7x31/mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mailcow dockerized

Browse Source
This commit is contained in:
andryyy
2016-12-09 20:39:02 +01:00
commit 5f04dc0b04
96 changed files with 10163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

220
data/conf/dovecot/dovecot.conf Normal file
View File

@@ -0,0 +1,220 @@
auth_mechanisms = plain login
#mail_debug = yes
log_path = /dev/stdout
disable_plaintext_auth = yes
# Uncomment on NFS share
#mmap_disable = yes
#mail_fsync = always
#mail_nfs_index = yes
#mail_nfs_storage = yes
login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k"
mail_home = /var/vmail/%d/%n
mail_location = maildir:~/
mail_plugins = quota acl
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
ssl_protocols = !SSLv3 !SSLv2
ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
# Automatically regenerates every week
ssl_dh_parameters_length = 2048
log_timestamp = "%Y-%m-%d %H:%M:%S "
recipient_delimiter = +
passdb {
args = /etc/dovecot/sql/dovecot-mysql.conf
driver = sql
}
namespace inbox {
inbox = yes
location =
separator = /
mailbox "Trash" {
auto = subscribe
special_use = \Trash
}
mailbox "Deleted Messages" {
special_use = \Trash
}
mailbox "Deleted Items" {
special_use = \Trash
}
mailbox "Gelöschte Objekte" {
special_use = \Trash
}
mailbox "Papierkorb" {
special_use = \Trash
}
mailbox "Itens Excluidos" {
special_use = \Trash
}
mailbox "Itens Excluídos" {
special_use = \Trash
}
mailbox "Lixeira" {
special_use = \Trash
}
mailbox "Prullenbak" {
special_use = \Trash
}
mailbox "Verwijderde items" {
special_use = \Trash
}
mailbox "Archive" {
auto = subscribe
special_use = \Archive
}
mailbox "Archiv" {
special_use = \Archive
}
mailbox "Archives" {
special_use = \Archive
}
mailbox "Arquivo" {
special_use = \Archive
}
mailbox "Arquivos" {
special_use = \Archive
}
mailbox "Archief" {
special_use = \Archive
}
mailbox "Sent" {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox "Sent Items" {
special_use = \Sent
}
mailbox "Gesendet" {
special_use = \Sent
}
mailbox "Gesendete Objekte" {
special_use = \Sent
}
mailbox "Itens Enviados" {
special_use = \Sent
}
mailbox "Enviados" {
special_use = \Sent
}
mailbox "Verzonden items" {
special_use = \Sent
}
mailbox "Verzonden" {
special_use = \Sent
}
mailbox "Drafts" {
auto = subscribe
special_use = \Drafts
}
mailbox "Entwürfe" {
special_use = \Drafts
}
mailbox "Rascunhos" {
special_use = \Drafts
}
mailbox "Concepten" {
special_use = \Drafts
}
mailbox "Junk" {
auto = subscribe
special_use = \Junk
}
mailbox "Junk E-mail" {
special_use = \Junk
}
mailbox "Spam" {
special_use = \Junk
}
mailbox "Lixo Eletrônico" {
special_use = \Junk
}
mailbox "Ongewenste e-mail" {
special_use = \Junk
}
prefix =
}
namespace {
type = shared
separator = /
prefix = Shared/%%u/
location = maildir:%%h/:INDEXPVT=~/Shared/%%u
subscriptions = no
list = yes
}
protocols = imap sieve lmtp pop3
service dict {
unix_listener dict {
mode = 0660
user = vmail
group = vmail
}
}
service auth {
inet_listener auth-inet {
port = 10001
}
unix_listener auth-master {
mode = 0600
user = vmail
}
unix_listener auth-userdb {
mode = 0600
user = vmail
}
user = root
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
service_count = 1
process_min_avail = 2
vsz_limit = 128M
}
service managesieve {
process_limit = 256
}
service lmtp {
inet_listener lmtp-inet {
port = 24
}
user = vmail
}
listen = *,[::]
ssl_cert = </etc/ssl/mail/mail.crt
ssl_key = </etc/ssl/mail/mail.key
userdb {
args = /etc/dovecot/sql/dovecot-mysql.conf
driver = sql
}
protocol imap {
mail_plugins = quota imap_quota imap_acl acl
}
protocol lmtp {
mail_plugins = quota sieve acl
auth_socket_path = /var/run/dovecot/auth-master
}
protocol sieve {
managesieve_logout_format = bytes=%i/%o
}
plugin {
acl_anyone = allow
acl_shared_dict = file:/var/vmail/shared-mailboxes.db
acl = vfile
quota = dict:Userquota::proxy::sqlquota
quota_rule2 = Trash:storage=+100%%
sieve = /var/vmail/sieve/%u.sieve
sieve_after = /var/vmail/sieve/global.sieve
sieve_max_script_size = 1M
sieve_quota_max_scripts = 0
sieve_quota_max_storage = 0
}
dict {
sqlquota = mysql:/etc/dovecot/sql/dovecot-dict-sql.conf
}
remote 127.0.0.1 {
disable_plaintext_auth = no
}
mail_max_userip_connections = 500

15
data/conf/dovecot/sql/dovecot-dict-sql.conf Normal file
View File

@@ -0,0 +1,15 @@
connect = "host=mysql dbname=mailcow user=mailcow password=mysafepasswd"
map {
pattern = priv/quota/storage
table = quota2
username_field = username
value_field = bytes
}
map {
pattern = priv/quota/messages
table = quota2
username_field = username
value_field = messages
}

6
data/conf/dovecot/sql/dovecot-mysql.conf Normal file
View File

@@ -0,0 +1,6 @@
driver = mysql
connect = "host=mysql dbname=mailcow user=mailcow password=mysafepasswd"
default_pass_scheme = SSHA256
password_query = SELECT password FROM mailbox WHERE username = '%u' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1')
user_query = SELECT CONCAT('maildir:/var/vmail/',maildir) AS mail, 5000 AS uid, 5000 AS gid, concat('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active = '1'
iterate_query = SELECT username FROM mailbox WHERE active='1';

13
data/conf/mysql/my.cnf Normal file
View File

@@ -0,0 +1,13 @@
[mysqld]
character-set-client-handshake = FALSE
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
innodb_file_per_table = TRUE
innodb_file_format = barracuda
innodb_large_prefix = TRUE
[client]
default-character-set = utf8mb4
[mysql]
default-character-set = utf8mb4

81
data/conf/nginx/site.conf Normal file
View File

@@ -0,0 +1,81 @@
server {
index index.php index.html;
server_name _;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /web;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass phpfpm:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location /rspamd/ {
proxy_pass http://rspamd:11334/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ^~ /Microsoft-Server-ActiveSync {
proxy_pass http://sogo/SOGo/Microsoft-Server-ActiveSync;
proxy_connect_timeout 1000;
proxy_next_upstream timeout error;
proxy_send_timeout 1000;
proxy_read_timeout 1000;
proxy_buffer_size 8k;
proxy_buffers 4 32k;
proxy_temp_file_write_size 64k;
proxy_busy_buffers_size 64k;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
proxy_set_header x-webobjects-remote-host $remote_addr;
proxy_set_header x-webobjects-server-name $server_name;
proxy_set_header x-webobjects-server-url $scheme://$host;
proxy_set_header x-webobjects-server-port $server_port;
client_body_buffer_size 128k;
client_max_body_size 100m;
}
location ^~ /SOGo {
proxy_pass http://sogo:20000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
proxy_set_header x-webobjects-remote-host $remote_addr;
proxy_set_header x-webobjects-server-name $server_name;
proxy_set_header x-webobjects-server-url $scheme://$host;
proxy_set_header x-webobjects-server-port $server_port;
#proxy_connect_timeout 90;
#proxy_send_timeout 90;
#proxy_read_timeout 90;
#proxy_buffer_size 4k;
#proxy_buffers 4 32k;
#proxy_busy_buffers_size 64k;
#proxy_temp_file_write_size 64k;
client_body_buffer_size 128k;
client_max_body_size 100m;
break;
}
location /SOGo.woa/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
allow all;
}
location /SOGo/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
allow all;
}
location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$ {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
}
}

89
data/conf/postfix/main.cf Normal file
View File

@@ -0,0 +1,89 @@
myhostname=mail.mailcow.de
biff = no
append_dot_mydomain = no
smtpd_tls_cert_file = /etc/ssl/mail/mail.crt
smtpd_tls_key_file = /etc/ssl/mail/mail.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myhostname=mail.mailcow.de
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.55.0.0/16
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
bounce_queue_lifetime = 1d
broken_sasl_auth_clients = yes
disable_vrfy_command = yes
maximal_backoff_time = 1800s
maximal_queue_lifetime = 1d
message_size_limit = 26214400
milter_default_action = accept
milter_protocol = 6
minimal_backoff_time = 300s
plaintext_reject_code = 550
postscreen_access_list = permit_mynetworks, cidr:/opt/postfix/conf/postscreen_access.cidr
postscreen_bare_newline_enable = no
postscreen_blacklist_action = drop
postscreen_cache_cleanup_interval = 24h
postscreen_cache_map = proxy:btree:$data_directory/postscreen_cache
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*7 dnsbl.inps.de=127.0.0.2*7 bl.mailspike.net=127.0.0.2*5 bl.mailspike.net=127.0.0.[10;11;12]*4 dnsbl.sorbs.net=127.0.0.10*8 dnsbl.sorbs.net=127.0.0.5*6 dnsbl.sorbs.net=127.0.0.7*3 dnsbl.sorbs.net=127.0.0.8*2 dnsbl.sorbs.net=127.0.0.6*2 dnsbl.sorbs.net=127.0.0.9*2 zen.spamhaus.org=127.0.0.[10;11]*8 zen.spamhaus.org=127.0.0.[4..7]*6 zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.4*1 hostkarma.junkemailfilter.com=127.0.1.2*1 wl.mailspike.net=127.0.0.[18;19;20]*-2 hostkarma.junkemailfilter.com=127.0.0.1*-2
postscreen_dnsbl_threshold = 8
postscreen_dnsbl_ttl = 5m
postscreen_greet_action = enforce
postscreen_greet_banner = $smtpd_banner
postscreen_greet_ttl = 2d
postscreen_greet_wait = 3s
postscreen_non_smtp_command_enable = no
postscreen_pipelining_enable = no
proxy_read_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_sender_acl.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_out_policy.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_in_policy.cf, $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
queue_run_delay = 300s
relay_domains = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_mxdomain_maps.cf
relay_recipient_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_relay_recipient_maps.cf
sender_dependent_default_transport_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_out_policy.cf
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_cert_file = /etc/ssl/mail/mail.crt
smtp_tls_key_file = /etc/ssl/mail/mail.key
smtp_tls_loglevel = 1
smtp_tls_security_level = may
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_delay_reject = yes
smtpd_error_sleep_time = 10s
smtpd_hard_error_limit = ${stress?1}${stress:5}
smtpd_helo_required = yes
smtpd_proxy_timeout = 600s
smtpd_recipient_restrictions = check_recipient_access proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_in_policy.cf, permit_sasl_authenticated, permit_mynetworks, reject_invalid_helo_hostname, reject_unknown_reverse_client_hostname, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = inet:dovecot:10001
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_sender_acl.cf
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated, reject_unlisted_sender, reject_unknown_sender_domain
smtpd_soft_error_limit = 3
smtpd_tls_auth_only = yes
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
smtpd_tls_eecdh_grade = strong
smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_security_level = may
tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
virtual_alias_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_spamalias_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_minimum_uid = 104
virtual_transport = lmtp:inet:dovecot:24
virtual_uid_maps = static:5000
smtpd_milters = inet:rmilter:9900
non_smtpd_milters = inet:rmilter:9900
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}

45
data/conf/postfix/master.cf Normal file
View File

@@ -0,0 +1,45 @@
smtp inet n - n - 1 postscreen
smtpd pass - - n - - smtpd
-o smtpd_helo_restrictions=permit_mynetworks,reject_non_fqdn_helo_hostname
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
submission inet n - n - - smtpd
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_enforce_tls=yes
-o smtpd_tls_security_level=encrypt
-o tls_preempt_cipherlist=yes
588 inet n - n - - smtpd
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o smtpd_tls_auth_only=no
smtp_enforced_tls unix - - n - - smtp
-o smtp_tls_security_level=encrypt
-o syslog_name=enforced-tls-smtp
-o smtp_delivery_status_filter=pcre:/opt/postfix/conf/smtp_dsn_filter
tlsproxy unix - - n - 0 tlsproxy
dnsblog unix - - n - 0 dnsblog
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe flags=DRhu
user=vmail argv=/usr/bin/maildrop -d ${recipient}

654
data/conf/postfix/postscreen_access.cidr Normal file
View File

@@ -0,0 +1,654 @@
# Generated by Postwhite v1.30 on Thu Dec 8 21:11:27 CET 2016
# https://github.com/stevejenkins/postwhite/
# 651 total rules
2a00:1450:4000::/36 permit
2a01:111:f400::/48 permit
2a04:35c0::/29 permit
2c0f:fb50:4000::/36 permit
5.135.24.0/24 permit
8.20.114.31 permit
8.25.194.0/23 permit
8.25.196.0/23 permit
12.130.86.238 permit
13.111.0.0/19 permit
17.36.0.0/16 permit
17.41.0.0/16 permit
17.110.0.0/15 permit
17.120.0.0/16 permit
17.133.0.0/16 permit
17.139.0.0/16 permit
17.142.0.0/15 permit
17.151.1.0/24 permit
17.158.0.0/15 permit
17.162.0.0/15 permit
17.164.0.0/16 permit
17.171.37.0/24 permit
17.172.0.0/16 permit
23.21.83.90 permit
23.23.237.213 permit
23.96.52.53 permit
23.100.122.175 permit
23.103.128.0/19 permit
23.103.131.7 permit
23.103.191.0/24 permit
23.103.198.0/23 permit
23.103.200.0/21 permit
23.103.208.0/21 permit
23.103.224.0/19 permit
23.253.182.0/24 permit
23.253.182.103 permit
23.253.183.0/24 permit
23.253.183.145 permit
23.253.183.146 permit
23.253.183.147 permit
23.253.183.148 permit
23.253.183.150 permit
27.126.146.0/24 permit
37.59.69.128/25 permit
37.59.249.0/24 permit
37.188.97.188/32 permit
40.92.0.0/14 permit
40.96.32.50 permit
40.97.113.34 permit
40.97.113.210 permit
40.97.153.146 permit
40.97.155.26 permit
40.97.156.114 permit
40.97.160.2 permit
40.97.164.146 permit
40.97.166.138 permit
40.97.170.154 permit
40.107.0.0/17 permit
40.107.128.0/18 permit
41.74.192.0/22 permit
41.74.196.0/22 permit
41.74.200.0/22 permit
41.74.201.0/24 permit
41.74.204.0/22 permit
41.74.205.0/24 permit
46.19.168.0/23 permit
50.18.45.249 permit
50.18.121.236 permit
50.18.121.248 permit
50.18.123.221 permit
50.18.124.70 permit
50.18.125.97 permit
50.18.125.237 permit
50.18.126.162 permit
50.22.164.201 permit
50.23.218.192/27 permit
50.31.32.0/19 permit
50.31.36.197 permit
50.31.36.199 permit
50.31.36.205 permit
50.31.36.208 permit
50.31.36.213 permit
50.31.60.1 permit
50.31.156.96/27 permit
50.207.218.237 permit
51.4.71.62 permit
52.0.20.102 permit
52.95.48.152/29 permit
52.95.49.88/29 permit
52.205.61.79 permit
54.172.97.247 permit
54.173.229.38 permit
54.214.39.184 permit
54.240.0.0/18 permit
54.241.16.209 permit
54.243.205.80 permit
54.244.242.0/24 permit
62.17.146.128/26 permit
63.80.14.0/23 permit
63.111.28.137 permit
63.128.21.0/24 permit
64.4.22.64/26 permit
64.18.0.0/20 permit
64.20.241.45 permit
64.34.47.128/27 permit
64.34.57.192/26 permit
64.79.155.0/24 permit
64.79.155.192 permit
64.127.115.252 permit
64.132.88.0/23 permit
64.132.92.0/24 permit
64.135.77.0/24 permit
64.135.83.0/24 permit
64.233.160.0/19 permit
65.39.215.0/24 permit
65.54.51.64/26 permit
65.54.61.64/26 permit
65.54.121.120/29 permit
65.54.121.124/31 permit
65.54.190.0/24 permit
65.54.241.0/24 permit
65.55.33.64/28 permit
65.55.34.0/24 permit
65.55.42.224/28 permit
65.55.52.224/27 permit
65.55.77.28 permit
65.55.78.128/25 permit
65.55.81.48/28 permit
65.55.81.54/31 permit
65.55.85.12 permit
65.55.88.0/24 permit
65.55.90.0/24 permit
65.55.94.0/25 permit
65.55.111.0/24 permit
65.55.113.64/26 permit
65.55.116.0/25 permit
65.55.126.0/25 permit
65.55.169.0/24 permit
65.55.174.0/25 permit
65.55.178.128/27 permit
65.55.234.192/26 permit
65.110.161.77 permit
65.212.180.36 permit
65.242.92.0/24 permit
65.242.92.15 permit
66.77.16.201/32 permit
66.102.0.0/20 permit
66.135.215.0/24 permit
66.135.222.1 permit
66.211.168.230/31 permit
66.211.184.0/23 permit
66.220.144.128/25 permit
66.220.155.0/24 permit
66.220.155.128/25 permit
66.220.157.0/25 permit
66.231.80.0/20 permit
66.249.80.0/20 permit
67.23.31.6 permit
67.72.99.26 permit
67.221.168.65 permit
67.228.2.24/30 permit
67.228.21.184/29 permit
67.228.37.4/30 permit
67.228.50.32/27 permit
67.228.50.54/31 permit
67.231.145.42 permit
67.231.153.30 permit
68.232.192.0/20 permit
69.63.178.128/25 permit
69.63.179.25 permit
69.63.184.0/25 permit
69.65.42.195 permit
69.65.49.192/29 permit
69.162.98.0/24 permit
69.171.232.0/24 permit
69.171.232.128/25 permit
69.171.244.0/24 permit
70.37.151.128/25 permit
70.42.149.35 permit
72.3.185.0/24 permit
72.3.237.64/28 permit
72.5.230.111/32 permit
72.14.192.0/18 permit
72.21.192.0/19 permit
72.21.212.0/25 permit
72.21.217.142/32 permit
72.32.154.0/24 permit
72.32.217.0/24 permit
72.32.243.0/24 permit
72.249.147.250/32 permit
74.63.63.115 permit
74.63.63.121 permit
74.63.194.126 permit
74.63.234.75 permit
74.63.236.0/24 permit
74.86.113.28/30 permit
74.86.129.240/30 permit
74.86.131.208/30 permit
74.86.132.208/30 permit
74.86.160.160/30 permit
74.86.164.188/30 permit
74.86.171.192/30 permit
74.86.195.28/30 permit
74.86.207.36/30 permit
74.86.226.216/30 permit
74.86.236.240/30 permit
74.86.241.250/31 permit
74.112.64.26 permit
74.112.67.243 permit
74.112.170.21/32 permit
74.125.0.0/16 permit
74.201.84.0/24 permit
74.201.152.59/32 permit
74.201.154.0/24 permit
74.201.155.25/32 permit
74.201.155.26/32 permit
74.201.155.27/32 permit
74.201.155.28/32 permit
74.201.155.79/32 permit
74.202.227.52/32 permit
74.208.4.192/26 permit
74.208.5.64/26 permit
74.208.122.0/26 permit
74.209.250.0/24 permit
74.209.250.84 permit
75.126.200.128/27 permit
75.126.253.0/24 permit
75.126.253.48 permit
80.231.25.0/24 permit
80.231.219.0/24 permit
81.223.46.0/27 permit
82.165.159.0/24 permit
85.222.130.192/26 permit
85.222.138.192/26 permit
86.61.88.25 permit
87.238.80.0/21 permit
87.253.232.0/21 permit
91.194.248.0/23 permit
91.198.22.0/24 permit
91.211.240.0/24 permit
91.211.242.0/24 permit
91.211.243.0/24 permit
91.220.42.0/24 permit
94.236.119.0/26 permit
94.245.112.0/27 permit
94.245.112.10/31 permit
94.245.120.64/26 permit
96.43.144.0/20 permit
96.43.144.64/28 permit
96.43.144.64/31 permit
96.43.147.64/28 permit
96.43.148.64/28 permit
96.43.148.64/31 permit
96.43.151.64/28 permit
96.43.152.64/27 permit
96.43.153.64/27 permit
96.46.150.192/27 permit
101.53.164.192/26 permit
103.11.200.0/22 permit
103.13.69.0/24 permit
103.28.42.0/24 permit
103.237.104.0/22 permit
104.40.211.35 permit
104.43.195.251 permit
104.47.0.0/17 permit
104.130.96.0/28 permit
104.130.122.0/23 permit
104.245.209.192/26 permit
106.50.16.0/28 permit
107.0.11.224/27 permit
108.174.0.0/24 permit
108.174.0.215 permit
108.174.3.0/24 permit
108.174.6.0/24 permit
108.175.18.45 permit
108.175.30.45 permit
108.177.8.0/21 permit
108.177.96.0/19 permit
111.221.23.128/25 permit
111.221.26.0/27 permit
111.221.66.0/25 permit
111.221.69.128/25 permit
111.221.112.0/21 permit
124.47.150.0/24 permit
124.47.189.0/24 permit
129.41.77.70 permit
129.41.169.249 permit
131.107.0.0/16 permit
131.107.1.18 permit
131.107.1.19 permit
131.107.1.20 permit
131.107.1.37 permit
131.107.1.44 permit
131.107.1.48 permit
131.107.1.56 permit
131.253.30.0/24 permit
131.253.121.20 permit
134.170.113.0/26 permit
134.170.140.0/24 permit
134.170.141.64/26 permit
134.170.143.0/24 permit
134.170.174.0/24 permit
136.146.128.64/27 permit
136.146.208.16/28 permit
136.146.210.16/28 permit
136.147.46.192/26 permit
136.147.62.192/26 permit
136.147.128.0/20 permit
136.147.176.0/20 permit
146.88.28.0/24 permit
146.101.78.0/24 permit
147.243.1.47 permit
147.243.1.48 permit
147.243.1.153 permit
147.243.128.24 permit
147.243.128.26 permit
151.101.37.140 permit
157.55.0.192/26 permit
157.55.1.128/26 permit
157.55.2.0/25 permit
157.55.9.128/25 permit
157.55.11.0/25 permit
157.55.49.0/25 permit
157.55.61.0/24 permit
157.55.157.128/25 permit
157.55.158.0/23 permit
157.55.225.0/25 permit
157.55.234.0/24 permit
157.56.24.0/25 permit
157.56.110.0/23 permit
157.56.112.0/24 permit
157.56.120.128/26 permit
157.56.172.28 permit
157.56.232.0/21 permit
157.56.240.0/20 permit
157.56.248.0/21 permit
157.151.208.65 permit
162.88.4.0/24 permit
162.88.36.0/24 permit
162.248.185.121 permit
163.47.180.0/22 permit
165.254.167.152/30 permit
165.254.167.156/31 permit
165.254.167.162/31 permit
165.254.168.66/31 permit
165.254.168.68/31 permit
165.254.168.70/31 permit
165.254.168.72/31 permit
166.78.68.0/22 permit
166.78.68.221 permit
166.78.69.146 permit
166.78.69.169 permit
166.78.69.170 permit
166.78.71.131 permit
167.89.0.0/17 permit
167.89.16.30 permit
167.89.16.183 permit
167.89.16.245 permit
167.89.25.84 permit
167.89.32.5 permit
167.89.32.50 permit
167.89.46.159 permit
167.89.46.185 permit
167.89.60.95 permit
167.89.62.118 permit
167.89.64.9 permit
167.89.65.0 permit
167.89.65.53 permit
167.89.65.100 permit
167.89.74.233 permit
167.89.75.33 permit
167.89.75.126 permit
167.89.75.136 permit
167.89.75.164 permit
167.89.101.2 permit
167.89.101.192/28 permit
167.220.67.238 permit
172.217.0.0/19 permit
173.0.84.224/28 permit
173.0.94.244/30 permit
173.193.132.0/23 permit
173.193.132.134/31 permit
173.193.210.32/27 permit
173.194.0.0/16 permit
173.203.79.182 permit
173.203.81.39 permit
173.224.160.128/25 permit
173.224.161.128/25 permit
173.228.155.0/24 permit
174.36.80.208/28 permit
174.36.84.8/29 permit
174.36.84.16/29 permit
174.36.84.32/29 permit
174.36.84.144/29 permit
174.36.84.240/29 permit
174.36.85.248/30 permit
174.36.92.96/27 permit
174.36.114.128/30 permit
174.36.114.140/30 permit
174.36.114.148/30 permit
174.36.114.152/29 permit
174.37.67.28/30 permit
174.37.226.64/27 permit
174.129.194.241 permit
174.129.203.189 permit
174.137.46.0/24 permit
176.32.105.0/24 permit
176.32.127.0/24 permit
178.32.48.128 permit
178.33.111.144 permit
178.33.137.208/28 permit
178.33.221.0/24 permit
178.236.10.128/26 permit
178.249.98.16/29 permit
178.249.202.16/29 permit
180.189.28.0/24 permit
182.50.76.0/22 permit
182.50.78.64/28 permit
184.173.105.0/24 permit
184.173.153.0/24 permit
185.4.120.0/24 permit
185.4.122.0/24 permit
185.12.80.0/22 permit
185.28.196.0/22 permit
185.90.20.0/22 permit
188.172.128.0/20 permit
191.239.213.197 permit
192.28.128.0/18 permit
192.30.252.0/22 permit
192.64.236.0/24 permit
192.64.237.0/24 permit
192.64.238.0/24 permit
192.161.144.0/20 permit
192.230.81.86 permit
192.237.158.0/23 permit
192.237.159.42 permit
192.237.159.43 permit
192.254.112.0/20 permit
192.254.112.60 permit
192.254.112.98/31 permit
192.254.113.10 permit
192.254.113.101 permit
192.254.114.176 permit
192.254.115.72 permit
192.254.118.63 permit
193.28.178.0/25 permit
194.64.234.128/27 permit
194.64.234.129 permit
194.154.193.192/27 permit
195.54.172.0/23 permit
195.130.217.0/24 permit
198.2.128.0/18 permit
198.2.128.0/24 permit
198.2.132.0/22 permit
198.2.136.0/23 permit
198.2.177.0/24 permit
198.2.178.0/24 permit
198.2.179.0/24 permit
198.2.180.0/24 permit
198.2.186.0/23 permit
198.21.0.0/21 permit
198.21.3.166 permit
198.21.4.224 permit
198.37.144.0/20 permit
198.37.145.250 permit
198.37.149.128 permit
198.37.151.26 permit
198.61.254.0/23 permit
198.61.254.231 permit
198.178.234.57 permit
198.245.80.0/20 permit
199.15.176.173 permit
199.15.212.0/22 permit
199.15.214.169/32 permit
199.16.156.0/22 permit
199.19.0.0/21 permit
199.59.148.0/22 permit
199.83.132.86 permit
199.101.161.130 permit
199.101.162.0/25 permit
199.122.120.0/21 permit
199.127.232.0/22 permit
199.187.117.209 permit
199.187.117.233 permit
199.187.117.234/31 permit
199.187.117.236/31 permit
199.187.118.201 permit
199.187.118.202/31 permit
199.187.118.204 permit
199.187.118.209 permit
199.201.64.23 permit
199.201.65.23 permit
199.255.192.0/22 permit
202.129.242.0/23 permit
202.177.148.100 permit
202.177.148.110 permit
203.32.4.25 permit
203.55.21.0/24 permit
203.62.195.0/24 permit
203.81.17.0/24 permit
203.122.32.250 permit
203.145.57.160/27 permit
204.13.11.48/29 permit
204.13.11.48/30 permit
204.13.248.0/22 permit
204.14.232.0/21 permit
204.14.232.64/28 permit
204.14.234.64/28 permit
204.14.238.0/27 permit
204.29.186.0/23 permit
204.75.142.0/24 permit
204.92.114.187 permit
204.92.114.203 permit
204.92.114.204/31 permit
204.153.121.0/24 permit
205.139.110.0/23 permit
205.201.128.0/20 permit
205.201.131.128/25 permit
205.201.132.14 permit
205.201.134.128/25 permit
205.201.136.0/23 permit
205.201.137.229 permit
205.201.139.0/24 permit
205.201.140.14 permit
205.207.104.0/22 permit
205.217.25.132 permit
205.217.25.135 permit
205.251.233.32/32 permit
205.251.233.36/32 permit
206.25.247.143 permit
206.25.247.155 permit
206.165.246.80/29 permit
206.191.224.0/19 permit
206.246.157.1 permit
207.46.4.128/25 permit
207.46.22.35 permit
207.46.22.98 permit
207.46.22.101 permit
207.46.50.72 permit
207.46.50.82 permit
207.46.50.192/26 permit
207.46.50.224 permit
207.46.51.64/26 permit
207.46.52.71 permit
207.46.52.79 permit
207.46.58.128/25 permit
207.46.100.0/24 permit
207.46.101.128/26 permit
207.46.116.128/29 permit
207.46.117.0/24 permit
207.46.132.128/27 permit
207.46.163.0/24 permit
207.46.198.0/25 permit
207.46.200.0/27 permit
207.67.38.0/24 permit
207.67.98.192/27 permit
207.68.176.0/26 permit
207.68.176.96/27 permit
207.82.80.0/24 permit
207.126.144.0/20 permit
207.171.160.0/19 permit
207.211.30.0/24 permit
207.211.31.0/25 permit
207.211.41.113 permit
207.218.90.0/24 permit
207.250.68.0/24 permit
208.40.232.70 permit
208.43.21.28/30 permit
208.43.21.64/29 permit
208.43.21.72/30 permit
208.43.239.136/30 permit
208.64.132.0/22 permit
208.66.139.0/25 permit
208.74.204.0/22 permit
208.74.204.9 permit
208.75.120.0/22 permit
208.75.122.246 permit
208.76.56.0/21 permit
208.78.68.0/22 permit
208.82.236.96/28 permit
208.82.237.96/28 permit
208.82.238.96/28 permit
208.85.50.137 permit
208.89.13.233 permit
208.89.13.234/31 permit
208.89.13.236/31 permit
208.89.14.201 permit
208.89.14.202/31 permit
208.89.14.204 permit
208.89.14.209 permit
208.117.48.0/20 permit
208.185.229.45 permit
208.201.241.163 permit
209.43.22.0/28 permit
209.46.117.168 permit
209.46.117.179 permit
209.61.151.0/24 permit
209.67.98.46 permit
209.67.98.59 permit
209.85.128.0/17 permit
212.4.136.0/26 permit
212.123.28.40/32 permit
212.227.15.0/24 permit
212.227.17.0/27 permit
212.227.126.128/25 permit
213.165.64.0/23 permit
213.167.75.0/24 permit
213.167.81.0/24 permit
213.199.128.139 permit
213.199.128.145 permit
213.199.138.181 permit
213.199.138.191 permit
213.199.154.0/24 permit
213.199.161.128/27 permit
213.199.177.0/26 permit
213.199.180.0/24 permit
216.17.150.242 permit
216.17.150.251 permit
216.32.180.0/23 permit
216.46.168.197 permit
216.46.168.222 permit
216.58.192.0/19 permit
216.99.5.67 permit
216.99.5.68 permit
216.113.160.0/24 permit
216.113.172.0/25 permit
216.113.175.0/24 permit
216.136.162.65 permit
216.136.162.120/29 permit
216.136.168.80/28 permit
216.146.32.0/20 permit
216.198.0.0/18 permit
216.203.30.55 permit
216.203.33.178/31 permit
216.205.24.0/24 permit
216.229.156.0/25 permit
216.239.32.0/19 permit
217.72.207.0/27 permit
217.77.141.52 permit
217.77.141.59 permit
217.175.193.0/24 permit
217.175.194.0/23 permit
217.175.196.0/24 permit
2001:4860:4000::/36 permit
2404:6800:4000::/36 permit
2607:f8b0:4000::/36 permit
2620:109:c003:104::/64 permit
2620:109:c006:104::/64 permit
2620:109:c00d:104::/64 permit
2620:119:50c0:207::/64 permit
2800:3f0:4000::/36 permit

6
data/conf/postfix/smtp_dsn_filter Normal file
View File

@@ -0,0 +1,6 @@
/^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/
5$1
/^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/
5$1
/^4.7.5(.*)/
5.7.5$1

5
data/conf/postfix/sql/mysql_relay_recipient_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT DISTINCT CASE WHEN '%d' IN (SELECT domain FROM domain WHERE relay_all_recipients=1 AND domain='%d' AND backupmx=1) THEN '%s' ELSE (SELECT goto FROM alias WHERE address='%s' AND active='1') END AS result;

5
data/conf/postfix/sql/mysql_tls_enforce_in_policy.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT IF( EXISTS( SELECT 'TLS_ACTIVE' FROM alias LEFT OUTER JOIN mailbox ON mailbox.username = alias.address WHERE (address='%s' OR address IN (SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain='%d')) AND mailbox.tls_enforce_in = '1' AND mailbox.active = '1'), 'reject_plaintext_session', 'DUNNO') AS 'tls_enforce_in';

5
data/conf/postfix/sql/mysql_tls_enforce_out_policy.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT IF( EXISTS( SELECT 'TLS_ACTIVE' FROM alias LEFT OUTER JOIN mailbox ON mailbox.username = alias.address WHERE (address='%s' OR address IN (SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain='%d')) AND mailbox.tls_enforce_out = '1' AND mailbox.active = '1'), 'smtp_enforced_tls:', 'DUNNO') AS 'tls_enforce_out';

6
data/conf/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf Normal file
View File

@@ -0,0 +1,6 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

5
data/conf/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'

5
data/conf/postfix/sql/mysql_virtual_alias_domain_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'

5
data/conf/postfix/sql/mysql_virtual_alias_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT goto FROM alias WHERE address='%s' AND active='1';

5
data/conf/postfix/sql/mysql_virtual_domains_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT alias_domain from alias_domain WHERE alias_domain='%s' AND active='1' UNION SELECT domain FROM domain WHERE domain='%s' AND active = '1' AND backupmx = '0'

5
data/conf/postfix/sql/mysql_virtual_mailbox_limit_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT quota FROM mailbox WHERE username='%s' AND active = '1'

5
data/conf/postfix/sql/mysql_virtual_mailbox_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'

5
data/conf/postfix/sql/mysql_virtual_mxdomain_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '1' AND active = '1'

5
data/conf/postfix/sql/mysql_virtual_sender_acl.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT goto FROM alias WHERE address='%s' AND active='1' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1') UNION SELECT logged_in_as FROM sender_acl WHERE send_as='@%d' OR send_as='%s' AND logged_in_as NOT IN (SELECT goto FROM alias WHERE address='%s') UNION SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' AND alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active ='1' AND alias_domain.active='1'

5
data/conf/postfix/sql/mysql_virtual_spamalias_maps.cf Normal file
View File

@@ -0,0 +1,5 @@
user = mailcow
password = mysafepasswd
hosts = mysql
dbname = mailcow
query = SELECT goto FROM spamalias WHERE address='%s' AND validity >= UNIX_TIMESTAMP()

42
data/conf/rmilter/rmilter.conf Normal file
View File

@@ -0,0 +1,42 @@
bind_socket = inet:9900;
spamd {
servers = r:rspamd:11333;
connect_timeout = 1s;
results_timeout = 20s;
error_time = 10;
dead_time = 300;
maxerrors = 10;
reject_message = "Spam or virus message rejected due to high detection score";
whitelist = 127.0.0.1/32, [::1]/128;
spamd_soft_fail = yes;
rspamd_metric = "default";
extended_spam_headers = yes;
spam_header = "X-Spam-Flag";
spam_header_value = "YES";
};
redis {
servers_grey = redis:6379;
servers_limits = redis:6379;
servers_id = redis:6379;
id_prefix = "message_id.";
grey_prefix = "grey.";
white_prefix = "white.";
connect_timeout = 1s;
error_time = 10;
dead_time = 300;
maxerrors = 10;
};
tempdir = /tmp;
tempfiles_mode = 00600;
max_size = 20M;
strict_auth = yes;
use_dcc = no;
limits {
enable = false;
};
greylisting {
enable = false;
}
dkim {
enable = false;
};

19
data/conf/rspamd/local.d/dkim.conf Normal file
View File

@@ -0,0 +1,19 @@
sign_condition =<<EOD
return function(task)
local from = task:get_from('smtp')
if from and from[1]['addr'] then
lastAtSymbol = from[1]['addr']:find("[^%@]+$")
local domain = from[1]['addr']:sub(lastAtSymbol, #from[1]['addr'])
local keyfile = io.open("/etc/rspamd/dkim/keys/" .. domain .. ".default")
if keyfile then
keyfile:close()
return {
key = "/etc/rspamd/dkim/keys/" .. domain .. ".default",
domain = domain,
selector = "default"
}
end
end
return false
end
EOD;

14
data/conf/rspamd/local.d/metrics.conf Normal file
View File

@@ -0,0 +1,14 @@
symbol "MAILCOW_AUTH" {
description = "mailcow authenticated";
score = -20.0;
}
group "bayes" {
symbol "BAYES_SPAM" {
weight = 7.5;
description = "Message probably spam, probability: ";
}
symbol "BAYES_HAM" {
weight = -2.5;
description = "Message probably ham, probability: ";
}
}

1
data/conf/rspamd/local.d/redis.conf Normal file
View File

@@ -0,0 +1 @@
servers = "redis:6379";

59
data/conf/rspamd/local.d/statistic.conf Normal file
View File

@@ -0,0 +1,59 @@
classifier "bayes" {
tokenizer {
name = "osb";
}
backend = "redis";
servers = "redis:6379";
min_tokens = 11;
min_learns = 200;
autolearn = true;
per_user = <<EOD
return function(task)
local rcpt = task:get_recipients(1)
if rcpt then
one_rcpt = rcpt[1]
if one_rcpt['domain'] then
return one_rcpt['domain']
end
end
return nil
end
EOD
statfile {
symbol = "BAYES_HAM";
spam = false;
}
statfile {
symbol = "BAYES_SPAM";
spam = true;
}
learn_condition =<<EOD
return function(task, is_spam, is_unlearn)
local prob = task:get_mempool():get_variable('bayes_prob', 'double')
if prob then
local in_class = false
local cl
if is_spam then
cl = 'spam'
in_class = prob >= 0.95
else
cl = 'ham'
in_class = prob <= 0.05
end
if in_class then
return false,string.format('already in class %s; probability %.2f%%',
cl, math.abs((prob - 0.5) * 200.0))
end
end
return true
end
EOD
}

9
data/conf/rspamd/lua/rspamd.local.lua Normal file
View File

@@ -0,0 +1,9 @@
rspamd_config.MAILCOW_AUTH = {
callback = function(task)
local uname = task:get_user()
if uname then
return 1
end
end
}

3
data/conf/rspamd/override.d/logging.inc Normal file
View File

@@ -0,0 +1,3 @@
type = "console";
systemd = false;
.include "$CONFDIR/logging.inc"

2
data/conf/rspamd/override.d/worker-controller.inc Normal file
View File

@@ -0,0 +1,2 @@
bind_socket = "*:11334";
enable_password ="$2$ibe1yt89kq5rtb9juy8z7cmkt1yg5d9w$bezuyyo8o4kge13rzj8epasdf6ojsgo1jgojce8msbt5bsq9n3dy";

1
data/conf/rspamd/override.d/worker-normal.inc Normal file
View File

@@ -0,0 +1 @@
bind_socket = "*:11333";

93
data/conf/sogo/sogo.conf Normal file
View File

@@ -0,0 +1,93 @@
{
// START
// WILL BE UPDATED AUTOMATICALLY WHEN RUNNING build_sogo.sh SRIPT
OCSEMailAlarmsFolderURL = "mysql://mailcow:mysafepasswd@mysql:3306/mailcow/sogo_alarms_folder";
OCSFolderInfoURL = "mysql://mailcow:mysafepasswd@mysql:3306/mailcow/sogo_folder_info";
OCSSessionsFolderURL = "mysql://mailcow:mysafepasswd@mysql:3306/mailcow/sogo_sessions_folder";
SOGoProfileURL = "mysql://mailcow:mysafepasswd@mysql:3306/mailcow/sogo_user_profile";
WOWorkersCount = "20";
SOGoMemcachedHost = "memcached:11211";
SOGoUserSources =
(
{
type = sql;
id = directory;
viewURL = "mysql://mailcow:mysafepasswd@mysql:3306/mailcow/sogo_view";
canAuthenticate = YES;
isAddressBook = YES;
MailFieldNames = (aliases, ad_aliases, senderacl);
displayName = "Domain";
userPasswordAlgorithm = SSHA256;
}
);
// END
SOGoCalendarDefaultRoles = (
PublicViewer,
ConfidentialDAndTViewer,
PrivateDAndTViewer
);
SOGoACLsSendEMailNotifications = YES;
SOGoAppointmentSendEMailNotifications = YES;
SOGoDraftsFolderName = "Drafts";
SOGoJunkFolderName= "Junk";
SOGoMailDomain = "sogo.local";
SOGoEnableEMailAlarms = YES;
SOGoFoldersSendEMailNotifications = YES;
SOGoForwardEnabled = YES;
SOGoIMAPServer = "imap://dovecot:143/?tls=YES";
SOGoSieveServer = "sieve://dovecot:4190/?tls=YES";
// Can be used by SOGo as DOCKER_SUBNET is in mynetworks, TLS auth. is disabled here
SOGoSMTPServer = "postfix:588";
// Binds to DOCKER_SUBNET IP, do not change to 127./localhost, port is not exposed
WOPort = "0.0.0.0:20000";
SOGoLanguage = English;
SOGoMailAuxiliaryUserAccountsEnabled = YES;
SOGoMailCustomFromEnabled = YES;
SOGoMailingMechanism = smtp;
SOGoSMTPAuthenticationType = plain;
SxVMemLimit = 512;
SOGoMaximumPingInterval = 354;
SOGoInternalSyncInterval = 30;
SOGoMaximumSyncInterval = 354;
SOGoMaximumSyncWindowSize = 0;
SOGoMaximumSyncResponseSize = 1024;
MySQL4Encoding = "utf8mb4";
WOWatchDogRequestTimeout = 10;
WOListenQueueSize = 300;
WONoDetach = YES;
WOPort = "0.0.0.0:20000";
SOGoIMAPAclConformsToIMAPExt = Yes;
SOGoPageTitle = "SOGo Moo";
SOGoFirstDayOfWeek = "1";
SOGoSieveFolderEncoding = "UTF-8";
SOGoPasswordChangeEnabled = NO;
SOGoSentFolderName = "Sent";
SOGoMailShowSubscribedFoldersOnly = NO;
NGImap4ConnectionStringSeparator = "/";
SOGoSieveScriptsEnabled = YES;
SOGoTimeZone = "Europe/Berlin";
SOGoTrashFolderName = "Trash";
SOGoVacationEnabled = YES;
//SOGoDebugRequests = YES;
//SoDebugBaseURL = YES;
//ImapDebugEnabled = YES;
//SOGoEASDebugEnabled = YES;
//LDAPDebugEnabled = YES;
//PGDebugEnabled = YES;
//MySQL4DebugEnabled = YES;
//SOGoUIxDebugEnabled = YES;
//WODontZipResponse = YES;
WOLogFile = -;
}