mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
Merge pull request #1485 from youtous/feature-spam-to-junk
Feature: Spam to Junk folder
This commit is contained in:
commit
a12cd9a26d
|
@ -125,6 +125,7 @@ RUN echo "0 */6 * * * clamav /usr/bin/freshclam --quiet" > /etc/cron.d/clamav-fr
|
||||||
# Configures Dovecot
|
# Configures Dovecot
|
||||||
COPY target/dovecot/auth-passwdfile.inc target/dovecot/??-*.conf /etc/dovecot/conf.d/
|
COPY target/dovecot/auth-passwdfile.inc target/dovecot/??-*.conf /etc/dovecot/conf.d/
|
||||||
COPY target/dovecot/scripts/quota-warning.sh /usr/local/bin/quota-warning.sh
|
COPY target/dovecot/scripts/quota-warning.sh /usr/local/bin/quota-warning.sh
|
||||||
|
COPY target/dovecot/sieve/* /usr/lib/dovecot/sieve-global/
|
||||||
WORKDIR /usr/share/dovecot
|
WORKDIR /usr/share/dovecot
|
||||||
# hadolint ignore=SC2016,SC2086
|
# hadolint ignore=SC2016,SC2086
|
||||||
RUN sed -i -e 's/include_try \/usr\/share\/dovecot\/protocols\.d/include_try \/etc\/dovecot\/protocols\.d/g' /etc/dovecot/dovecot.conf && \
|
RUN sed -i -e 's/include_try \/usr\/share\/dovecot\/protocols\.d/include_try \/etc\/dovecot\/protocols\.d/g' /etc/dovecot/dovecot.conf && \
|
||||||
|
|
19
README.md
19
README.md
|
@ -161,6 +161,7 @@ services:
|
||||||
- ./config/:/tmp/docker-mailserver/
|
- ./config/:/tmp/docker-mailserver/
|
||||||
environment:
|
environment:
|
||||||
- ENABLE_SPAMASSASSIN=1
|
- ENABLE_SPAMASSASSIN=1
|
||||||
|
- SPAMASSASSIN_SPAM_TO_INBOX=1
|
||||||
- ENABLE_CLAMAV=1
|
- ENABLE_CLAMAV=1
|
||||||
- ENABLE_FAIL2BAN=1
|
- ENABLE_FAIL2BAN=1
|
||||||
- ENABLE_POSTGREY=1
|
- ENABLE_POSTGREY=1
|
||||||
|
@ -202,6 +203,7 @@ services:
|
||||||
- ./config/:/tmp/docker-mailserver/
|
- ./config/:/tmp/docker-mailserver/
|
||||||
environment:
|
environment:
|
||||||
- ENABLE_SPAMASSASSIN=1
|
- ENABLE_SPAMASSASSIN=1
|
||||||
|
- SPAMASSASSIN_SPAM_TO_INBOX=1
|
||||||
- ENABLE_CLAMAV=1
|
- ENABLE_CLAMAV=1
|
||||||
- ENABLE_FAIL2BAN=1
|
- ENABLE_FAIL2BAN=1
|
||||||
- ENABLE_POSTGREY=1
|
- ENABLE_POSTGREY=1
|
||||||
|
@ -483,9 +485,26 @@ Finally the logrotate interval **may** affect the period for generated reports.
|
||||||
|
|
||||||
##### ENABLE_SPAMASSASSIN
|
##### ENABLE_SPAMASSASSIN
|
||||||
|
|
||||||
|
|
||||||
- **0** => Spamassassin is disabled
|
- **0** => Spamassassin is disabled
|
||||||
- 1 => Spamassassin is enabled
|
- 1 => Spamassassin is enabled
|
||||||
|
|
||||||
|
**/!\\ Spam delivery:** when Spamassassin is enabled, messages marked as spam WILL NOT BE DELIVERED.
|
||||||
|
Use `SPAMASSASSIN_SPAM_TO_INBOX=1` for receiving spam messages.
|
||||||
|
|
||||||
|
##### SPAMASSASSIN_SPAM_TO_INBOX
|
||||||
|
|
||||||
|
|
||||||
|
- **0** => Spam messages will be bounced (_rejected_) without any notification (_dangerous_).
|
||||||
|
- 1 => Spam messages will be delivered to the inbox and tagged as spam using `SA_SPAM_SUBJECT`.
|
||||||
|
|
||||||
|
##### MOVE_SPAM_TO_JUNK
|
||||||
|
|
||||||
|
- **1** => Spam messages will be delivered in the `Junk` folder.
|
||||||
|
- 0 => Spam messages will be delivered in the mailbox.
|
||||||
|
|
||||||
|
Note: this setting needs `SPAMASSASSIN_SPAM_TO_INBOX=1`
|
||||||
|
|
||||||
##### SA_TAG
|
##### SA_TAG
|
||||||
|
|
||||||
- **2.0** => add spam info headers if at, or above that level
|
- **2.0** => add spam info headers if at, or above that level
|
||||||
|
|
|
@ -177,9 +177,12 @@ POSTFIX_INET_PROTOCOLS=all
|
||||||
|
|
||||||
ENABLE_SPAMASSASSIN=0
|
ENABLE_SPAMASSASSIN=0
|
||||||
|
|
||||||
#If Enabled, SPAM goes to your inbox with added SPAM header, you can then move it to a specific SPAM folder with SIEVE rules
|
# deliver spam messages in the inbox (eventually tagged using SA_SPAM_SUBJECT)
|
||||||
SPAMASSASSIN_SPAM_TO_INBOX=1
|
SPAMASSASSIN_SPAM_TO_INBOX=1
|
||||||
|
|
||||||
|
# spam messages will be moved in the Junk folder (SPAMASSASSIN_SPAM_TO_INBOX=1 required)
|
||||||
|
MOVE_SPAM_TO_JUNK=1
|
||||||
|
|
||||||
# add spam info headers if at, or above that level:
|
# add spam info headers if at, or above that level:
|
||||||
SA_TAG=2.0
|
SA_TAG=2.0
|
||||||
|
|
||||||
|
|
|
@ -4,6 +4,7 @@ use strict;
|
||||||
|
|
||||||
# Bounce spam, the default option for buster is D_PASS to deliver
|
# Bounce spam, the default option for buster is D_PASS to deliver
|
||||||
$final_spam_destiny = D_BOUNCE;
|
$final_spam_destiny = D_BOUNCE;
|
||||||
|
$final_bad_header_destiny = D_BOUNCE;
|
||||||
|
|
||||||
# Higher log level to get expected messages at startup
|
# Higher log level to get expected messages at startup
|
||||||
$log_level = 2;
|
$log_level = 2;
|
||||||
|
|
|
@ -32,7 +32,7 @@ plugin {
|
||||||
# file names, using a normal 8bit per-character comparison. Multiple script
|
# file names, using a normal 8bit per-character comparison. Multiple script
|
||||||
# file or directory paths can be specified by appending an increasing number.
|
# file or directory paths can be specified by appending an increasing number.
|
||||||
#sieve_before = /usr/lib/dovecot/sieve-global/before.dovecot.sieve
|
#sieve_before = /usr/lib/dovecot/sieve-global/before.dovecot.sieve
|
||||||
#sieve_before2 =
|
#sieve_before2 = /usr/lib/dovecot/sieve-global/before.spam.sieve
|
||||||
#sieve_before3 = (etc...)
|
#sieve_before3 = (etc...)
|
||||||
|
|
||||||
# Identical to sieve_before, only the specified scripts are executed after the
|
# Identical to sieve_before, only the specified scripts are executed after the
|
||||||
|
|
4
target/dovecot/sieve/before.spam.sieve
Normal file
4
target/dovecot/sieve/before.spam.sieve
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
require "fileinto";
|
||||||
|
if header :contains "X-Spam-Flag" "YES" {
|
||||||
|
fileinto "Junk";
|
||||||
|
}
|
|
@ -39,7 +39,9 @@ DEFAULT_VARS["SRS_SENDER_CLASSES"]="${SRS_SENDER_CLASSES:="envelope_sender"}"
|
||||||
DEFAULT_VARS["REPORT_RECIPIENT"]="${REPORT_RECIPIENT:="0"}"
|
DEFAULT_VARS["REPORT_RECIPIENT"]="${REPORT_RECIPIENT:="0"}"
|
||||||
DEFAULT_VARS["LOGROTATE_INTERVAL"]="${LOGROTATE_INTERVAL:=${REPORT_INTERVAL:-"daily"}}"
|
DEFAULT_VARS["LOGROTATE_INTERVAL"]="${LOGROTATE_INTERVAL:=${REPORT_INTERVAL:-"daily"}}"
|
||||||
DEFAULT_VARS["LOGWATCH_INTERVAL"]="${LOGWATCH_INTERVAL:="none"}"
|
DEFAULT_VARS["LOGWATCH_INTERVAL"]="${LOGWATCH_INTERVAL:="none"}"
|
||||||
|
DEFAULT_VARS["EXPLICITLY_DEFINED_SPAMASSASSIN_SPAM_TO_INBOX"]="$( [ -z "${SPAMASSASSIN_SPAM_TO_INBOX}" ] && echo "0" || echo "1" )" # used for backward compatibility
|
||||||
DEFAULT_VARS["SPAMASSASSIN_SPAM_TO_INBOX"]="${SPAMASSASSIN_SPAM_TO_INBOX:="0"}"
|
DEFAULT_VARS["SPAMASSASSIN_SPAM_TO_INBOX"]="${SPAMASSASSIN_SPAM_TO_INBOX:="0"}"
|
||||||
|
DEFAULT_VARS["MOVE_SPAM_TO_JUNK"]="${MOVE_SPAM_TO_JUNK:="1"}"
|
||||||
DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
|
DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
@ -627,6 +629,16 @@ function _setup_dovecot() {
|
||||||
else
|
else
|
||||||
sed -i "s/ sieve_after =/ #sieve_after =/" /etc/dovecot/conf.d/90-sieve.conf
|
sed -i "s/ sieve_after =/ #sieve_after =/" /etc/dovecot/conf.d/90-sieve.conf
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# sieve will move spams to .Junk folder when SPAMASSASSIN_SPAM_TO_INBOX=1 and MOVE_SPAM_TO_JUNK=1
|
||||||
|
if [ "$SPAMASSASSIN_SPAM_TO_INBOX" = 1 ] && [ "$MOVE_SPAM_TO_JUNK" = 1 ]; then
|
||||||
|
notify 'inf' "Spam messages will be moved to the Junk folder."
|
||||||
|
sed -i "s/#sieve_before2 =/sieve_before2 =/" /etc/dovecot/conf.d/90-sieve.conf
|
||||||
|
sievec /usr/lib/dovecot/sieve-global/before.spam.sieve
|
||||||
|
else
|
||||||
|
sed -i "s/ sieve_before2 =/ #sieve_before2 =/" /etc/dovecot/conf.d/90-sieve.conf
|
||||||
|
fi
|
||||||
|
|
||||||
chown docker:docker -R /usr/lib/dovecot/sieve*
|
chown docker:docker -R /usr/lib/dovecot/sieve*
|
||||||
chmod 550 -R /usr/lib/dovecot/sieve*
|
chmod 550 -R /usr/lib/dovecot/sieve*
|
||||||
chmod -f +x /usr/lib/dovecot/sieve-pipe/*
|
chmod -f +x /usr/lib/dovecot/sieve-pipe/*
|
||||||
|
@ -1475,18 +1487,17 @@ function _setup_security_stack() {
|
||||||
test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/
|
test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/
|
||||||
|
|
||||||
|
|
||||||
if [ "$SPAMASSASSIN_SPAM_TO_INBOX" = "1" ]; then
|
if [ "$SPAMASSASSIN_SPAM_TO_INBOX" = 1 ]; then
|
||||||
notify 'inf' "Configure Spamassassin/Amavis to put SPAM inbox"
|
notify 'inf' "Configure Spamassassin/Amavis to put SPAM inbox"
|
||||||
bannedbouncecheck=`egrep "final_banned_destiny.*D_BOUNCE" /etc/amavis/conf.d/20-debian_defaults`
|
|
||||||
if [ -n "$bannedbouncecheck" ] ;
|
|
||||||
then
|
|
||||||
sed -i "/final_banned_destiny/ s|D_BOUNCE|D_REJECT|" /etc/amavis/conf.d/20-debian_defaults
|
|
||||||
fi
|
|
||||||
|
|
||||||
finalbouncecheck=`egrep "final_spam_destiny.*D_BOUNCE" /etc/amavis/conf.d/20-debian_defaults`
|
sed -i "s/\$final_spam_destiny.*=.*$/\$final_spam_destiny = D_PASS;/g" /etc/amavis/conf.d/49-docker-mailserver
|
||||||
if [ -n "$finalbouncecheck" ] ;
|
sed -i "s/\$final_bad_header_destiny.*=.*$/\$final_bad_header_destiny = D_PASS;/g" /etc/amavis/conf.d/49-docker-mailserver
|
||||||
then
|
else
|
||||||
sed -i "/final_spam_destiny/ s|D_BOUNCE|D_PASS|" /etc/amavis/conf.d/20-debian_defaults
|
sed -i "s/\$final_spam_destiny.*=.*$/\$final_spam_destiny = D_BOUNCE;/g" /etc/amavis/conf.d/49-docker-mailserver
|
||||||
|
sed -i "s/\$final_bad_header_destiny.*=.*$/\$final_bad_header_destiny = D_BOUNCE;/g" /etc/amavis/conf.d/49-docker-mailserver
|
||||||
|
|
||||||
|
if [ "${DEFAULT_VARS['EXPLICITLY_DEFINED_SPAMASSASSIN_SPAM_TO_INBOX']}" = 0 ]; then
|
||||||
|
notify 'warn' "Spam messages WILL NOT BE DELIVERED, you will NOT be notified of ANY message bounced. Please define SPAMASSASSIN_SPAM_TO_INBOX explicitly."
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
71
test/mail_spam_bounced.bats
Normal file
71
test/mail_spam_bounced.bats
Normal file
|
@ -0,0 +1,71 @@
|
||||||
|
load 'test_helper/common'
|
||||||
|
|
||||||
|
# Test case
|
||||||
|
# ---------
|
||||||
|
# When SPAMASSASSIN_SPAM_TO_INBOX=0, spam messages must be bounced.
|
||||||
|
|
||||||
|
|
||||||
|
function setup() {
|
||||||
|
run_setup_file_if_necessary
|
||||||
|
}
|
||||||
|
|
||||||
|
function teardown() {
|
||||||
|
run_teardown_file_if_necessary
|
||||||
|
}
|
||||||
|
|
||||||
|
function setup_file() {
|
||||||
|
docker run -d --name mail_spam_bounced_defined \
|
||||||
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
|
-v "`pwd`/test/test-files":/tmp/docker-mailserver-test:ro \
|
||||||
|
-e ENABLE_SPAMASSASSIN=1 \
|
||||||
|
-e SPAMASSASSIN_SPAM_TO_INBOX=0 \
|
||||||
|
-h mail.my-domain.com -t "${NAME}"
|
||||||
|
|
||||||
|
wait_for_finished_setup_in_container mail_spam_bounced_defined
|
||||||
|
|
||||||
|
docker run -d --name mail_spam_bounced_undefined \
|
||||||
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
|
-v "`pwd`/test/test-files":/tmp/docker-mailserver-test:ro \
|
||||||
|
-e ENABLE_SPAMASSASSIN=1 \
|
||||||
|
-h mail.my-domain.com -t "${NAME}"
|
||||||
|
|
||||||
|
wait_for_finished_setup_in_container mail_spam_bounced_undefined
|
||||||
|
}
|
||||||
|
|
||||||
|
function teardown_file() {
|
||||||
|
docker rm -f mail_spam_bounced_defined
|
||||||
|
docker rm -f mail_spam_bounced_undefined
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "first" {
|
||||||
|
skip 'this test must come first to reliably identify when to run setup_file'
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking amavis: spam message is bounced" {
|
||||||
|
# this warning should only be raised when no explicit value for SPAMASSASSIN_SPAM_TO_INBOX is defined
|
||||||
|
run sh -c "docker logs mail_spam_bounced_defined | grep 'Spam messages WILL NOT BE DELIVERED'"
|
||||||
|
assert_failure
|
||||||
|
|
||||||
|
# send a spam message
|
||||||
|
run docker exec mail_spam_bounced_defined /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/amavis-spam.txt"
|
||||||
|
assert_success
|
||||||
|
|
||||||
|
run repeat_until_success_or_timeout 20 sh -c "docker logs mail_spam_bounced_defined | grep 'Blocked SPAM {NoBounceInbound,Quarantined}'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking amavis: spam message is bounced, undefined SPAMASSASSIN_SPAM_TO_INBOX raise a warning" {
|
||||||
|
run sh -c "docker logs mail_spam_bounced_undefined | grep 'Spam messages WILL NOT BE DELIVERED'"
|
||||||
|
assert_success
|
||||||
|
|
||||||
|
# send a spam message
|
||||||
|
run docker exec mail_spam_bounced_defined /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/amavis-spam.txt"
|
||||||
|
assert_success
|
||||||
|
|
||||||
|
run repeat_until_success_or_timeout 20 sh -c "docker logs mail_spam_bounced_defined | grep 'Blocked SPAM {NoBounceInbound,Quarantined}'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "last" {
|
||||||
|
skip 'this test is only there to reliably mark the end for the teardown_file'
|
||||||
|
}
|
77
test/mail_spam_junk_folder.bats
Normal file
77
test/mail_spam_junk_folder.bats
Normal file
|
@ -0,0 +1,77 @@
|
||||||
|
load 'test_helper/common'
|
||||||
|
|
||||||
|
# Test case
|
||||||
|
# ---------
|
||||||
|
# When SPAMASSASSIN_SPAM_TO_INBOX=1, spam messages must be delivered and eventually (MOVE_SPAM_TO_JUNK=1) moved to the Junk folder.
|
||||||
|
|
||||||
|
|
||||||
|
function setup() {
|
||||||
|
run_setup_file_if_necessary
|
||||||
|
}
|
||||||
|
|
||||||
|
function teardown() {
|
||||||
|
run_teardown_file_if_necessary
|
||||||
|
}
|
||||||
|
|
||||||
|
function setup_file() {
|
||||||
|
docker run -d --name mail_spam_moved_junk \
|
||||||
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
|
-v "`pwd`/test/test-files":/tmp/docker-mailserver-test:ro \
|
||||||
|
-e ENABLE_SPAMASSASSIN=1 \
|
||||||
|
-e SPAMASSASSIN_SPAM_TO_INBOX=1 \
|
||||||
|
-e MOVE_SPAM_TO_JUNK=1 \
|
||||||
|
-e SA_SPAM_SUBJECT="SPAM: " \
|
||||||
|
-h mail.my-domain.com -t "${NAME}"
|
||||||
|
|
||||||
|
wait_for_finished_setup_in_container mail_spam_moved_junk
|
||||||
|
|
||||||
|
docker run -d --name mail_spam_moved_new \
|
||||||
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
|
-v "`pwd`/test/test-files":/tmp/docker-mailserver-test:ro \
|
||||||
|
-e ENABLE_SPAMASSASSIN=1 \
|
||||||
|
-e SPAMASSASSIN_SPAM_TO_INBOX=1 \
|
||||||
|
-e MOVE_SPAM_TO_JUNK=0 \
|
||||||
|
-e SA_SPAM_SUBJECT="SPAM: " \
|
||||||
|
-h mail.my-domain.com -t "${NAME}"
|
||||||
|
|
||||||
|
wait_for_finished_setup_in_container mail_spam_moved_new
|
||||||
|
}
|
||||||
|
|
||||||
|
function teardown_file() {
|
||||||
|
docker rm -f mail_spam_moved_new
|
||||||
|
docker rm -f mail_spam_moved_junk
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "first" {
|
||||||
|
skip 'this test must come first to reliably identify when to run setup_file'
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking amavis: spam message is delivered and moved to the Junk folder (MOVE_SPAM_TO_JUNK=1)" {
|
||||||
|
# send a spam message
|
||||||
|
run docker exec mail_spam_moved_junk /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/amavis-spam.txt"
|
||||||
|
assert_success
|
||||||
|
|
||||||
|
run repeat_until_success_or_timeout 20 sh -c "docker logs mail_spam_moved_junk | grep 'Passed SPAM {RelayedTaggedInbound,Quarantined}'"
|
||||||
|
assert_success
|
||||||
|
|
||||||
|
# spam moved to Junk folder
|
||||||
|
run repeat_until_success_or_timeout 20 sh -c "docker exec mail_spam_moved_junk sh -c 'grep \"Subject: SPAM: \" /var/mail/localhost.localdomain/user1/.Junk/new/ -R'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking amavis: spam message is delivered to INBOX (MOVE_SPAM_TO_JUNK=0)" {
|
||||||
|
# send a spam message
|
||||||
|
run docker exec mail_spam_moved_new /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/amavis-spam.txt"
|
||||||
|
assert_success
|
||||||
|
|
||||||
|
run repeat_until_success_or_timeout 20 sh -c "docker logs mail_spam_moved_new | grep 'Passed SPAM {RelayedTaggedInbound,Quarantined}'"
|
||||||
|
assert_success
|
||||||
|
|
||||||
|
# spam moved to INBOX
|
||||||
|
run repeat_until_success_or_timeout 20 sh -c "docker exec mail_spam_moved_new sh -c 'grep \"Subject: SPAM: \" /var/mail/localhost.localdomain/user1/new/ -R'"
|
||||||
|
assert_success
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "last" {
|
||||||
|
skip 'this test is only there to reliably mark the end for the teardown_file'
|
||||||
|
}
|
Loading…
Reference in a new issue