spamassassin & cie

roles/mail/files/etc-amavis-conf.d-15-content_filter_mode

@@ -0,0 +1,27 @@
+use strict;
+
+# You can modify this file to re-enable SPAM checking through spamassassin
+# and to re-enable antivirus checking.
+
+#
+# Default antivirus checking mode
+# Please note, that anti-virus checking is DISABLED by
+# default.
+# If You wish to enable it, please uncomment the following lines:
+
+
+@bypass_virus_checks_maps = (
+   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
+
+
+#
+# Default SPAM checking mode
+# Please note, that anti-spam checking is DISABLED by
+# default.
+# If You wish to enable it, please uncomment the following lines:
+
+
+@bypass_spam_checks_maps = (
+   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
+
+1;  # ensure a defined return

roles/mail/files/etc-amavis-conf.d-50-user

@@ -0,0 +1,20 @@
+use strict;
+
+#
+# Place your configuration directives here.  They will override those in
+# earlier files.
+#
+# See /usr/share/doc/amavisd-new/ for documentation and examples of
+# the directives you can use in this file
+#
+
+$QUARANTINEDIR = '/var/spool/virusmails';              # Quarantine Directory
+$spam_quarantine_method = 'local:spam-%b-%i-%n'; # Filename in $QUARANTINEDIR
+$spam_quarantine_to = 'spam-quarantine';         # Put Spam in Quarantine Directory
+# $spam_quarantine_to = "admin\@$mydomain"; # Send Spam to Adminstrator
+# $spam_quarantine_to = undef;                   # Do nothing with Spam
+$final_spam_destiny = D_DISCARD;
+$spam_admin = "admin\@$mydomain";          # Where to send Notification
+
+#------------ Do not modify anything below this line -------------
+1;  # ensure a defined return

roles/mail/files/etc-default-spamassassin

@@ -0,0 +1,31 @@
+# Duncan Findlay
+
+# WARNING: please read README.spamd before using.
+# There may be security risks.
+
+# Change to one to enable spamd
+ENABLED=1
+
+# Options
+# See man spamd for possible options. The -d option is automatically added.
+
+# SpamAssassin uses a preforking model, so be careful! You need to
+# make sure --max-children is not set to anything higher than 5,
+# unless you know what you're doing.
+
+OPTIONS="--create-prefs --max-children 5 --helper-home-dir"
+
+# Pid file
+# Where should spamd write its PID to file? If you use the -u or
+# --username option above, this needs to be writable by that user.
+# Otherwise, the init script will not be able to shut spamd down.
+PIDFILE="/var/run/spamd.pid"
+
+# Set nice level of spamd
+#NICE="--nicelevel 15"
+
+# Cronjob
+# Set to anything but 0 to enable the cron job to automatically update
+# spamassassin's rules on a nightly basis
+CRON=1
+

roles/mail/handlers/main.yml

@@ -4,4 +4,16 @@
 
 - name: restart mysql
   service: name=mysql state=restarted
+
+- name: restart dovecot
+  service: name=dovecot state=restarted
+
+- name: restart postfix
+  service: name=postfix state=restarted
+
+- name: restart spamassassin
+  service: name=spamassassin state=restarted
+
+- name: restart postgrey
+  service: name=postgrey state=restarted
 # vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab:

roles/mail/tasks/main.yml

@@ -44,9 +44,11 @@
 
 - name: Copying file to directory previously created
   copy: src=etc-postfix-sasl-smtpd.conf dest=/etc/postfix/sasl/smtpd.conf
+  notify: restart postfix
 
 - name: adduser postfix sasl
   shell: adduser postfix sasl
+  notify: restart dovecot
 
 - name: Copy dovecot config files
   template: src=dovecot.conf.j2 dest=/etc/dovecot/ owner=root mode=655
@@ -93,4 +95,31 @@
 - name: Copy postfix config files
   template: src=root-postfix.sql.j2 dest=/etc/postfix/ owner=root mode=655
 
+- name: Create database for postfix
+  shell: mysql < /etc/postfix/postfix.sql
+
+- name: Config amavis
+  copy: src=etc-amavis-conf.d-15-content_filter_mode  dest=/etc/amavis/conf.d/15-content_filter_mode
+
+- name: Config amavis
+  copy: src=etc-amavis-conf.d-50-user  dest=/etc/amavis/conf.d/50-user
+
+- name: Virus repository
+  shell:  mkdir /var/spool/virusmails 
+
+- name: chown
+  shell: chown amavis:amavis /var/spool/virusmails
+
+- name: update SA
+  shell: sa-update -D
+
+- name: Config SA
+  copy: src=etc-default-spamassassin  dest=/etc/default/spamassassin
+  notify: restart spamassassin
+
+- name: Config Postgrey
+  template: src=etc-default-postgrey dest=/etc/default/postgrey
+  notify: restart postgrey
+
+
 # vim: set textwidth=0 ft=yaml ts=2 sw=2 expandtab:

roles/mail/templates/etc-default-postgrey.j2

@@ -0,0 +1,13 @@
+# postgrey startup options, created for Debian
+
+# you may want to set
+#   --delay=N   how long to greylist, seconds (default: 300)
+#   --max-age=N delete old entries after N days (default: 35)
+# see also the postgrey(8) manpage
+
+#POSTGREY_OPTS="--inet=10023"
+POSTGREY_OPTS="--inet=10023 --delay=300 --hostname=mail.{{ domain }} --auto-whitelist-clients"
+
+# the --greylist-text commandline argument can not be easily passed through
+# POSTGREY_OPTS when it contains spaces.  So, insert your text here:
+#POSTGREY_TEXT="Your customized rejection message here"

roles/mail/vars/main.yml

@@ -15,6 +15,7 @@ packages:
   - dovecot-core
   - dovecot-dbg
   - dovecot-gssapi
+  - postgrey
   - dovecot-imapd
   - dovecot-ldap
   - dovecot-lmtpd