init spams to junk

This commit is contained in:
youtous 2020-05-02 18:39:51 +02:00
parent 7eacb4cfc0
commit d829905cf7
No known key found for this signature in database
GPG key ID: 592173AE8CD254A5
7 changed files with 126 additions and 13 deletions

View file

@ -125,6 +125,7 @@ RUN echo "0 */6 * * * clamav /usr/bin/freshclam --quiet" > /etc/cron.d/clamav-fr
# Configures Dovecot
COPY target/dovecot/auth-passwdfile.inc target/dovecot/??-*.conf /etc/dovecot/conf.d/
COPY target/dovecot/scripts/quota-warning.sh /usr/local/bin/quota-warning.sh
COPY target/dovecot/sieve/* /usr/lib/dovecot/sieve-global/
WORKDIR /usr/share/dovecot
# hadolint ignore=SC2016,SC2086
RUN sed -i -e 's/include_try \/usr\/share\/dovecot\/protocols\.d/include_try \/etc\/dovecot\/protocols\.d/g' /etc/dovecot/dovecot.conf && \

View file

@ -3,7 +3,8 @@ use strict;
# Override options set in earlier files, use 50-user to override these
# Bounce spam, the default option for buster is D_PASS to deliver
$final_spam_destiny = D_BOUNCE;
$final_spam_destiny = D_BOUNCE;
$final_bad_header_destiny = D_BOUNCE;
# Higher log level to get expected messages at startup
$log_level = 2;

View file

@ -32,7 +32,7 @@ plugin {
# file names, using a normal 8bit per-character comparison. Multiple script
# file or directory paths can be specified by appending an increasing number.
#sieve_before = /usr/lib/dovecot/sieve-global/before.dovecot.sieve
#sieve_before2 =
#sieve_before2 = /usr/lib/dovecot/sieve-global/before.spam.sieve
#sieve_before3 = (etc...)
# Identical to sieve_before, only the specified scripts are executed after the

View file

@ -0,0 +1,4 @@
require "fileinto";
if header :contains "X-Spam-Flag" "YES" {
fileinto "Junk";
}

View file

@ -40,6 +40,7 @@ DEFAULT_VARS["REPORT_RECIPIENT"]="${REPORT_RECIPIENT:="0"}"
DEFAULT_VARS["LOGROTATE_INTERVAL"]="${LOGROTATE_INTERVAL:=${REPORT_INTERVAL:-"daily"}}"
DEFAULT_VARS["LOGWATCH_INTERVAL"]="${LOGWATCH_INTERVAL:="none"}"
DEFAULT_VARS["SPAMASSASSIN_SPAM_TO_INBOX"]="${SPAMASSASSIN_SPAM_TO_INBOX:="0"}"
DEFAULT_VARS["MOVE_SPAM_TO_JUNK"]="${MOVE_SPAM_TO_JUNK:="1"}"
DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
##########################################################################
@ -627,6 +628,16 @@ function _setup_dovecot() {
else
sed -i "s/ sieve_after =/ #sieve_after =/" /etc/dovecot/conf.d/90-sieve.conf
fi
# sieve will move spams to .Junk folder when SPAMASSASSIN_SPAM_TO_INBOX=1 and MOVE_SPAM_TO_JUNK=1
if [ "$SPAMASSASSIN_SPAM_TO_INBOX" = 1 ] && [ "$MOVE_SPAM_TO_JUNK" = 1 ]; then
notify 'inf' "Spam messages will be moved to the Junk folder."
sed -i "s/#sieve_before2 =/sieve_before2 =/" /etc/dovecot/conf.d/90-sieve.conf
sievec /usr/lib/dovecot/sieve-global/before.spam.sieve
else
sed -i "s/ sieve_before2 =/ #sieve_before2 =/" /etc/dovecot/conf.d/90-sieve.conf
fi
chown docker:docker -R /usr/lib/dovecot/sieve*
chmod 550 -R /usr/lib/dovecot/sieve*
chmod -f +x /usr/lib/dovecot/sieve-pipe/*
@ -1475,19 +1486,15 @@ function _setup_security_stack() {
test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/
if [ "$SPAMASSASSIN_SPAM_TO_INBOX" = "1" ]; then
if [ "$SPAMASSASSIN_SPAM_TO_INBOX" = 1 ]; then
notify 'inf' "Configure Spamassassin/Amavis to put SPAM inbox"
bannedbouncecheck=`egrep "final_banned_destiny.*D_BOUNCE" /etc/amavis/conf.d/20-debian_defaults`
if [ -n "$bannedbouncecheck" ] ;
then
sed -i "/final_banned_destiny/ s|D_BOUNCE|D_REJECT|" /etc/amavis/conf.d/20-debian_defaults
fi
finalbouncecheck=`egrep "final_spam_destiny.*D_BOUNCE" /etc/amavis/conf.d/20-debian_defaults`
if [ -n "$finalbouncecheck" ] ;
then
sed -i "/final_spam_destiny/ s|D_BOUNCE|D_PASS|" /etc/amavis/conf.d/20-debian_defaults
fi
sed -i "s/\$final_spam_destiny.*=.*$/\$final_spam_destiny = D_PASS;/g" /etc/amavis/conf.d/49-docker-mailserver
sed -i "s/\$final_bad_header_destiny.*=.*$/\$final_bad_header_destiny = D_PASS;/g" /etc/amavis/conf.d/49-docker-mailserver
else
notify 'warn' "Spam messages WILL NOT BE DELIVERED, you will NOT be notified of ANY message bounced. See SPAMASSASSIN_SPAM_TO_INBOX options."
sed -i "s/\$final_spam_destiny.*=.*$/\$final_spam_destiny = D_BOUNCE;/g" /etc/amavis/conf.d/49-docker-mailserver
sed -i "s/\$final_bad_header_destiny.*=.*$/\$final_bad_header_destiny = D_BOUNCE;/g" /etc/amavis/conf.d/49-docker-mailserver
fi
fi

View file

@ -0,0 +1,49 @@
load 'test_helper/common'
# Test case
# ---------
# When SPAMASSASSIN_SPAM_TO_INBOX=0, spam messages must be bounced.
function setup() {
run_setup_file_if_necessary
}
function teardown() {
run_teardown_file_if_necessary
}
function setup_file() {
docker run -d --name mail_spam_bounced \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test/test-files":/tmp/docker-mailserver-test:ro \
-e ENABLE_SPAMASSASSIN=1 \
-e SPAMASSASSIN_SPAM_TO_INBOX=0 \
-h mail.my-domain.com -t "${NAME}"
wait_for_finished_setup_in_container mail_spam_bounced
}
function teardown_file() {
docker rm -f mail_spam_bounced
}
@test "first" {
skip 'this test must come first to reliably identify when to run setup_file'
}
@test "checking amavis: spam message is bounced" {
run sh -c "docker logs mail_spam_bounced | grep 'Spam messages WILL NOT BE DELIVERED'"
assert_success
# send a spam message
run docker exec mail_spam_bounced /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/amavis-spam.txt"
assert_success
run repeat_until_success_or_timeout 20 sh -c "docker logs mail_spam_bounced | grep 'Blocked SPAM {NoBounceInbound,Quarantined}'"
assert_success
}
@test "last" {
skip 'this test is only there to reliably mark the end for the teardown_file'
}

View file

@ -0,0 +1,51 @@
load 'test_helper/common'
# Test case
# ---------
# When SPAMASSASSIN_SPAM_TO_INBOX=1, spam messages must be delivered and moved to the Junk folder.
function setup() {
run_setup_file_if_necessary
}
function teardown() {
run_teardown_file_if_necessary
}
function setup_file() {
docker run -d --name mail_spam_moved \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test/test-files":/tmp/docker-mailserver-test:ro \
-e ENABLE_SPAMASSASSIN=1 \
-e SPAMASSASSIN_SPAM_TO_INBOX=1 \
-e SA_SPAM_SUBJECT="SPAM: " \
-h mail.my-domain.com -t "${NAME}"
wait_for_finished_setup_in_container mail_spam_moved
}
function teardown_file() {
docker rm -f mail_spam_moved
}
@test "first" {
skip 'this test must come first to reliably identify when to run setup_file'
}
@test "checking amavis: spam message is delivered and moved to the Junk folder" {
# send a spam message
run docker exec mail_spam_moved /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/amavis-spam.txt"
assert_success
run repeat_until_success_or_timeout 20 sh -c "docker logs mail_spam_moved | grep 'Passed SPAM {RelayedTaggedInbound,Quarantined}'"
assert_success
# spam moved to Junk folder
run repeat_until_success_or_timeout 20 sh -c "docker exec mail_spam_moved sh -c 'grep \"Subject: SPAM: \" /var/mail/localhost.localdomain/user1/.Junk/new/ -R'"
assert_success
}
@test "last" {
skip 'this test is only there to reliably mark the end for the teardown_file'
}