Add mail processor as filter

defaults/main.yml

@@ -87,3 +87,13 @@ postfix_config:
   virtual_mailbox_limit_maps: proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
   virtual_mailbox_maps: proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
   virtual_uid_maps: static:5000
+
+disclaimers_folder: /etc/mail/disclaimers
+database_username: mail_processor
+mailprocessor_database_userpass: ""
+mailprocessor_database_server: 127.0.0.1
+mailprocessor_database_server_port: 3306
+mailprocessor_database_socket_file: /var/run/mysqld/mysqld.sock # If this is set, port is not needed
+mailprocessor_log_file: /var/log/mail_processor.log
+default_text_disclaimer_file: /etc/main/default_text_disclaimer
+default_html_disclaimer_file: /etc/main/default_html_disclaimer

tasks/configure_disclaimer.yml

@@ -41,12 +41,46 @@
 
 - name: Ensure filter user can write disclaimer log
   file:
-    path: /var/log/mail_processor.log
+    path: "{{ mailprocessor_log_file }}"
     owner: filter
     group: postfix
     mode: 0660
     state: touch
 
+- name: Ensure default text disclaimer file exist
+  file:
+    path: "{{ default_text_disclaimer_file }}"
+    state: touch
+  when:
+    - default_text_disclaimer_file is defined
+    - default_text_disclaimer_file != ''
+
+- name: Ensure default html disclaimer file exist
+  file:
+    path: "{{ default_html_disclaimer_file }}"
+    state: touch
+  when:
+    - default_html_disclaimer_file is defined
+    - default_html_disclaimer_file != ''
+
+- name: Ensure disclaimers folder exists
+  file:
+    path: "{{ disclaimers_folder }}"
+    state: directory
+    owner: filter
+    group: postfix
+  when:
+    - disclaimers_folder is defined
+    - disclaimers_folder != ''
+
+- name: Ensure mail processor configuration exists
+  template:
+    src: mail_processor.conf.j2
+    dest: /etc/postfix/mail_processor.conf
+    owner: filter
+    group: postfix
+    backup: true
+
 - name: Compress stored incoming messages labeler logs
   shell: find /var/spool/filter/ -maxdepth 1 -type f -iname in.\*.log -exec bzip2 -z9 {} \;
 

templates/mail_processor.conf.j2

@@ -0,0 +1,9 @@
+disclaimers_folder={{ disclaimers_folder }}
+database_username={{ mailprocessor_database_username }}
+database_userpass={{ mailprocessor_database_password }}
+database_server={{ mailprocessor_database_server }}
+database_server_port={{ mailprocessor_database_server_port }}
+database_socket_file={{ mailprocessor_database_socket_file }}
+default_text_disclaimer_file={{ default_text_disclaimer_file }}
+default_html_disclaimer_file={{ default_html_disclaimer_file }}
+log_file={{ mailprocessor_log_file }}

templates/master.cf.j2

@@ -12,21 +12,21 @@
 # ==========================================================================
 # SMTP: Port 25
 smtp      inet  n       -       y       -       -       smtpd
-  -o content_filter=filter:
+  -o content_filter=filter_smtp:
 # Submission: Port 587
 submission inet n       -       y       -       -       smtpd
   -o smtpd_tls_security_level=encrypt
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
   -o milter_macro_daemon_name=ORIGINATING
-  -o content_filter=filter:
+  -o content_filter=filter_submission:
 # SMTPS: Port 465
 smtps     inet  n       -       y       -       -       smtpd
   -o smtpd_tls_wrappermode=yes
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
   -o milter_macro_daemon_name=ORIGINATING
-  -o content_filter=filter:
+  -o content_filter=filter_smtps:
 #628       inet  n       -       y       -       -       qmqpd
 pickup    unix  n       -       y       60      1       pickup
 cleanup   unix  n       -       y       -       0       cleanup
@@ -42,7 +42,7 @@ flush     unix  n       -       y       1000?   0       flush
 proxymap  unix  -       -       n       -       -       proxymap
 proxywrite unix -       -       n       -       1       proxymap
 smtp      unix  -       -       y       -       -       smtp
-  -o content_filter=filter:
+  -o content_filter=filter_smtp:
 # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
 relay     unix  -       -       y       -       -       smtp
         -o smtp_fallback_relay=
@@ -54,7 +54,7 @@ discard   unix  -       -       y       -       -       discard
 local     unix  -       n       n       -       -       local
 virtual   unix  -       n       n       -       -       virtual
 lmtp      unix  -       -       y       -       -       lmtp
-  -o content_filter=filter:
+  -o content_filter=filter_lmtp:
 anvil     unix  -       -       y       -       1       anvil
 scache    unix  -       -       y       -       1       scache
 #
@@ -133,8 +133,14 @@ amavis unix y y y - 2 smtp
         -o mynetworks=127.0.0.0/8
         -o strict_rfc821_envelopes=yes
         -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-filter     unix    -       n       n       -       -       pipe
-  flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -f ${sender} -r ${recipient}
+filter_smtp     unix    -       n       n       -       -       pipe
+  flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -t smtp -f ${sender} -r ${recipient} --config /etc/postfix/mail_processor.conf
+filter_submission     unix    -       n       n       -       -       pipe
+  flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -t submission -f ${sender} -r ${recipient} --config /etc/postfix/mail_processor.conf
+filter_smtps     unix    -       n       n       -       -       pipe
+  flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -t smtps -f ${sender} -r ${recipient} --config /etc/postfix/mail_processor.conf
+filter_lmtp
+  flags=Rq user=filter argv=/usr/local/bin/mail_processor.py -t lmtp -f ${sender} -r ${recipient} --config /etc/postfix/mail_processor.conf
 #  flags=Rq user=filter argv=/etc/postfix/scripts/disclaimer.sh -f ${sender} -- ${recipient}
 policy-spf  unix  -       n       n       -       -       spawn
        user=nobody argv=/usr/bin/policyd-spf