install/tpl/opensuse_dovecot2.conf.master

@@ -7,6 +7,7 @@ mail_privileged_group = vmail
 ssl_cert = </etc/postfix/smtpd.cert
 ssl_key = </etc/postfix/smtpd.key
 ssl_protocols = !SSLv2 !SSLv3
+mail_plugins = quota
 passdb {
   args = /etc/dovecot/dovecot-sql.conf
   driver = sql
@@ -60,7 +61,6 @@ protocol lmtp {
   postmaster_address = webmaster@localhost
   mail_plugins = quota sieve
 }
-mail_plugins = $mail_plugins quota
 imap_capability=+SEPCIAL-USE XLIST
 namespace inbox {
   inbox = yes

install/tpl/opensuse_postfix.conf.master

-alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
-alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
 virtual_alias_domains =
-virtual_alias_maps = hash:/etc/mailman/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
+virtual_alias_maps = proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
 virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
 virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
 virtual_mailbox_base = {vmail_mailbox_base}
@@ -18,7 +18,7 @@ smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert
 smtpd_tls_key_file = {config_dir}/smtpd.key
-transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:{config_dir}/mysql-virtual_transports.cf
+transport_maps = proxy:mysql:{config_dir}/mysql-virtual_transports.cf
 relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
 relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf

install/tpl/rspamd_antivirus.conf.master

+clamav {
+    # If set force this action if any virus is found (default unset: no action is forced)
+    #action = "reject";
+    # if `true` only messages with non-image attachments will be checked (default true)
+    scan_mime_parts = true;
+    # If `max_size` is set, messages > n bytes in size are not scanned
+    #max_size = 20000000;
+    # symbol to add (add it to metric if you want non-zero weight)
+    symbol = "CLAM_VIRUS";
+    # type of scanner: "clamav", "fprot", "sophos" or "savapi"
+    type = "clamav";
+    # For "savapi" you must also specify the following variable
+    #product_id = 12345;
+    # You can enable logging for clean messages
+    #log_clean = true;
+    # servers to query (if port is unspecified, scanner-specific default is used)
+    # can be specified multiple times to pool servers
+    # can be set to a path to a unix socket
+    # Enable this in local.d/antivirus.conf
+    #servers = "127.0.0.1:3310";
+    servers = "/var/run/clamav/clamd.ctl";
+    # if `patterns` is specified virus name will be matched against provided regexes and the related
+    # symbol will be yielded if a match is found. If no match is found, default symbol is yielded.
+    patterns {
+      # symbol_name = "pattern";
+      JUST_EICAR = "^Eicar-Test-Signature$";
+    }
+    # `whitelist` points to a map of IP addresses. Mail from these addresses is not scanned.
+    whitelist = "/etc/rspamd/antivirus.wl";
+}
\ No newline at end of file

install/tpl/rspamd_classifier-bayes.conf.master

+autolearn = [-0.01, 5.00];
+per_user = true;
+per_language = true;
\ No newline at end of file

install/tpl/rspamd_dkim_signing.conf.master

+path = "<tmpl_var name='dkim_path'>/$domain.private";
+selector = "default";
\ No newline at end of file

install/tpl/rspamd_greylist.conf.master

+servers = "127.0.0.1:6379";
\ No newline at end of file

install/tpl/rspamd_groups.conf.master

+group "antivirus" {
+    .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/antivirus_group.conf"
+    .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/antivirus_group.conf"
+}

install/tpl/rspamd_milter_headers.conf.master

+use = ["x-spamd-bar", "x-spam-level", "authentication-results"];
+authenticated_headers = ["authentication-results"];
\ No newline at end of file

install/tpl/rspamd_mx_check.conf.master

+enabled = true;
+servers = "localhost";
+key_prefix = "rmx";
+symbol_bad_mx = "MX_INVALID";
+symbol_no_mx = "MX_MISSING";
+symbol_good_mx = "MX_GOOD";
+expire = 86400;
+expire_novalid = 7200;
+greylist_invalid = false;
\ No newline at end of file

install/tpl/rspamd_neural.conf.master

+servers = 127.0.0.1:6379;
+enabled = true;
+
+rules {
+  "LONG" {
+    train {
+      max_trains = 5000;
+      max_usages = 200;
+      max_iterations = 25;
+      learning_rate = 0.01,
+      spam_score = 10;
+      ham_score = -2;
+    }
+    symbol_spam = "NEURAL_SPAM_LONG";
+    symbol_ham = "NEURAL_HAM_LONG";
+    ann_expire = 100d;
+  }
+  "SHORT" {
+    train {
+      max_trains = 100;
+      max_usages = 2;
+      max_iterations = 25;
+      learning_rate = 0.01,
+      spam_score = 10;
+      ham_score = -2;
+    }
+    symbol_spam = "NEURAL_SPAM_SHORT";
+    symbol_ham = "NEURAL_HAM_SHORT";
+    ann_expire = 1d;
+  }
+}
\ No newline at end of file

install/tpl/rspamd_neural_group.conf.master

+symbols = {
+  "NEURAL_SPAM_LONG" {
+    weight = 1.0; # sample weight
+    description = "Neural network spam (long)";
+  }
+  "NEURAL_HAM_LONG" {
+    weight = -2.0; # sample weight
+    description = "Neural network ham (long)";
+  }
+  "NEURAL_SPAM_SHORT" {
+    weight = 0.5; # sample weight
+    description = "Neural network spam (short)";
+  }
+  "NEURAL_HAM_SHORT" {
+    weight = -1.0; # sample weight
+    description = "Neural network ham (short)";
+  }
+}

install/tpl/rspamd_options.inc.master

+local_addrs = "127.0.0.0/8, ::1";
+
+dns {
+	nameserver = ["127.0.0.1:53:10"];
+}

install/tpl/rspamd_override_rbl.conf.master

+# RBL
+symbols = {
+	"RBL_SENDERSCORE" {
+		weight = 4.0;
+		description = "From address is listed in senderscore.com BL";
+	}
+	"RBL_SPAMHAUS_SBL" {
+		weight = 2.0;
+		description = "From address is listed in zen sbl";
+	}
+	"RBL_SPAMHAUS_CSS" {
+	  weight = 2.0;
+	  description = "From address is listed in zen css";
+	}
+	"RBL_SPAMHAUS_XBL" {
+	  weight = 4.0;
+	  description = "From address is listed in zen xbl";
+	}
+	"RBL_SPAMHAUS_XBL_ANY" {
+	  weight = 4.0;
+	  description = "From or receive address is listed in zen xbl (any list)";
+	}
+	"RBL_SPAMHAUS_PBL" {
+	  weight = 2.0;
+	  description = "From address is listed in zen pbl (ISP list)";
+	}
+	"RBL_SPAMHAUS_DROP" {
+	  weight = 7.0;
+	  description = "From address is listed in zen drop bl";
+	}
+	"RECEIVED_SPAMHAUS_XBL" {
+	  weight = 3.0;
+	  description = "Received address is listed in zen xbl";
+	  one_shot = true;
+	}
+	"RBL_MAILSPIKE_WORST" {
+	  weight = 2.0;
+	  description = "From address is listed in RBL - worst possible reputation";
+	}
+	"RBL_MAILSPIKE_VERYBAD" {
+	  weight = 1.5;
+	  description = "From address is listed in RBL - very bad reputation";
+	}
+	"RBL_MAILSPIKE_BAD" {
+	  weight = 1.0;
+	  description = "From address is listed in RBL - bad reputation";
+	}
+	"RBL_SEM" {
+	  weight = 1.0;
+	  description = "Address is listed in Spameatingmonkey RBL";
+	}
+	# /RBL
+}

install/tpl/rspamd_override_surbl.conf.master

+symbols = {
+	# SURBL
+	"PH_SURBL_MULTI" {
+	  weight = 5.5;
+	  description = "SURBL: Phishing sites";
+	}
+	"MW_SURBL_MULTI" {
+	  weight = 5.5;
+	  description = "SURBL: Malware sites";
+	}
+	"ABUSE_SURBL" {
+	  weight = 5.5;
+	  description = "SURBL: ABUSE";
+	}
+	"CRACKED_SURBL" {
+	  weight = 4.0;
+	  description = "SURBL: cracked site";
+	}
+	"RAMBLER_URIBL" {
+	  weight = 4.5;
+	  description = "Rambler uribl";
+	  one_shot = true;
+	}
+	"RAMBLER_EMAILBL" {
+	  weight = 9.5;
+	  description = "Rambler emailbl";
+	  one_shot = true;
+	}
+	"MSBL_EBL" {
+	  weight = 7.5;
+	  description = "MSBL emailbl";
+	  one_shot = true;
+	}
+	"SEM_URIBL" {
+	  weight = 3.5;
+	  description = "Spameatingmonkey uribl";
+	}
+	"SEM_URIBL_FRESH15" {
+	  weight = 3.0;
+	  description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)";
+	}
+	"DBL" {
+	  weight = 0.0;
+	  description = "DBL unknown result";
+	}
+	"DBL_SPAM" {
+	  weight = 6.5;
+	  description = "DBL uribl spam";
+	}
+	"DBL_PHISH" {
+	  weight = 6.5;
+	  description = "DBL uribl phishing";
+	}
+	"DBL_MALWARE" {
+	  weight = 6.5;
+	  description = "DBL uribl malware";
+	}
+	"DBL_BOTNET" {
+	  weight = 5.5;
+	  description = "DBL uribl botnet C&C domain";
+	}
+	"DBL_ABUSE" {
+	  weight = 6.5;
+	  description = "DBL uribl abused legit spam";
+	}
+	"DBL_ABUSE_REDIR" {
+	  weight = 1.5;
+	  description = "DBL uribl abused spammed redirector domain";
+	}
+	"DBL_ABUSE_PHISH" {
+	  weight = 7.5;
+	  description = "DBL uribl abused legit phish";
+	}
+	"DBL_ABUSE_MALWARE" {
+	  weight = 7.5;
+	  description = "DBL uribl abused legit malware";
+	}
+	"DBL_ABUSE_BOTNET" {
+	  weight = 5.5;
+	  description = "DBL uribl abused legit botnet C&C";
+	}
+	"URIBL_BLACK" {
+	  weight = 7.5;
+	  description = "uribl.com black url";
+	}
+	"URIBL_RED" {
+	  weight = 3.5;
+	  description = "uribl.com red url";
+	}
+	"URIBL_GREY" {
+	  weight = 1.5;
+	  description = "uribl.com grey url";
+	  one_shot = true;
+	}
+	"URIBL_SBL" {
+	  weight = 6.5;
+	  description = "Spamhaus SBL URIBL";
+	}
+	"URIBL_SBL_CSS" {
+	  weight = 6.5;
+	  description = "Spamhaus SBL CSS URIBL";
+	}
+	"RBL_SARBL_BAD" {
+	  weight = 2.5;
+	  description = "A domain listed in the mail is blacklisted in SARBL";
+	}
+	# /SURBL
+}

install/tpl/rspamd_redis.conf.master

+servers = "127.0.0.1";
\ No newline at end of file

install/tpl/rspamd_symbols_antivirus.conf.master

+subject = "***SPAM*** %s";
+symbols = {
+	"CLAM_VIRUS" {
+		weight = 50;
+		description = "Clamav has found a virus.";
+	}
+	"JUST_EICAR" {
+		weight = 50;
+		description = "Clamav has found a virus.";
+	}
+	"R_DUMMY" {
+		weight = 0.0;
+		description = "Dummy symbol";
+	}
+}
\ No newline at end of file

install/tpl/rspamd_users.conf.master

+settings {
+	authenticated {
+		priority = 10;
+		authenticated = yes;
+		#apply "default" { groups_disabled = ["rbl", "spf"]; }
+		apply "default" {
+			#symbols_enabled = [];
+			symbols_disabled = [];
+			#groups_enabled = [];
+			groups_disabled = ["rbl"];
+		}
+	}
+	whitelist {
+		priority = 10;
+		rcpt = "postmaster";
+		rcpt = "hostmaster";
+		rcpt = "abuse";
+		want_spam = yes;
+	}
+	whitelist-ip {
+		priority = 10;
+<tmpl_loop name="whitelist_ips">
+		ip = "<tmpl_var name='ip'>";
+</tmpl_loop>
+		
+		want_spam = yes;
+	}
+#	whitelist-timmehosting {
+#		priority = 20;
+#		from = "@xxx";
+#		from = "@xxx";
+#		want_spam = yes;
+#	}
+	whitelist-ca {
+		priority = 20;
+		from = "@comodo.com";
+		from = "@geotrust.com";
+		from = "@geotrusteurope.com";
+		want_spam = yes;
+	}
+	.include(try=true; glob=true) "$LOCAL_CONFDIR/local.d/users/*.conf"
+	.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/users.local.conf"
+}

install/tpl/rspamd_wblist.inc.conf.master

+spamfilter_wblist-<tmpl_var name='record_id'> {
+	priority = <tmpl_var name='priority'>;
+	from = "<tmpl_var name='from'>";
+	rcpt = "<tmpl_var name='recipient'>";
+<tmpl_if name='wblist' op='==' value='W'>
+	want_spam = yes;
+</tmpl_else>
+	apply "default" {
+		R_DUMMY = 999.0;
+		actions {
+			reject = 0.2;
+			add_header = 0.1;
+			greylist = 0.1;
+			rewrite_subject = 0.1;
+		}
+	}
+</tmpl_if>
+}
\ No newline at end of file

install/tpl/rspamd_worker-controller.inc.master

+../../server/conf/rspamd_worker-controller.inc.master
\ No newline at end of file

install/tpl/sasl_smtpd.conf.master

-pwcheck_method: saslauthd
-mech_list: plain login
-allow_plaintext: true
-auxprop_plugin: mysql
-sql_hostnames: {mysql_server_ip}
-sql_user: {mysql_server_ispconfig_user}
-sql_passwd: {mysql_server_ispconfig_password}
-sql_database: {mysql_server_database}
-sql_select: select password from mail_user where (login = '%u' or email = '%u@%r') and postfix = 'y' and disablesmtp = 'n'
\ No newline at end of file