From f16011a1384f27d13c56923f8ea6a5544cc3a035 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 15 Jul 2024 22:23:59 +0200 Subject: [PATCH] Remove reference to rspamd, rspamd is to become an app --- conf/dovecot/dovecot.conf | 12 --------- conf/postfix/main.cf | 2 +- conf/rspamd/dkim_signing.conf | 16 ------------ conf/rspamd/metrics.local.conf | 8 ------ conf/rspamd/redis.conf | 2 -- conf/rspamd/rspamd.sieve | 4 --- conf/yunohost/services.yml | 4 --- hooks/conf_regen/19-postfix | 3 --- hooks/conf_regen/31-rspamd | 46 ---------------------------------- locales/en.json | 3 --- share/config_global.toml | 6 ----- src/domain.py | 5 ++-- src/settings.py | 27 -------------------- 13 files changed, 3 insertions(+), 135 deletions(-) delete mode 100644 conf/rspamd/dkim_signing.conf delete mode 100644 conf/rspamd/metrics.local.conf delete mode 100644 conf/rspamd/redis.conf delete mode 100644 conf/rspamd/rspamd.sieve delete mode 100755 hooks/conf_regen/31-rspamd diff --git a/conf/dovecot/dovecot.conf b/conf/dovecot/dovecot.conf index 19d5ed7ee..810fcd4d2 100644 --- a/conf/dovecot/dovecot.conf +++ b/conf/dovecot/dovecot.conf @@ -141,18 +141,6 @@ plugin { sieve_before = /etc/dovecot/global_script/ } -plugin { - antispam_debug_target = syslog - antispam_verbose_debug = 0 - antispam_backend = pipe - antispam_spam_pattern_ignorecase = junk;spam - antispam_trash_pattern_ignorecase = trash;papierkorb;deleted messages - antispam_pipe_program = /usr/bin/rspamc - antispam_pipe_program_args = -h;localhost:11334;-P;q1 - antispam_pipe_program_spam_arg = learn_spam - antispam_pipe_program_notspam_arg = learn_ham -} - plugin { quota = maildir:User quota quota_rule2 = SPAM:ignore diff --git a/conf/postfix/main.cf b/conf/postfix/main.cf index 95b9bd833..f435fe243 100644 --- a/conf/postfix/main.cf +++ b/conf/postfix/main.cf @@ -184,7 +184,7 @@ smtp_reply_filter = pcre:/etc/postfix/smtp_reply_filter # Rmilter milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} milter_protocol = 6 -smtpd_milters = inet:localhost:8891 {% if rspamd_enabled == "true" %}inet:localhost:11332{% endif %} +smtpd_milters = inet:localhost:8891 non_smtpd_milters = inet:localhost:8891 # Skip email without checking if milter has died diff --git a/conf/rspamd/dkim_signing.conf b/conf/rspamd/dkim_signing.conf deleted file mode 100644 index 26718e021..000000000 --- a/conf/rspamd/dkim_signing.conf +++ /dev/null @@ -1,16 +0,0 @@ -allow_envfrom_empty = true; -allow_hdrfrom_mismatch = false; -allow_hdrfrom_multiple = false; -allow_username_mismatch = true; - -auth_only = true; -path = "/etc/dkim/$domain.$selector.key"; -selector = "mail"; -sign_local = true; -symbol = "DKIM_SIGNED"; -try_fallback = true; -use_domain = "header"; -use_esld = false; -use_redis = false; -key_prefix = "DKIM_KEYS"; - diff --git a/conf/rspamd/metrics.local.conf b/conf/rspamd/metrics.local.conf deleted file mode 100644 index 583280e70..000000000 --- a/conf/rspamd/metrics.local.conf +++ /dev/null @@ -1,8 +0,0 @@ -# Metrics settings -# This define overridden options. - -actions { - reject = 21; - add_header = 8; - greylist = 4; -} diff --git a/conf/rspamd/redis.conf b/conf/rspamd/redis.conf deleted file mode 100644 index 03152581e..000000000 --- a/conf/rspamd/redis.conf +++ /dev/null @@ -1,2 +0,0 @@ -# set redis server -servers = "127.0.0.1"; diff --git a/conf/rspamd/rspamd.sieve b/conf/rspamd/rspamd.sieve deleted file mode 100644 index 56a30c3c1..000000000 --- a/conf/rspamd/rspamd.sieve +++ /dev/null @@ -1,4 +0,0 @@ -require ["fileinto"]; -if header :is "X-Spam" "Yes" { - fileinto "Junk"; -} diff --git a/conf/yunohost/services.yml b/conf/yunohost/services.yml index 0357e251f..0f84687bc 100644 --- a/conf/yunohost/services.yml +++ b/conf/yunohost/services.yml @@ -38,10 +38,6 @@ postgresql: redis-server: log: /var/log/redis/redis-server.log category: database -rspamd: - log: /var/log/rspamd/rspamd.log - category: email - ignore_if_package_is_not_installed: rspamd slapd: category: database test_conf: slapd -Tt diff --git a/hooks/conf_regen/19-postfix b/hooks/conf_regen/19-postfix index cb1ca8cbf..694080302 100755 --- a/hooks/conf_regen/19-postfix +++ b/hooks/conf_regen/19-postfix @@ -24,9 +24,6 @@ do_pre_regen() { # Support different strategy for security configurations export compatibility="$(jq -r '.postfix_compatibility' <<< "$YNH_SETTINGS")" - dpkg --list | grep -q 'ii *rspamd ' && rspamd_enable=true || rspamd_enable=false - export rspamd_enable - # Add possibility to specify a relay # Could be useful with some isp with no 25 port open or more complex setup export relay_port="" diff --git a/hooks/conf_regen/31-rspamd b/hooks/conf_regen/31-rspamd deleted file mode 100755 index 1f29525ba..000000000 --- a/hooks/conf_regen/31-rspamd +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -set -e - -if ! dpkg --list | grep -q 'ii *rspamd ' -then - echo 'rspamd is not installed, skipping' - exit 0 -fi - -do_pre_regen() { - pending_dir=$1 - - cd /usr/share/yunohost/conf/rspamd - - install -D -m 644 metrics.local.conf \ - "${pending_dir}/etc/rspamd/local.d/metrics.conf" - install -D -m 644 rspamd.sieve \ - "${pending_dir}/etc/dovecot/global_script/rspamd.sieve" - install -D -m 644 redis.conf \ - "${pending_dir}/etc/rspamd/local.d/redis.conf" - - # Old conf file to be deleted - touch "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf" -} - -do_post_regen() { - - [ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd - - regen_conf_files=$1 - [ -z "$regen_conf_files" ] && exit 0 - - # compile sieve script - [[ "$regen_conf_files" =~ rspamd\.sieve ]] && { - sievec /etc/dovecot/global_script/rspamd.sieve - chown -R vmail:mail /etc/dovecot/global_script - systemctl restart dovecot - } - - # Restart rspamd due to the upgrade - # https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html - systemctl -q restart rspamd.service -} - -do_$1_regen ${@:2} diff --git a/locales/en.json b/locales/en.json index d703273a8..c05d81426 100644 --- a/locales/en.json +++ b/locales/en.json @@ -445,8 +445,6 @@ "global_settings_setting_passwordless_sudo": "Allow admins to use 'sudo' without re-typing their passwords", "global_settings_setting_pop3_enabled": "Enable POP3", "global_settings_setting_pop3_enabled_help": "Enable the POP3 protocol for the mail server. POP3 is an older protocol to access mailboxes from email clients and is more lightweight, but has less features than IMAP (enabled by default)", - "global_settings_setting_antispam_enabled": "Enable antispam", - "global_settings_setting_antispam_enabled_help": "Install and configure rspamd, a spam filtering system", "global_settings_setting_postfix_compatibility": "Postfix Compatibility", "global_settings_setting_postfix_compatibility_help": "Compatibility vs. security tradeoff for the Postfix server. Affects the ciphers (and other security-related aspects)", "global_settings_setting_root_access_explain": "On Linux systems, 'root' is the absolute admin. In YunoHost context, direct 'root' SSH login is by default disable - except from the local network of the server. Members of the 'admins' group can use the sudo command to act as root from the command line. However, it can be helpful to have a (robust) root password to debug the system if for some reason regular admins can not login anymore.", @@ -733,7 +731,6 @@ "service_description_postfix": "Used to send and receive e-mails", "service_description_postgresql": "Stores app data (SQL database)", "service_description_redis-server": "A specialized database used for rapid data access, task queue, and communication between programs", - "service_description_rspamd": "Analyzes incoming emails to check if they are likely to be spams", "service_description_slapd": "Stores users, domains and related info", "service_description_ssh": "Allows you to connect remotely to your server via a terminal (SSH protocol)", "service_description_yunohost-api": "Manages interactions between the YunoHost web interface and the system", diff --git a/share/config_global.toml b/share/config_global.toml index 4c56d0a35..701c444de 100644 --- a/share/config_global.toml +++ b/share/config_global.toml @@ -108,12 +108,6 @@ name = "Email" type = "boolean" default = false - [email.antispam] - name = "Antispam" - [email.antispam.antispam_enabled] - type = "boolean" - default = false - [email.smtp] name = "SMTP" [email.smtp.smtp_allow_ipv6] diff --git a/src/domain.py b/src/domain.py index ea6c63812..b6e78ba67 100644 --- a/src/domain.py +++ b/src/domain.py @@ -334,7 +334,6 @@ def domain_add( "nginx", "dnsmasq", "postfix", - "rspamd", "mdns", "dovecot", ] @@ -505,7 +504,7 @@ def domain_remove( f"/etc/nginx/conf.d/{domain}.conf", new_conf=None, save=True ) - regen_conf(names=["nginx", "dnsmasq", "postfix", "rspamd", "mdns"]) + regen_conf(names=["nginx", "dnsmasq", "postfix", "mdns"]) app_ssowatconf() hook_callback("post_domain_remove", args=[domain]) @@ -824,7 +823,7 @@ def _get_DomainConfigPanel(): stuff_to_regen_conf = set() if "mail_in" in next_settings or "mail_out" in next_settings: - stuff_to_regen_conf.update({"nginx", "postfix", "dovecot", "rspamd"}) + stuff_to_regen_conf.update({"nginx", "postfix", "dovecot"}) if stuff_to_regen_conf: regen_conf(names=list(stuff_to_regen_conf)) diff --git a/src/settings.py b/src/settings.py index 519842cf7..441b39d93 100644 --- a/src/settings.py +++ b/src/settings.py @@ -363,30 +363,3 @@ def reconfigure_dovecot(setting_name, old_value, new_value): regen_conf(names=["dovecot"]) command = ["apt-get", "-y", "remove", "dovecot-pop3d"] subprocess.call(command, env=environment) - - -@post_change_hook("antispam_enabled") -def reconfigure_rspamd(setting_name, old_value, new_value): - - environment = os.environ.copy() - environment.update({"DEBIAN_FRONTEND": "noninteractive"}) - - # Depending on how consistent the config panel is, it may spit 1 or True or ..? ... - if new_value: - command = [ - "apt-get", - "-y", - "--no-remove", - "-o Dpkg::Options::=--force-confdef", - "-o Dpkg::Options::=--force-confold", - "install", - "rspamd", - ] - subprocess.call(command, env=environment) - if old_value != new_value: - regen_conf(names=["rspamd"]) - else: - if old_value != new_value: - regen_conf(names=["rspamd"]) - command = ["apt-get", "-y", "remove", "rspamd"] - subprocess.call(command, env=environment)