diff --git a/defaults/main.yml b/defaults/main.yml index e6aabd7..3474923 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -87,3 +87,13 @@ postfix_config: virtual_mailbox_limit_maps: proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf virtual_mailbox_maps: proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_uid_maps: static:5000 + +disclaimers_folder: /etc/mail/disclaimers +database_username: mail_processor +mailprocessor_database_userpass: "" +mailprocessor_database_server: 127.0.0.1 +mailprocessor_database_server_port: 3306 +mailprocessor_database_socket_file: /var/run/mysqld/mysqld.sock # If this is set, port is not needed +mailprocessor_log_file: /var/log/mail_processor.log +default_text_disclaimer_file: /etc/main/default_text_disclaimer +default_html_disclaimer_file: /etc/main/default_html_disclaimer diff --git a/tasks/configure_disclaimer.yml b/tasks/configure_disclaimer.yml index 2fc6727..ac0c3e7 100644 --- a/tasks/configure_disclaimer.yml +++ b/tasks/configure_disclaimer.yml @@ -41,12 +41,46 @@ - name: Ensure filter user can write disclaimer log file: - path: /var/log/mail_processor.log + path: "{{ mailprocessor_log_file }}" owner: filter group: postfix mode: 0660 state: touch +- name: Ensure default text disclaimer file exist + file: + path: "{{ default_text_disclaimer_file }}" + state: touch + when: + - default_text_disclaimer_file is defined + - default_text_disclaimer_file != '' + +- name: Ensure default html disclaimer file exist + file: + path: "{{ default_html_disclaimer_file }}" + state: touch + when: + - default_html_disclaimer_file is defined + - default_html_disclaimer_file != '' + +- name: Ensure disclaimers folder exists + file: + path: "{{ disclaimers_folder }}" + state: directory + owner: filter + group: postfix + when: + - disclaimers_folder is defined + - disclaimers_folder != '' + +- name: Ensure mail processor configuration exists + template: + src: mail_processor.conf.j2 + dest: /etc/postfix/mail_processor.conf + owner: filter + group: postfix + backup: true + - name: Compress stored incoming messages labeler logs shell: find /var/spool/filter/ -maxdepth 1 -type f -iname in.\*.log -exec bzip2 -z9 {} \; diff --git a/templates/mail_processor.conf.j2 b/templates/mail_processor.conf.j2 new file mode 100644 index 0000000..e6c260e --- /dev/null +++ b/templates/mail_processor.conf.j2 @@ -0,0 +1,9 @@ +disclaimers_folder={{ disclaimers_folder }} +database_username={{ mailprocessor_database_username }} +database_userpass={{ mailprocessor_database_password }} +database_server={{ mailprocessor_database_server }} +database_server_port={{ mailprocessor_database_server_port }} +database_socket_file={{ mailprocessor_database_socket_file }} +default_text_disclaimer_file={{ default_text_disclaimer_file }} +default_html_disclaimer_file={{ default_html_disclaimer_file }} +log_file={{ mailprocessor_log_file }} diff --git a/templates/master.cf.j2 b/templates/master.cf.j2 index 2eff692..24f0eb2 100644 --- a/templates/master.cf.j2 +++ b/templates/master.cf.j2 @@ -12,21 +12,21 @@ # ========================================================================== # SMTP: Port 25 smtp inet n - y - - smtpd - -o content_filter=filter: + -o content_filter=filter_smtp: # Submission: Port 587 submission inet n - y - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING - -o content_filter=filter: + -o content_filter=filter_submission: # SMTPS: Port 465 smtps inet n - y - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING - -o content_filter=filter: + -o content_filter=filter_smtps: #628 inet n - y - - qmqpd pickup unix n - y 60 1 pickup cleanup unix n - y - 0 cleanup @@ -42,7 +42,7 @@ flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - y - - smtp - -o content_filter=filter: + -o content_filter=filter_smtp: # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - y - - smtp -o smtp_fallback_relay= @@ -54,7 +54,7 @@ discard unix - - y - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - y - - lmtp - -o content_filter=filter: + -o content_filter=filter_lmtp: anvil unix - - y - 1 anvil scache unix - - y - 1 scache # @@ -133,8 +133,14 @@ amavis unix y y y - 2 smtp -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -filter unix - n n - - pipe - flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -f ${sender} -r ${recipient} +filter_smtp unix - n n - - pipe + flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -t smtp -f ${sender} -r ${recipient} --config /etc/postfix/mail_processor.conf +filter_submission unix - n n - - pipe + flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -t submission -f ${sender} -r ${recipient} --config /etc/postfix/mail_processor.conf +filter_smtps unix - n n - - pipe + flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -t smtps -f ${sender} -r ${recipient} --config /etc/postfix/mail_processor.conf +filter_lmtp + flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -t lmtp -f ${sender} -r ${recipient} --config /etc/postfix/mail_processor.conf # flags=Rq user=filter argv=/etc/postfix/scripts/disclaimer.sh -f ${sender} -- ${recipient} policy-spf unix - n n - - spawn user=nobody argv=/usr/bin/policyd-spf