Merge branch 'rspamd' into 'stable-3.1'

Implements rspamd support for rspamd in ISPConfig, fixes #3807 

See merge request !902

install/dist/conf/centos70.conf.php

@@ -147,6 +147,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavisd';
 $conf['amavis']['init_script'] = 'amavisd';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamd@amavisd';

install/dist/conf/centos72.conf.php

@@ -147,6 +147,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavisd';
 $conf['amavis']['init_script'] = 'amavisd';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamd@amavisd';

install/dist/conf/debian40.conf.php

@@ -149,6 +149,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavis';
 $conf['amavis']['init_script'] = 'amavis';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamav-daemon';

install/dist/conf/debian60.conf.php

@@ -149,6 +149,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavis';
 $conf['amavis']['init_script'] = 'amavis';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamav-daemon';

install/dist/conf/debian90.conf.php

@@ -153,6 +153,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavis';
 $conf['amavis']['init_script'] = 'amavis';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamav-daemon';

install/dist/conf/debiantesting.conf.php

@@ -153,6 +153,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavis';
 $conf['amavis']['init_script'] = 'amavis';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamav-daemon';

install/dist/conf/fedora9.conf.php

@@ -147,6 +147,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavisd';
 $conf['amavis']['init_script'] = 'amavisd';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamd.amavisd';

install/dist/conf/gentoo.conf.php

@@ -162,6 +162,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_file'] = '/etc/amavisd.conf';
 $conf['amavis']['init_script'] = 'amavisd';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamd';

install/dist/conf/opensuse112.conf.php

@@ -147,6 +147,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc';
 $conf['amavis']['init_script'] = 'amavis';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamd';

install/dist/conf/ubuntu1604.conf.php

@@ -149,6 +149,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavis';
 $conf['amavis']['init_script'] = 'amavis';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamav-daemon';

install/dist/conf/ubuntu1710.conf.php

@@ -149,6 +149,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavis';
 $conf['amavis']['init_script'] = 'amavis';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamav-daemon';

install/dist/conf/ubuntu1804.conf.php

@@ -149,6 +149,11 @@ $conf['amavis']['installed'] = false; // will be detected automatically during i
 $conf['amavis']['config_dir'] = '/etc/amavis';
 $conf['amavis']['init_script'] = 'amavis';
 
+//* Rspamd
+$conf['rspamd']['installed'] = false; // will be detected automatically during installation
+$conf['rspamd']['config_dir'] = '/etc/rspamd';
+$conf['rspamd']['init_script'] = 'rspamd';
+
 //* ClamAV
 $conf['clamav']['installed'] = false; // will be detected automatically during installation
 $conf['clamav']['init_script'] = 'clamav-daemon';
@@ -227,4 +232,4 @@ $conf['xmpp']['installed'] = false;
 $conf['xmpp']['init_script'] = 'metronome';
 
 
-?>
\ No newline at end of file
+?>

install/dist/lib/debian60.lib.php

@@ -68,7 +68,6 @@ class installer extends installer_base {
 		}
 
 		//* Reconfigure postfix to use dovecot authentication
-		// Adding the amavisd commands to the postfix configuration
 		$postconf_commands = array (
 			'dovecot_destination_recipient_limit = 1',
 			'virtual_transport = '.$virtual_transport,

install/dist/lib/fedora.lib.php

@@ -401,7 +401,6 @@ class installer_dist extends installer_base {
 		}
 
 		//* Reconfigure postfix to use dovecot authentication
-		// Adding the amavisd commands to the postfix configuration
 		$postconf_commands = array (
 			'dovecot_destination_recipient_limit = 1',
 			'virtual_transport = '.$virtual_transport,

install/install.php

@@ -385,7 +385,14 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Mail
 			$inst->configure_amavis();
 		}
 
-		//* Configure Getmail
+		//* Configure Rspamd
+		$force = @($conf['rspamd']['installed']) ? true : $inst->force_configure_app('Rspamd', ($install_mode == 'expert'));
+		if($force) {
+			swriteln('Configuring Rspamd');
+			$inst->configure_rspamd();
+		}
+
+//* Configure Getmail
 		$force = @($conf['getmail']['installed']) ? true : $inst->force_configure_app('Getmail', ($install_mode == 'expert'));
 		if($force) {
 			swriteln('Configuring Getmail');
@@ -538,20 +545,6 @@ $install_ispconfig_interface_default = ($conf['mysql']['master_slave_setup'] ==
 if($install_mode == 'standard' || strtolower($inst->simple_query('Install ISPConfig Web Interface', array('y', 'n'), $install_ispconfig_interface_default,'install_ispconfig_web_interface')) == 'y') {
 	swriteln('Installing ISPConfig');
 
-	//** We want to check if the server is a module or cgi based php enabled server
-	//** TODO: Don't always ask for this somehow ?
-	/*
-	$fast_cgi = $inst->simple_query('CGI PHP Enabled Server?', array('yes','no'),'no');
-
-	if($fast_cgi == 'yes') {
-		$alias = $inst->free_query('Script Alias', '/php/');
-		$path = $inst->free_query('Script Alias Path', '/path/to/cgi/bin');
-		$conf['apache']['vhost_cgi_alias'] = sprintf('ScriptAlias %s %s', $alias, $path);
-	} else {
-		$conf['apache']['vhost_cgi_alias'] = "";
-	}
-	*/
-
 	//** Customise the port ISPConfig runs on
 	$ispconfig_vhost_port = $inst->free_query('ISPConfig Port', '8080','ispconfig_port');
 	$temp_admin_password = str_shuffle(bin2hex(openssl_random_pseudo_bytes(4)));
@@ -602,6 +595,7 @@ if($conf['mysql']['installed'] == true && $conf['mysql']['init_script'] != '') s
 if($conf['postfix']['installed'] == true && $conf['postfix']['init_script'] != '') system($inst->getinitcommand($conf['postfix']['init_script'], 'restart'));
 if($conf['saslauthd']['installed'] == true && $conf['saslauthd']['init_script'] != '') system($inst->getinitcommand($conf['saslauthd']['init_script'], 'restart'));
 if($conf['amavis']['installed'] == true && $conf['amavis']['init_script'] != '') system($inst->getinitcommand($conf['amavis']['init_script'], 'restart'));
+if($conf['rspamd']['installed'] == true && $conf['rspamd']['init_script'] != '') system($inst->getinitcommand($conf['rspamd']['init_script'], 'restart'));
 if($conf['clamav']['installed'] == true && $conf['clamav']['init_script'] != '') system($inst->getinitcommand($conf['clamav']['init_script'], 'restart'));
 if($conf['courier']['installed'] == true){
 	if($conf['courier']['courier-authdaemon'] != '') system($inst->getinitcommand($conf['courier']['courier-authdaemon'], 'restart'));

install/lib/classes/tpl.inc.php

@@ -357,147 +357,6 @@ if (!defined('vlibTemplateClassLoaded')) {
 			return true;
 		}
 
-		/**
-		 * [** EXPERIMENTAL **]
-		 * Function to create a loop from a Db result resource link.
-		 * @param string $loopname to commit loop. If not set, will use last loopname set using newLoop()
-		 * @param string $result link to a Db result resource
-		 * @param string $db_type, type of db that the result resource belongs to.
-		 * @return boolean true/false
-		 * @access public
-		 */
-		public function setDbLoop($loopname, $result, $db_type = 'MYSQL')
-		{
-			/*
-			$db_type = strtoupper($db_type);
-            if (!in_array($db_type, $this->allowed_loop_dbs)) {
-                vlibTemplateError::raiseError('VT_WARNING_INVALID_LOOP_DB', WARNING, $db_type);
-                return false;
-            }
-
-            $loop_arr = array();
-            // TODO: Are all these necessary as were onyl using mysql and possible postgres ? - pedro
-            switch ($db_type) {
-
-                case 'MYSQL':
-                    if (get_resource_type($result) != 'mysql result') {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while($r = mysql_fetch_assoc($result)) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'POSTGRESQL':
-                    if (get_resource_type($result) != 'pgsql result') {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-
-                    $nr = (function_exists('pg_num_rows')) ? pg_num_rows($result) : pg_numrows($result);
-
-                    for ($i=0; $i < $nr; $i++) {
-                        $loop_arr[] = pg_fetch_array($result, $i, PGSQL_ASSOC);
-                    }
-                    break;
-
-                case 'INFORMIX':
-                    if (!$result) {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while($r = ifx_fetch_row($result, 'NEXT')) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'INTERBASE':
-                    if (get_resource_type($result) != 'interbase result') {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while($r = ibase_fetch_row($result)) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'INGRES':
-                    if (!$result) {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while($r = ingres_fetch_array(INGRES_ASSOC, $result)) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'MSSQL':
-                    if (get_resource_type($result) != 'mssql result') {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while($r = mssql_fetch_array($result)) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'MSQL':
-                    if (get_resource_type($result) != 'msql result') {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while($r = msql_fetch_array($result, MSQL_ASSOC)) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'OCI8':
-                    if (get_resource_type($result) != 'oci8 statement') {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while(OCIFetchInto($result, &$r, OCI_ASSOC+OCI_RETURN_LOBS)) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'ORACLE':
-                    if (get_resource_type($result) != 'oracle Cursor') {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while(ora_fetch_into($result, &$r, ORA_FETCHINTO_ASSOC)) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'OVRIMOS':
-                    if (!$result) {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-                    while(ovrimos_fetch_into($result, &$r, 'NEXT')) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-
-                case 'SYBASE':
-                    if (get_resource_type($result) != 'sybase-db result') {
-                        vlibTemplateError::raiseError('VT_WARNING_INVALID_RESOURCE', WARNING, $db_type);
-                        return false;
-                    }
-
-                    while($r = sybase_fetch_array($result)) {
-                        $loop_arr[] = $r;
-                    }
-                    break;
-            }
-            $this->setLoop($loopname, $loop_arr);
-            return true;
-			*/
-		}
-
 		/**
 		 * Sets the name for the curent loop in the 3 step loop process.
 		 * @param string $name string to define loop name

install/lib/installer_base.lib.php

@@ -163,6 +163,7 @@ class installer_base {
 		if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
 		if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
 		if(is_installed('amavisd-new') || is_installed('amavisd')) $conf['amavis']['installed'] = true;
+		if(is_installed('rspamd')) $conf['rspamd']['installed'] = true;
 		if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
 		if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
 		if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
@@ -1426,6 +1427,192 @@ class installer_base {
 
 	}
 
+	public function configure_rspamd() {
+		global $conf;
+		
+		//* These postconf commands will be executed on installation and update
+		$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
+		$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
+		unset($server_ini_rec);
+		
+		$mail_config = $server_ini_array['mail'];
+		if($mail_config['content_filter'] === 'rspamd') {
+			exec("postconf -X 'receive_override_options'");
+			exec("postconf -X 'content_filter'");
+
+			exec("postconf -e 'smtpd_milters = inet:localhost:11332'");
+			exec("postconf -e 'non_smtpd_milters = inet:localhost:11332'");
+			exec("postconf -e 'milter_protocol = 6'");
+			exec("postconf -e 'milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}'");
+			exec("postconf -e 'milter_default_action = accept'");
+
+			exec("postconf -e 'smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, permit_mynetworks, permit_sasl_authenticated'");
+
+			$new_options = array();
+			$options = preg_split("/,\s*/", exec("postconf -h smtpd_recipient_restrictions"));
+			foreach ($options as $value) {
+				if (!preg_match('/check_policy_service\s+inet:127.0.0.1:10023/', $value)) {
+					$new_options[] = $value;
+				}
+			}
+			exec("postconf -e 'smtpd_recipient_restrictions = ".implode(", ", $new_options)."'");
+			
+		}
+
+		if(is_user('_rspamd') && is_group('amavis')) {
+			exec("usermod -G amavis _rspamd");
+		} elseif(is_user('rspamd') && is_group('amavis')) {
+			exec("usermod -G amavis rspamd");
+		}
+				
+		if(!is_dir('/etc/rspamd/local.d/')){
+			mkdir('/etc/rspamd/local.d/', 0755, true);
+		}
+
+		if(!is_dir('/etc/rspamd/override.d/')){
+			mkdir('/etc/rspamd/override.d/', 0755, true);
+		}
+		
+		if ( substr($mail_config['dkim_path'], strlen($mail_config['dkim_path'])-1) == '/' ) {
+			$mail_config['dkim_path'] = substr($mail_config['dkim_path'], 0, strlen($mail_config['dkim_path'])-1);
+		}
+		$dkim_domains = $this->db->queryAllRecords('SELECT `dkim_selector`, `domain` FROM ?? WHERE `dkim` = ? ORDER BY `domain` ASC', $conf['mysql']['database'] . '.mail_domain', 'y');
+		$fpp = fopen('/etc/rspamd/local.d/dkim_domains.map', 'w');
+		$fps = fopen('/etc/rspamd/local.d/dkim_selectors.map', 'w');
+		foreach($dkim_domains as $dkim_domain) {
+			fwrite($fpp, $dkim_domain['domain'] . ' ' . $mail_config['dkim_path'] . '/' . $dkim_domain['domain'] . '.private' . "\n");
+			fwrite($fps, $dkim_domain['domain'] . ' ' . $dkim_domain['dkim_selector'] . "\n");
+		}
+		fclose($fpp);
+		fclose($fps);
+		unset($dkim_domains);
+
+		$tpl = new tpl();
+		$tpl->newTemplate('rspamd_users.conf.master');
+
+		$whitelist_ips = array();
+		$ips = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ?", $conf['server_id']);
+		if(is_array($ips) && !empty($ips)){
+			foreach($ips as $ip){
+				$whitelist_ips[] = array('ip' => $ip['ip_address']);
+			}
+		}
+		$tpl->setLoop('whitelist_ips', $whitelist_ips);
+		wf('/etc/rspamd/local.d/users.conf', $tpl->grab());
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_groups.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_groups.conf.master /etc/rspamd/local.d/groups.conf');
+		} else {
+			exec('cp tpl/rspamd_groups.conf.master /etc/rspamd/local.d/groups.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_antivirus.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_antivirus.conf.master /etc/rspamd/local.d/antivirus.conf');
+		} else {
+			exec('cp tpl/rspamd_antivirus.conf.master /etc/rspamd/local.d/antivirus.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_classifier-bayes.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_classifier-bayes.conf.master /etc/rspamd/local.d/classifier-bayes.conf');
+		} else {
+			exec('cp tpl/rspamd_classifier-bayes.conf.master /etc/rspamd/local.d/classifier-bayes.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_greylist.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_greylist.conf.master /etc/rspamd/local.d/greylist.conf');
+		} else {
+			exec('cp tpl/rspamd_greylist.conf.master /etc/rspamd/local.d/greylist.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_symbols_antivirus.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_symbols_antivirus.conf.master /etc/rspamd/local.d/antivirus_group.conf');
+		} else {
+			exec('cp tpl/rspamd_symbols_antivirus.conf.master /etc/rspamd/local.d/antivirus_group.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_override_rbl.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_override_rbl.conf.master /etc/rspamd/override.d/rbl_group.conf');
+		} else {
+			exec('cp tpl/rspamd_override_rbl.conf.master /etc/rspamd/override.d/rbl_group.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_override_surbl.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_override_surbl.conf.master /etc/rspamd/override.d/surbl_group.conf');
+		} else {
+			exec('cp tpl/rspamd_override_surbl.conf.master /etc/rspamd/override.d/surbl_group.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_mx_check.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_mx_check.conf.master /etc/rspamd/local.d/mx_check.conf');
+		} else {
+			exec('cp tpl/rspamd_mx_check.conf.master /etc/rspamd/local.d/mx_check.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_redis.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_redis.conf.master /etc/rspamd/local.d/redis.conf');
+		} else {
+			exec('cp tpl/rspamd_redis.conf.master /etc/rspamd/local.d/redis.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_milter_headers.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_milter_headers.conf.master /etc/rspamd/local.d/milter_headers.conf');
+		} else {
+			exec('cp tpl/rspamd_milter_headers.conf.master /etc/rspamd/local.d/milter_headers.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_options.inc.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_options.inc.master /etc/rspamd/local.d/options.inc');
+		} else {
+			exec('cp tpl/rspamd_options.inc.master /etc/rspamd/local.d/options.inc');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_neural.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_neural.conf.master /etc/rspamd/local.d/neural.conf');
+		} else {
+			exec('cp tpl/rspamd_neural.conf.master /etc/rspamd/local.d/neural.conf');
+		}
+
+		if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_neural_group.conf.master')) {
+			exec('cp '.$conf['ispconfig_install_dir'].'/server/conf-custom/install/rspamd_neural_group.conf.master /etc/rspamd/local.d/neural_group.conf');
+		} else {
+			exec('cp tpl/rspamd_neural_group.conf.master /etc/rspamd/local.d/neural_group.conf');
+		}
+
+		exec('chmod a+r /etc/rspamd/local.d/* /etc/rspamd/override.d/*');
+
+		$tpl = new tpl();
+		$tpl->newTemplate('rspamd_dkim_signing.conf.master');
+		$tpl->setVar('dkim_path', $mail_config['dkim_path']);
+		wf('/etc/rspamd/local.d/dkim_signing.conf', $tpl->grab());
+
+		$command = 'usermod -a -G amavis _rspamd';
+		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			
+		if(strpos(rf('/etc/rspamd/rspamd.conf'), '.include "$LOCAL_CONFDIR/local.d/users.conf"') === false){
+			af('/etc/rspamd/rspamd.conf', '.include "$LOCAL_CONFDIR/local.d/users.conf"');
+		}
+		
+		if(!isset($mail_config['rspamd_password']) || !$mail_config['rspamd_password']) {
+			$mail_config['rspamd_password'] = str_shuffle(bin2hex(openssl_random_pseudo_bytes(12)));
+			
+			$server_ini_array['mail']['rspamd_password'] = $mail_config['rspamd_password'];
+		}
+
+		$server_ini_array['mail']['rspamd_available'] = 'y';
+		$server_ini_string = array_to_ini($server_ini_array);
+		if($this->dbmaster != $this->db) {
+			$this->dbmaster->query('UPDATE `server` SET `config` = ? WHERE `server_id` = ?', $server_ini_string, $conf['server_id']);
+		}
+		$this->db->query('UPDATE `server` SET `config` = ? WHERE `server_id` = ?', $server_ini_string, $conf['server_id']);
+		unset($server_ini_array);
+		unset($server_ini_string);
+		
+		$tpl = new tpl();
+		$tpl->newTemplate('rspamd_worker-controller.inc.master');
+		$tpl->setVar('rspamd_password', $mail_config['rspamd_password']);
+		wf('/etc/rspamd/local.d/worker-controller.inc', $tpl->grab());		
+	}
+
 	public function configure_spamassassin() {
 		global $conf;
 

install/lib/update.lib.php

@@ -103,7 +103,7 @@ function checkDbHealth() {
 	$notok = array();
 
 	echo "Checking ISPConfig database .. ";
-	exec("mysqlcheck -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -P ".escapeshellarg($conf['mysql']['port'])." -r ".escapeshellarg($conf["mysql"]["database"]), $result);
+	exec("mysqlcheck -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -P ".escapeshellarg($conf['mysql']['port'])." --auto-repair ".escapeshellarg($conf["mysql"]["database"]), $result);
 	for( $i=0; $i<sizeof($result);$i++) {
 		if ( substr($result[$i], -2) != "OK" ) {
 			$notok[] = $result[$i];

install/sql/incremental/upd_dev_collection.sql

+-- rspamd
+ALTER TABLE `spamfilter_policy` ADD `rspamd_greylisting` ENUM('n','y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'n' AFTER `policyd_greylist`;
+ALTER TABLE `spamfilter_policy` ADD `rspamd_spam_greylisting_level` DECIMAL(5,2) NULL DEFAULT NULL AFTER `rspamd_greylisting`;
+ALTER TABLE `spamfilter_policy` ADD `rspamd_spam_tag_level` DECIMAL(5,2) NULL DEFAULT NULL AFTER `rspamd_spam_greylisting_level`;
+ALTER TABLE `spamfilter_policy` ADD `rspamd_spam_tag_method` ENUM('add_header','rewrite_subject') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'rewrite_subject' AFTER `rspamd_spam_tag_level`;
+ALTER TABLE `spamfilter_policy` ADD `rspamd_spam_kill_level` DECIMAL(5,2) NULL DEFAULT NULL AFTER `rspamd_spam_tag_method`;
+
+UPDATE `spamfilter_policy` SET `rspamd_greylisting` = 'y' WHERE id = 4;
+UPDATE `spamfilter_policy` SET `rspamd_greylisting` = 'y' WHERE id = 5;
+UPDATE `spamfilter_policy` SET `rspamd_greylisting` = 'y' WHERE id = 6;
+
+UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '4.00';
+UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '6.00' WHERE id = 1;
+UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '999.00' WHERE id = 2;
+UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '999.00' WHERE id = 3;
+UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '2.00' WHERE id = 6;
+UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '7.00' WHERE id = 7;
+
+UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '6.00';
+UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '8.00' WHERE id = 1;
+UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '999.00' WHERE id = 2;
+UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '999.00' WHERE id = 3;
+UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '4.00' WHERE id = 6;
+UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '10.00' WHERE id = 7;
+
+UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '10.00';
+UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '12.00' WHERE id = 1;
+UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '999.00' WHERE id = 2;
+UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '999.00' WHERE id = 3;
+UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '8.00' WHERE id = 6;
+UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '20.00' WHERE id = 7;
+-- end of rspamd
 ALTER TABLE `client` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL;
 ALTER TABLE `ftp_user` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL;
 ALTER TABLE `shell_user` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL;
 ALTER TABLE `sys_user` CHANGE COLUMN `passwort` `passwort` VARCHAR(200) DEFAULT NULL;
-ALTER TABLE `webdav_user` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL;
\ No newline at end of file
+ALTER TABLE `webdav_user` CHANGE COLUMN `password` `password` VARCHAR(200) DEFAULT NULL;

install/sql/incremental/upd_dev_collection.sql.rej

+--- install/sql/incremental/upd_dev_collection.sql
++++ install/sql/incremental/upd_dev_collection.sql
+@@ -80,4 +80,37 @@ INSERT IGNORE INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_us
+ 
+ ALTER TABLE `dns_soa` CHANGE `xfer` `xfer` TEXT NULL;
+ ALTER TABLE `dns_soa` CHANGE `also_notify` `also_notify` TEXT NULL;
+-ALTER TABLE `dns_slave` CHANGE `xfer` `xfer` TEXT NULL;+ALTER TABLE `dns_slave` CHANGE `xfer` `xfer` TEXT NULL;
++
++-- rspamd
++ALTER TABLE `spamfilter_policy` ADD `rspamd_greylisting` ENUM('n','y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'n' AFTER `policyd_greylist`;
++ALTER TABLE `spamfilter_policy` ADD `rspamd_spam_greylisting_level` DECIMAL(5,2) NULL DEFAULT NULL AFTER `rspamd_greylisting`;
++ALTER TABLE `spamfilter_policy` ADD `rspamd_spam_tag_level` DECIMAL(5,2) NULL DEFAULT NULL AFTER `rspamd_spam_greylisting_level`;
++ALTER TABLE `spamfilter_policy` ADD `rspamd_spam_tag_method` ENUM('add_header','rewrite_subject') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'rewrite_subject' AFTER `rspamd_spam_tag_level`;
++ALTER TABLE `spamfilter_policy` ADD `rspamd_spam_kill_level` DECIMAL(5,2) NULL DEFAULT NULL AFTER `rspamd_spam_tag_method`;
++
++UPDATE `spamfilter_policy` SET `rspamd_greylisting` = 'y' WHERE id = 4;
++UPDATE `spamfilter_policy` SET `rspamd_greylisting` = 'y' WHERE id = 5;
++UPDATE `spamfilter_policy` SET `rspamd_greylisting` = 'y' WHERE id = 6;
++
++UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '4.00';
++UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '6.00' WHERE id = 1;
++UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '999.00' WHERE id = 2;
++UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '999.00' WHERE id = 3;
++UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '2.00' WHERE id = 6;
++UPDATE `spamfilter_policy` SET `rspamd_spam_greylisting_level` = '7.00' WHERE id = 7;
++
++UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '6.00';
++UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '8.00' WHERE id = 1;
++UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '999.00' WHERE id = 2;
++UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '999.00' WHERE id = 3;
++UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '4.00' WHERE id = 6;
++UPDATE `spamfilter_policy` SET `rspamd_spam_tag_level` = '10.00' WHERE id = 7;
++
++UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '10.00';
++UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '12.00' WHERE id = 1;
++UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '999.00' WHERE id = 2;
++UPDATE `spamfilter_policy` SET `rspamd_spam_kill_level` = '999.00' WHERE id = 3;
+