,
);
$tpl->setVar('apache_version', $app->system->getapacheversion());
$tpl->setVar('apache_full_version', $app->system->getapacheversion(true));
$app->plugin_webserver_apache->processRewriteRules($tpl, $data, $vhost_data);
$app->plugin_webserver_apache->processPhpStarters($tpl, $data, $vhost_data);
$app->plugin_webserver_apache->processVhosts($tpl, $data, $vhost_data, $ssl_data);
$app->plugin_webserver_apache->processVhosts($tpl, $data, $vhost_data);
} elseif($server_type === 'nginx') {
$app->plugin_webserver_nginx->processStatsAuth($tpl, $data, $vhost_data);
$config_prefix = 'nginx_';
......
......@@ -228,16 +228,22 @@ class postfix_server_plugin {
exec('cp '.$conf['rootpath'].'/conf/rspamd_greylist.conf.master /etc/rspamd/local.d/greylist.conf');
}
if(file_exists($conf['rootpath'].'/conf-custom/rspamd_metrics.conf.master')) {
exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_metrics.conf.master /etc/rspamd/local.d/metrics.conf');
if(file_exists($conf['rootpath'].'/conf-custom/rspamd_symbols_antivirus.conf.master')) {
exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_symbols_antivirus.conf.master /etc/rspamd/local.d/antivirus_group.conf');
} else {
exec('cp '.$conf['rootpath'].'/conf/rspamd_metrics.conf.master /etc/rspamd/local.d/metrics.conf');
exec('cp '.$conf['rootpath'].'/conf/rspamd_symbols_antivirus.conf.master /etc/rspamd/local.d/antivirus_group.conf');
}
if(file_exists($conf['rootpath'].'/conf-custom/rspamd_metrics_override.conf.master')) {
exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_metrics_override.conf.master /etc/rspamd/override.d/metrics.conf');
if(file_exists($conf['rootpath'].'/conf-custom/rspamd_override_rbl.conf.master')) {
exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_override_rbl.conf.master /etc/rspamd/override.d/group_rbl.conf');
} else {
exec('cp '.$conf['rootpath'].'/conf/rspamd_metrics_override.conf.master /etc/rspamd/override.d/metrics.conf');
exec('cp '.$conf['rootpath'].'/conf/rspamd_override_rbl.conf.master /etc/rspamd/override.d/group_rbl.conf');
}
if(file_exists($conf['rootpath'].'/conf-custom/rspamd_override_surbl.conf.master')) {
exec('cp '.$conf['rootpath'].'/conf-custom/rspamd_override_surbl.conf.master /etc/rspamd/override.d/group_surbl.conf');
} else {
exec('cp '.$conf['rootpath'].'/conf/rspamd_override_surbl.conf.master /etc/rspamd/override.d/group_surbl.conf');
}
if(file_exists($conf['rootpath'].'/conf-custom/rspamd_mx_check.conf.master')) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment