mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
BREAKING CHANGES: (#432)
* Removed DISABLE_AMAVIS * Renamed DISABLE_* to ENABLE_* with 0 as default value. (this must be explicit) * Added missing tests for ENABLE_* * Improved readme and docker-compose example Should fix #256 and #386
This commit is contained in:
parent
ae9eaae68e
commit
df752280e0
36
Makefile
36
Makefile
|
@ -22,6 +22,8 @@ run:
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-v "`pwd`/test/onedir":/var/mail-state \
|
-v "`pwd`/test/onedir":/var/mail-state \
|
||||||
|
-e ENABLE_CLAMAV=1 \
|
||||||
|
-e ENABLE_SPAMASSASSIN=1 \
|
||||||
-e SA_TAG=1.0 \
|
-e SA_TAG=1.0 \
|
||||||
-e SA_TAG2=2.0 \
|
-e SA_TAG2=2.0 \
|
||||||
-e SA_KILL=3.0 \
|
-e SA_KILL=3.0 \
|
||||||
|
@ -31,7 +33,7 @@ run:
|
||||||
-e PERMIT_DOCKER=host \
|
-e PERMIT_DOCKER=host \
|
||||||
-e DMS_DEBUG=0 \
|
-e DMS_DEBUG=0 \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 20
|
sleep 15
|
||||||
docker run -d --name mail_pop3 \
|
docker run -d --name mail_pop3 \
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
|
@ -40,40 +42,35 @@ run:
|
||||||
-e DMS_DEBUG=1 \
|
-e DMS_DEBUG=1 \
|
||||||
-e SSL_TYPE=letsencrypt \
|
-e SSL_TYPE=letsencrypt \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 20
|
sleep 15
|
||||||
docker run -d --name mail_smtponly \
|
docker run -d --name mail_smtponly \
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e SMTP_ONLY=1 \
|
-e SMTP_ONLY=1 \
|
||||||
-e PERMIT_DOCKER=network\
|
-e PERMIT_DOCKER=network\
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 20
|
sleep 15
|
||||||
docker run -d --name mail_fail2ban \
|
docker run -d --name mail_fail2ban \
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e ENABLE_FAIL2BAN=1 \
|
-e ENABLE_FAIL2BAN=1 \
|
||||||
--cap-add=NET_ADMIN \
|
--cap-add=NET_ADMIN \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 20
|
sleep 15
|
||||||
docker run -d --name mail_fetchmail \
|
docker run -d --name mail_fetchmail \
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e ENABLE_FETCHMAIL=1 \
|
-e ENABLE_FETCHMAIL=1 \
|
||||||
--cap-add=NET_ADMIN \
|
--cap-add=NET_ADMIN \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 20
|
sleep 15
|
||||||
docker run -d --name mail_disabled_amavis \
|
docker run -d --name mail_disabled_clamav_spamassassin \
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
-e DISABLE_AMAVIS=1 \
|
-e ENABLE_CLAMAV=0 \
|
||||||
|
-e ENABLE_SPAMASSASSIN=0 \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 20
|
sleep 15
|
||||||
docker run -d --name mail_disabled_clamav \
|
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
|
||||||
-e DISABLE_CLAMAV=1 \
|
|
||||||
-h mail.my-domain.com -t $(NAME)
|
|
||||||
sleep 20
|
|
||||||
docker run -d --name mail_manual_ssl \
|
docker run -d --name mail_manual_ssl \
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
|
@ -81,11 +78,11 @@ run:
|
||||||
-e SSL_CERT_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/fullchain.pem \
|
-e SSL_CERT_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/fullchain.pem \
|
||||||
-e SSL_KEY_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/privkey.pem \
|
-e SSL_KEY_PATH=/tmp/docker-mailserver/letsencrypt/mail.my-domain.com/privkey.pem \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
sleep 20
|
sleep 15
|
||||||
docker run -d --name ldap_for_mail \
|
docker run -d --name ldap_for_mail \
|
||||||
-e LDAP_DOMAIN="localhost.localdomain" \
|
-e LDAP_DOMAIN="localhost.localdomain" \
|
||||||
-h mail.my-domain.com -t ldap
|
-h mail.my-domain.com -t ldap
|
||||||
sleep 20
|
sleep 15
|
||||||
docker run -d --name mail_with_ldap \
|
docker run -d --name mail_with_ldap \
|
||||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||||
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
-v "`pwd`/test":/tmp/docker-mailserver-test \
|
||||||
|
@ -103,7 +100,7 @@ run:
|
||||||
--link ldap_for_mail:ldap \
|
--link ldap_for_mail:ldap \
|
||||||
-h mail.my-domain.com -t $(NAME)
|
-h mail.my-domain.com -t $(NAME)
|
||||||
# Wait for containers to fully start
|
# Wait for containers to fully start
|
||||||
sleep 20
|
sleep 15
|
||||||
|
|
||||||
fixtures:
|
fixtures:
|
||||||
cp config/postfix-accounts.cf config/postfix-accounts.cf.bak
|
cp config/postfix-accounts.cf config/postfix-accounts.cf.bak
|
||||||
|
@ -123,7 +120,7 @@ fixtures:
|
||||||
docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-catchall-local.txt"
|
docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-catchall-local.txt"
|
||||||
docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/sieve-spam-folder.txt"
|
docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/sieve-spam-folder.txt"
|
||||||
docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/non-existing-user.txt"
|
docker exec mail /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/non-existing-user.txt"
|
||||||
docker exec mail_disabled_clamav /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user.txt"
|
docker exec mail_disabled_clamav_spamassassin /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/existing-user.txt"
|
||||||
# Wait for mails to be analyzed
|
# Wait for mails to be analyzed
|
||||||
sleep 10
|
sleep 10
|
||||||
|
|
||||||
|
@ -140,8 +137,7 @@ clean:
|
||||||
mail_fail2ban \
|
mail_fail2ban \
|
||||||
mail_fetchmail \
|
mail_fetchmail \
|
||||||
fail-auth-mailer \
|
fail-auth-mailer \
|
||||||
mail_disabled_amavis \
|
mail_disabled_clamav_spamassassin \
|
||||||
mail_disabled_clamav \
|
|
||||||
mail_manual_ssl \
|
mail_manual_ssl \
|
||||||
ldap_for_mail \
|
ldap_for_mail \
|
||||||
mail_with_ldap
|
mail_with_ldap
|
||||||
|
|
75
README.md
75
README.md
|
@ -20,6 +20,7 @@ Includes:
|
||||||
- fetchmail
|
- fetchmail
|
||||||
- basic [sieve support](https://github.com/tomav/docker-mailserver/wiki/Configure-Sieve-filters) using dovecot
|
- basic [sieve support](https://github.com/tomav/docker-mailserver/wiki/Configure-Sieve-filters) using dovecot
|
||||||
- [LetsEncrypt](https://letsencrypt.org/) and self-signed certificates
|
- [LetsEncrypt](https://letsencrypt.org/) and self-signed certificates
|
||||||
|
- persistent data and state (but think about backups!)
|
||||||
- [integration tests](https://travis-ci.org/tomav/docker-mailserver)
|
- [integration tests](https://travis-ci.org/tomav/docker-mailserver)
|
||||||
- [automated builds on docker hub](https://hub.docker.com/r/tvial/docker-mailserver/)
|
- [automated builds on docker hub](https://hub.docker.com/r/tvial/docker-mailserver/)
|
||||||
|
|
||||||
|
@ -42,23 +43,33 @@ version: '2'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
mail:
|
mail:
|
||||||
image: tvial/docker-mailserver:latest
|
image: tvial/docker-mailserver:v2.1
|
||||||
# build: .
|
|
||||||
hostname: mail
|
hostname: mail
|
||||||
domainname: domain.com
|
domainname: domain.com
|
||||||
container_name: mail
|
container_name: mail
|
||||||
ports:
|
ports:
|
||||||
- "25:25"
|
- "25:25"
|
||||||
- "143:143"
|
- "143:143"
|
||||||
- "587:587"
|
- "587:587"
|
||||||
- "993:993"
|
- "993:993"
|
||||||
volumes:
|
volumes:
|
||||||
- maildata:/var/mail
|
- maildata:/var/mail
|
||||||
- ./config/:/tmp/docker-mailserver/
|
- mailstate:/var/mail-state
|
||||||
|
- ./config/:/tmp/docker-mailserver/
|
||||||
|
environment:
|
||||||
|
- ENABLE_SPAMASSASSIN=1
|
||||||
|
- ENABLE_CLAMAV=1
|
||||||
|
- ENABLE_FAIL2BAN=1
|
||||||
|
- ONE_DIR=1
|
||||||
|
- DMS_DEBUG=0
|
||||||
|
cap_add:
|
||||||
|
- NET_ADMIN
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
maildata:
|
maildata:
|
||||||
driver: local
|
driver: local
|
||||||
|
mailstate:
|
||||||
|
driver: local
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Create your mail accounts
|
#### Create your mail accounts
|
||||||
|
@ -95,9 +106,37 @@ Value in **bold** is the default value.
|
||||||
|
|
||||||
##### DMS_DEBUG
|
##### DMS_DEBUG
|
||||||
|
|
||||||
- **empty** (0) => Debug disabled
|
- **0** => Debug disabled
|
||||||
- 1 => Enables debug on startup
|
- 1 => Enables debug on startup
|
||||||
|
|
||||||
|
#### ENABLE_CLAMAV
|
||||||
|
|
||||||
|
- **0** => Clamav is disabled
|
||||||
|
- 1 => Clamav is enabled
|
||||||
|
|
||||||
|
#### ENABLE_SPAMASSASSIN
|
||||||
|
|
||||||
|
- **0** => Spamassassin is disabled
|
||||||
|
- 1 => Spamassassin is enabled
|
||||||
|
|
||||||
|
##### SA_TAG
|
||||||
|
|
||||||
|
- **2.0** => add spam info headers if at, or above that level
|
||||||
|
|
||||||
|
Note: this spamassassin setting needs `ENABLE_SPAMASSASSIN=1`
|
||||||
|
|
||||||
|
##### SA_TAG2
|
||||||
|
|
||||||
|
- **6.31** => add 'spam detected' headers at that level
|
||||||
|
|
||||||
|
Note: this spamassassin setting needs `ENABLE_SPAMASSASSIN=1`
|
||||||
|
|
||||||
|
##### SA_KILL
|
||||||
|
|
||||||
|
- **6.31** => triggers spam evasive actions
|
||||||
|
|
||||||
|
Note: this spamassassin setting needs `ENABLE_SPAMASSASSIN=1`
|
||||||
|
|
||||||
##### ENABLE_POP3
|
##### ENABLE_POP3
|
||||||
|
|
||||||
- **empty** => POP3 service disabled
|
- **empty** => POP3 service disabled
|
||||||
|
@ -105,7 +144,7 @@ Value in **bold** is the default value.
|
||||||
|
|
||||||
##### ENABLE_FAIL2BAN
|
##### ENABLE_FAIL2BAN
|
||||||
|
|
||||||
- **empty** => fail2ban service disabled
|
- **0** => fail2ban service disabled
|
||||||
- 1 => Enables fail2ban service
|
- 1 => Enables fail2ban service
|
||||||
|
|
||||||
If you enable Fail2Ban, don't forget to add the following lines to your `docker-compose.yml`:
|
If you enable Fail2Ban, don't forget to add the following lines to your `docker-compose.yml`:
|
||||||
|
@ -121,7 +160,7 @@ Otherwise, `iptables` won't be able to ban IPs.
|
||||||
- 1 => Enables Managesieve on port 4190
|
- 1 => Enables Managesieve on port 4190
|
||||||
|
|
||||||
##### ENABLE_FETCHMAIL
|
##### ENABLE_FETCHMAIL
|
||||||
- **empty** => `fetchmail` disabled
|
- **0** => `fetchmail` disabled
|
||||||
- 1 => `fetchmail` enabled
|
- 1 => `fetchmail` enabled
|
||||||
|
|
||||||
##### ENABLE_LDAP
|
##### ENABLE_LDAP
|
||||||
|
@ -158,21 +197,9 @@ Otherwise, `iptables` won't be able to ban IPs.
|
||||||
- **empty** => postmaster@domain.com
|
- **empty** => postmaster@domain.com
|
||||||
- => Specify the postmaster address
|
- => Specify the postmaster address
|
||||||
|
|
||||||
##### SA_TAG
|
|
||||||
|
|
||||||
- **2.0** => add spam info headers if at, or above that level
|
|
||||||
|
|
||||||
##### SA_TAG2
|
|
||||||
|
|
||||||
- **6.31** => add 'spam detected' headers at that level
|
|
||||||
|
|
||||||
##### SA_KILL
|
|
||||||
|
|
||||||
- **6.31** => triggers spam evasive actions
|
|
||||||
|
|
||||||
##### ENABLE_SASLAUTHD
|
##### ENABLE_SASLAUTHD
|
||||||
|
|
||||||
- **empty** => `saslauthd` is disabled
|
- **0** => `saslauthd` is disabled
|
||||||
- 1 => `saslauthd` is enabled
|
- 1 => `saslauthd` is enabled
|
||||||
|
|
||||||
##### SASLAUTHD_MECHANISMS
|
##### SASLAUTHD_MECHANISMS
|
||||||
|
|
|
@ -2,7 +2,7 @@ version: '2'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
mail:
|
mail:
|
||||||
image: tvial/docker-mailserver:v2
|
image: tvial/docker-mailserver:v2.1
|
||||||
hostname: mail
|
hostname: mail
|
||||||
domainname: domain.com
|
domainname: domain.com
|
||||||
container_name: mail
|
container_name: mail
|
||||||
|
@ -13,12 +13,19 @@ services:
|
||||||
- "993:993"
|
- "993:993"
|
||||||
volumes:
|
volumes:
|
||||||
- maildata:/var/mail
|
- maildata:/var/mail
|
||||||
|
- mailstate:/var/mail-state
|
||||||
- ./config/:/tmp/docker-mailserver/
|
- ./config/:/tmp/docker-mailserver/
|
||||||
environment:
|
environment:
|
||||||
|
- ENABLE_SPAMASSASSIN=1
|
||||||
|
- ENABLE_CLAMAV=1
|
||||||
- ENABLE_FAIL2BAN=1
|
- ENABLE_FAIL2BAN=1
|
||||||
|
- ONE_DIR=1
|
||||||
|
- DMS_DEBUG=0
|
||||||
cap_add:
|
cap_add:
|
||||||
- NET_ADMIN
|
- NET_ADMIN
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
maildata:
|
maildata:
|
||||||
driver: local
|
driver: local
|
||||||
|
mailstate:
|
||||||
|
driver: local
|
||||||
|
|
|
@ -7,6 +7,13 @@
|
||||||
# Example: DEFAULT_VARS["KEY"]="VALUE"
|
# Example: DEFAULT_VARS["KEY"]="VALUE"
|
||||||
##########################################################################
|
##########################################################################
|
||||||
declare -A DEFAULT_VARS
|
declare -A DEFAULT_VARS
|
||||||
|
DEFAULT_VARS["ENABLE_CLAMAV"]="${ENABLE_CLAMAV:="0"}"
|
||||||
|
DEFAULT_VARS["ENABLE_SPAMASSASSIN"]="${ENABLE_SPAMASSASSIN:="0"}"
|
||||||
|
DEFAULT_VARS["ENABLE_FAIL2BAN"]="${ENABLE_FAIL2BAN:="0"}"
|
||||||
|
DEFAULT_VARS["ENABLE_MANAGESIEVE"]="${ENABLE_MANAGESIEVE:="0"}"
|
||||||
|
DEFAULT_VARS["ENABLE_FETCHMAIL"]="${ENABLE_FETCHMAIL:="0"}"
|
||||||
|
DEFAULT_VARS["ENABLE_LDAP"]="${ENABLE_LDAP:="0"}"
|
||||||
|
DEFAULT_VARS["ENABLE_SASLAUTHD"]="${ENABLE_SASLAUTHD:="0"}"
|
||||||
DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
|
DEFAULT_VARS["VIRUSMAILS_DELETE_DELAY"]="${VIRUSMAILS_DELETE_DELAY:="7"}"
|
||||||
DEFAULT_VARS["DMS_DEBUG"]="${DMS_DEBUG:="0"}"
|
DEFAULT_VARS["DMS_DEBUG"]="${DMS_DEBUG:="0"}"
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
@ -127,13 +134,11 @@ function register_functions() {
|
||||||
_register_start_daemon "_start_daemons_fetchmail"
|
_register_start_daemon "_start_daemons_fetchmail"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! [ "$DISABLE_CLAMAV" = 1 ]; then
|
if [ "$ENABLE_CLAMAV" = 1 ]; then
|
||||||
_register_start_daemon "_start_daemons_clamav"
|
_register_start_daemon "_start_daemons_clamav"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! [ "$DISABLE_AMAVIS" = 1 ]; then
|
_register_start_daemon "_start_daemons_amavis"
|
||||||
_register_start_daemon "_start_daemons_amavis"
|
|
||||||
fi
|
|
||||||
################### << daemon funcs
|
################### << daemon funcs
|
||||||
}
|
}
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
@ -738,25 +743,35 @@ function _setup_postfix_relay_amazon_ses() {
|
||||||
function _setup_security_stack() {
|
function _setup_security_stack() {
|
||||||
notify 'task' "Setting up Security Stack"
|
notify 'task' "Setting up Security Stack"
|
||||||
|
|
||||||
notify 'inf' "Configuring Spamassassin"
|
# recreate auto-generated file
|
||||||
SA_TAG=${SA_TAG:="2.0"} && sed -i -r 's/^\$sa_tag_level_deflt (.*);/\$sa_tag_level_deflt = '$SA_TAG';/g' /etc/amavis/conf.d/20-debian_defaults
|
dms_amavis_file="/etc/amavis/conf.d/51-dms_auto_generated"
|
||||||
SA_TAG2=${SA_TAG2:="6.31"} && sed -i -r 's/^\$sa_tag2_level_deflt (.*);/\$sa_tag2_level_deflt = '$SA_TAG2';/g' /etc/amavis/conf.d/20-debian_defaults
|
echo "# WARNING: this file is auto-generated." > $dms_amavis_file
|
||||||
SA_KILL=${SA_KILL:="6.31"} && sed -i -r 's/^\$sa_kill_level_deflt (.*);/\$sa_kill_level_deflt = '$SA_KILL';/g' /etc/amavis/conf.d/20-debian_defaults
|
echo "use strict;" >> $dms_amavis_file
|
||||||
test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/
|
|
||||||
|
|
||||||
if [ "$DISABLE_CLAMAV" = 1 ]; then
|
# Spamassassin
|
||||||
notify 'inf' "Disabling clamav"
|
if [ "$ENABLE_SPAMASSASSIN" = 0 ]; then
|
||||||
cat > /etc/amavis/conf.d/50-user-security <<- EOM
|
notify 'warn' "Spamassassin is disabled. You can enable it with 'ENABLE_SPAMASSASSIN=1'"
|
||||||
use strict;
|
echo "@bypass_spam_checks_maps = (1);" >> $dms_amavis_file
|
||||||
@bypass_virus_checks_maps = ();
|
elif [ "$ENABLE_SPAMASSASSIN" = 1 ]; then
|
||||||
$undecipherable_subject_tag = undef;
|
notify 'inf' "Enabling and configuring spamassassin"
|
||||||
1;
|
SA_TAG=${SA_TAG:="2.0"} && sed -i -r 's/^\$sa_tag_level_deflt (.*);/\$sa_tag_level_deflt = '$SA_TAG';/g' /etc/amavis/conf.d/20-debian_defaults
|
||||||
EOM
|
SA_TAG2=${SA_TAG2:="6.31"} && sed -i -r 's/^\$sa_tag2_level_deflt (.*);/\$sa_tag2_level_deflt = '$SA_TAG2';/g' /etc/amavis/conf.d/20-debian_defaults
|
||||||
else
|
SA_KILL=${SA_KILL:="6.31"} && sed -i -r 's/^\$sa_kill_level_deflt (.*);/\$sa_kill_level_deflt = '$SA_KILL';/g' /etc/amavis/conf.d/20-debian_defaults
|
||||||
notify 'inf' "Enabling clamav"
|
test -e /tmp/docker-mailserver/spamassassin-rules.cf && cp /tmp/docker-mailserver/spamassassin-rules.cf /etc/spamassassin/
|
||||||
echo "" > /etc/amavis/conf.d/50-user-security
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Clamav
|
||||||
|
if [ "$ENABLE_CLAMAV" = 0 ]; then
|
||||||
|
notify 'warn' "Clamav is disabled. You can enable it with 'ENABLE_CLAMAV=1'"
|
||||||
|
echo "@bypass_virus_checks_maps = (1);" >> $dms_amavis_file
|
||||||
|
elif [ "$ENABLE_CLAMAV" = 1 ]; then
|
||||||
|
notify 'inf' "Enabling clamav"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "1; # ensure a defined return" >> $dms_amavis_file
|
||||||
|
|
||||||
|
|
||||||
|
# Fail2ban
|
||||||
if [ "$ENABLE_FAIL2BAN" = 1 ]; then
|
if [ "$ENABLE_FAIL2BAN" = 1 ]; then
|
||||||
notify 'inf' "Fail2ban enabled"
|
notify 'inf' "Fail2ban enabled"
|
||||||
test -e /tmp/docker-mailserver/fail2ban-jail.cf && cp /tmp/docker-mailserver/fail2ban-jail.cf /etc/fail2ban/jail.local
|
test -e /tmp/docker-mailserver/fail2ban-jail.cf && cp /tmp/docker-mailserver/fail2ban-jail.cf /etc/fail2ban/jail.local
|
||||||
|
|
|
@ -56,13 +56,8 @@
|
||||||
[ "$status" -eq 0 ]
|
[ "$status" -eq 0 ]
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "checking process: amavis (amavis disabled by DISABLE_AMAVIS)" {
|
@test "checking process: clamav (clamav disabled by ENABLED_CLAMAV=0)" {
|
||||||
run docker exec mail_disabled_amavis /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/amavisd-new'"
|
run docker exec mail_disabled_clamav_spamassassin /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'"
|
||||||
[ "$status" -eq 1 ]
|
|
||||||
}
|
|
||||||
|
|
||||||
@test "checking process: clamav (clamav disabled by DISABLE_CLAMAV)" {
|
|
||||||
run docker exec mail_disabled_clamav /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/clamd'"
|
|
||||||
[ "$status" -eq 1 ]
|
[ "$status" -eq 1 ]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -274,6 +269,16 @@
|
||||||
# spamassassin
|
# spamassassin
|
||||||
#
|
#
|
||||||
|
|
||||||
|
@test "checking spamassassin: should be listed in amavis when enabled" {
|
||||||
|
run docker exec mail /bin/sh -c "grep -i 'ANTI-SPAM-SA code' /var/log/mail/mail.log | grep 'NOT loaded'"
|
||||||
|
[ "$status" -eq 1 ]
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "checking spamassassin: should not be listed in amavis when disabled" {
|
||||||
|
run docker exec mail_disabled_clamav_spamassassin /bin/sh -c "grep -i 'ANTI-SPAM-SA code' /var/log/mail/mail.log | grep 'NOT loaded'"
|
||||||
|
[ "$status" -eq 0 ]
|
||||||
|
}
|
||||||
|
|
||||||
@test "checking spamassassin: docker env variables are set correctly (default)" {
|
@test "checking spamassassin: docker env variables are set correctly (default)" {
|
||||||
run docker exec mail_pop3 /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'"
|
run docker exec mail_pop3 /bin/sh -c "grep '\$sa_tag_level_deflt' /etc/amavis/conf.d/20-debian_defaults | grep '= 2.0'"
|
||||||
[ "$status" -eq 0 ]
|
[ "$status" -eq 0 ]
|
||||||
|
@ -302,12 +307,12 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "checking clamav: should not be listed in amavis when disabled" {
|
@test "checking clamav: should not be listed in amavis when disabled" {
|
||||||
run docker exec mail_disabled_clamav grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log
|
run docker exec mail_disabled_clamav_spamassassin grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log
|
||||||
[ "$status" -eq 1 ]
|
[ "$status" -eq 1 ]
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "checking clamav: should not be called when disabled" {
|
@test "checking clamav: should not be called when disabled" {
|
||||||
run docker exec mail_disabled_clamav grep -i 'connect to /var/run/clamav/clamd.ctl failed' /var/log/mail/mail.log
|
run docker exec mail_disabled_clamav_spamassassin grep -i 'connect to /var/run/clamav/clamd.ctl failed' /var/log/mail/mail.log
|
||||||
[ "$status" -eq 1 ]
|
[ "$status" -eq 1 ]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue