smartmachine 1.2.2 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (64) hide show
  1. checksums.yaml +4 -4
  2. data/lib/smart_machine/buildpackers/buildpacker.rb +0 -42
  3. data/lib/smart_machine/buildpackers/rails.rb +60 -0
  4. data/lib/smart_machine/commands/grid.rb +8 -0
  5. data/lib/smart_machine/commands/grid_commands/emailer.rb +107 -0
  6. data/lib/smart_machine/commands/grid_commands/roundcube.rb +65 -0
  7. data/lib/smart_machine/configuration.rb +35 -2
  8. data/lib/smart_machine/credentials.rb +10 -0
  9. data/lib/smart_machine/engine.rb +6 -0
  10. data/lib/smart_machine/grids/adminer.rb +1 -0
  11. data/lib/smart_machine/grids/certbot.rb +1 -0
  12. data/lib/smart_machine/grids/emailer/.keep +0 -0
  13. data/lib/smart_machine/grids/emailer.rb +188 -0
  14. data/lib/smart_machine/grids/haproxy.rb +1 -0
  15. data/lib/smart_machine/grids/mariadb.rb +1 -0
  16. data/lib/smart_machine/grids/postgresql.rb +1 -0
  17. data/lib/smart_machine/grids/roundcube.rb +114 -0
  18. data/lib/smart_machine/machine.rb +49 -0
  19. data/lib/smart_machine/syncer.rb +10 -0
  20. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/docker/command.rb +50 -0
  21. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/docker/entrypoint.rb +196 -0
  22. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/docker/logtailer.rb +75 -0
  23. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/10-auth.conf +132 -0
  24. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/10-mail.conf +427 -0
  25. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/10-master.conf +153 -0
  26. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/10-ssl.conf +87 -0
  27. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/15-mailboxes.conf +94 -0
  28. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/20-imap.conf +102 -0
  29. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/20-lmtp.conf +43 -0
  30. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/90-quota.conf +114 -0
  31. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/conf.d/90-sieve.conf +229 -0
  32. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/dovecot-sql.conf.ext +163 -0
  33. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/sieve/learn-ham.sh +2 -0
  34. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/sieve/learn-ham.sieve +5 -0
  35. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/sieve/learn-spam.sh +2 -0
  36. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/sieve/learn-spam.sieve +2 -0
  37. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/dovecot/sieve-after/spam-to-folder.sieve +6 -0
  38. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/haproxy/haproxy.cfg +58 -0
  39. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/monit/conf.d/services.cfg +70 -0
  40. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/monit/monitrc +344 -0
  41. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/opendkim.conf +71 -0
  42. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/main.cf +123 -0
  43. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/master.cf +149 -0
  44. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/mysql-sender-login-maps.cf +7 -0
  45. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/mysql-virtual-alias-domains.cf +7 -0
  46. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/mysql-virtual-alias-maps-domains.cf +7 -0
  47. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/mysql-virtual-alias-maps-masters.cf +7 -0
  48. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/mysql-virtual-alias-maps-users.cf +7 -0
  49. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/mysql-virtual-alias-maps-userstothemselves.cf +7 -0
  50. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/mysql-virtual-mailbox-domains.cf +7 -0
  51. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix/mysql-virtual-mailbox-maps.cf +7 -0
  52. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/postfix-policyd-spf-python/policyd-spf.conf +12 -0
  53. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/etc/spamassassin/local.cf +124 -0
  54. data/lib/smart_machine/templates/dotsmartmachine/config/emailer/usr/local/bin/quota-warning.sh +22 -0
  55. data/lib/smart_machine/templates/dotsmartmachine/config/emailer.yml +37 -0
  56. data/lib/smart_machine/templates/dotsmartmachine/config/engine.yml +2 -0
  57. data/lib/smart_machine/templates/dotsmartmachine/config/roundcube/etc/apache2/sites-available/000-default.conf +35 -0
  58. data/lib/smart_machine/templates/dotsmartmachine/config/roundcube/usr/local/etc/php/conf.d/zzz_roundcube-custom.ini +4 -0
  59. data/lib/smart_machine/templates/dotsmartmachine/config/roundcube/var/roundcube/config/config.custom.inc.php +25 -0
  60. data/lib/smart_machine/templates/dotsmartmachine/config/roundcube.yml +41 -0
  61. data/lib/smart_machine/templates/dotsmartmachine/config/users.yml +1 -1
  62. data/lib/smart_machine/version.rb +2 -2
  63. data/lib/smart_machine.rb +2 -0
  64. metadata +55 -4
@@ -0,0 +1,71 @@
1
+ # This is a basic configuration for signing and verifying. It can easily be
2
+ # adapted to suit a basic installation. See opendkim.conf(5) and
3
+ # /usr/share/doc/opendkim/examples/opendkim.conf.sample for complete
4
+ # documentation of available configuration parameters.
5
+
6
+ Syslog yes
7
+ SyslogSuccess yes
8
+ #LogWhy no
9
+
10
+ # Common signing and verification parameters. In Debian, the "From" header is
11
+ # oversigned, because it is often the identity key used by reputation systems
12
+ # and thus somewhat security sensitive.
13
+ Canonicalization relaxed/simple
14
+ #Mode sv
15
+ #SubDomains no
16
+ OversignHeaders From
17
+
18
+ # Signing domain, selector, and key (required). For example, perform signing
19
+ # for domain "example.com" with selector "2020" (2020._domainkey.example.com),
20
+ # using the private key stored in /etc/dkimkeys/example.private. More granular
21
+ # setup options can be found in /usr/share/doc/opendkim/README.opendkim.
22
+ #Domain example.com
23
+ #Selector 2020
24
+ #KeyFile /etc/dkimkeys/example.private
25
+
26
+ # In Debian, opendkim runs as user "opendkim". A umask of 007 is required when
27
+ # using a local socket with MTAs that access the socket as a non-privileged
28
+ # user (for example, Postfix). You may need to add user "postfix" to group
29
+ # "opendkim" in that case.
30
+ UserID opendkim
31
+ UMask 007
32
+
33
+ # Socket for the MTA connection (required). If the MTA is inside a chroot jail,
34
+ # it must be ensured that the socket is accessible. In Debian, Postfix runs in
35
+ # a chroot in /var/spool/postfix, therefore a Unix socket would have to be
36
+ # configured as shown on the last line below.
37
+ ##### SmartMachine Begin.
38
+ #Socket local:/run/opendkim/opendkim.sock
39
+ Socket local:/var/spool/postfix/opendkim/opendkim.sock
40
+ ##### SmartMachine Close.
41
+ #Socket inet:8891@localhost
42
+ #Socket inet:8891
43
+ #Socket local:/var/spool/postfix/opendkim/opendkim.sock
44
+
45
+ ##### SmartMachine Begin.
46
+ #PidFile /run/opendkim/opendkim.pid
47
+ PidFile /var/run/opendkim/opendkim.pid
48
+ ##### SmartMachine Close.
49
+
50
+ # Hosts for which to sign rather than verify, default is 127.0.0.1. See the
51
+ # OPERATION section of opendkim(8) for more information.
52
+ #InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12
53
+
54
+ # The trust anchor enables DNSSEC. In Debian, the trust anchor file is provided
55
+ # by the package dns-root-data.
56
+ TrustAnchorFile /usr/share/dns/root.key
57
+ #Nameservers 127.0.0.1
58
+
59
+ ##### SmartMachine Begin.
60
+ # Map domains in From addresses to keys used to sign messages
61
+ KeyTable /etc/opendkim/key.table
62
+ SigningTable refile:/etc/opendkim/signing.table
63
+
64
+ # Hosts to ignore when verifying signatures
65
+ ExternalIgnoreList /etc/opendkim/trusted.hosts
66
+ InternalHosts /etc/opendkim/trusted.hosts
67
+
68
+ # Commonly-used options
69
+ AutoRestart yes
70
+ AutoRestartRate 10/1M
71
+ ##### SmartMachine Close.
@@ -0,0 +1,123 @@
1
+ # See /usr/share/postfix/main.cf.dist for a commented, more complete version
2
+
3
+
4
+ # Debian specific: Specifying a file name will cause the first
5
+ # line of that file to be used as the name. The Debian default
6
+ # is /etc/mailname.
7
+ #myorigin = /etc/mailname
8
+
9
+ smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
10
+ biff = no
11
+
12
+ # appending .domain is the MUA's job.
13
+ append_dot_mydomain = no
14
+
15
+ # Uncomment the next line to generate "delayed mail" warnings
16
+ #delay_warning_time = 4h
17
+
18
+ readme_directory = no
19
+
20
+ # See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
21
+ # fresh installs.
22
+ compatibility_level = 2
23
+
24
+
25
+
26
+ # TLS parameters
27
+ ##### SmartMachine Begin.
28
+ #smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
29
+ smtpd_tls_cert_file=/etc/letsencrypt/live/%<fqdn>s/fullchain.pem
30
+ #smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
31
+ smtpd_tls_key_file=/etc/letsencrypt/live/%<fqdn>s/key.pem
32
+ smtpd_tls_security_level=may
33
+ smtpd_tls_auth_only=yes
34
+
35
+ smtpd_sasl_type=dovecot
36
+ smtpd_sasl_path=private/auth
37
+ smtpd_sasl_auth_enable=yes
38
+ smtpd_sasl_security_options=noanonymous, noplaintext
39
+ smtpd_sasl_tls_security_options=noanonymous
40
+
41
+ smtpd_sender_login_maps=mysql:/etc/postfix/mysql-sender-login-maps.cf
42
+ ##### SmartMachine Close.
43
+
44
+ smtp_tls_CApath=/etc/ssl/certs
45
+ smtp_tls_security_level=may
46
+ smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
47
+
48
+ ##### SmartMachine Begin.
49
+ smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname
50
+ smtpd_sender_restrictions = reject_sender_login_mismatch, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain
51
+ smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unlisted_recipient, reject_unauth_destination, check_policy_service unix:private/policyd-spf, check_policy_service unix:private/quota-status
52
+ ##### SmartMachine Close.
53
+ smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
54
+ ##### SmartMachine Begin.
55
+ #myhostname = 3df7015f65ea
56
+ myhostname = %<fqdn>s
57
+ ##### SmartMachine Close.
58
+ alias_maps = hash:/etc/aliases
59
+ alias_database = hash:/etc/aliases
60
+ ##### SmartMachine Begin.
61
+ mydomain = %<mailname>s
62
+ ##### SmartMachine Close.
63
+ myorigin = $mydomain
64
+ ##### SmartMachine Begin.
65
+ #mydestination = <mailname>, $myhostname, 3df7015f65ea, localhost.localdomain, localhost
66
+ mydestination = localhost
67
+ ##### SmartMachine Close.
68
+ relayhost =
69
+ mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
70
+ mailbox_size_limit = 0
71
+ recipient_delimiter = +
72
+ inet_interfaces = all
73
+ inet_protocols = all
74
+
75
+ ##### SmartMachine Begin.
76
+ # Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
77
+ virtual_transport = lmtp:unix:private/dovecot-lmtp
78
+
79
+ # Virtual domains, users, and aliases
80
+ # Domains that are not aliases
81
+ virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
82
+ # Users
83
+ virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
84
+ # Domains that are aliases of other domains
85
+ virtual_alias_domains = mysql:/etc/postfix/mysql-virtual-alias-domains.cf
86
+ # Alias mappings for domains, users and users to themselves.
87
+ virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps-domains.cf, mysql:/etc/postfix/mysql-virtual-alias-maps-masters.cf, mysql:/etc/postfix/mysql-virtual-alias-maps-users.cf, mysql:/etc/postfix/mysql-virtual-alias-maps-userstothemselves.cf
88
+
89
+ # Even more Restrictions and MTA params
90
+ disable_vrfy_command = yes
91
+ strict_rfc821_envelopes = yes
92
+ #smtpd_etrn_restrictions = reject
93
+ #smtpd_reject_unlisted_sender = yes
94
+ #smtpd_reject_unlisted_recipient = yes
95
+ smtpd_helo_required = yes
96
+ smtpd_timeout = 30s
97
+ smtp_helo_timeout = 15s
98
+ smtp_rcpt_timeout = 15s
99
+ smtpd_recipient_limit = 40
100
+ minimal_backoff_time = 180s
101
+ maximal_backoff_time = 3h
102
+
103
+ # Reply Rejection Codes
104
+ invalid_hostname_reject_code = 550
105
+ non_fqdn_reject_code = 550
106
+ unknown_address_reject_code = 550
107
+ unknown_client_reject_code = 550
108
+ unknown_hostname_reject_code = 550
109
+ unverified_recipient_reject_code = 550
110
+ unverified_sender_reject_code = 550
111
+
112
+ # SPF
113
+ # postfix-policyd-spf-python
114
+ policyd-spf_time_limit = 3600
115
+
116
+ # OpenDKIM
117
+ # Milter configuration
118
+ milter_default_action = accept
119
+ # Postfix >= 2.6 milter_protocol = 6, Postfix <= 2.5 milter_protocol = 2
120
+ milter_protocol = 6
121
+ smtpd_milters = local:opendkim/opendkim.sock
122
+ non_smtpd_milters = local:opendkim/opendkim.sock
123
+ ##### SmartMachine Close.
@@ -0,0 +1,149 @@
1
+ #
2
+ # Postfix master process configuration file. For details on the format
3
+ # of the file, see the master(5) manual page (command: "man 5 master" or
4
+ # on-line: http://www.postfix.org/master.5.html).
5
+ #
6
+ # Do not forget to execute "postfix reload" after editing this file.
7
+ #
8
+ # ==========================================================================
9
+ # service type private unpriv chroot wakeup maxproc command + args
10
+ # (yes) (yes) (no) (never) (100)
11
+ # ==========================================================================
12
+ ##### SmartMachine Begin.
13
+ #smtp inet n - y - - smtpd
14
+ smtp inet n - y - - smtpd
15
+ -o content_filter=spamassassin
16
+ ##### SmartMachine Close.
17
+ #smtp inet n - y - 1 postscreen
18
+ #smtpd pass - - y - - smtpd
19
+ #dnsblog unix - - y - 0 dnsblog
20
+ #tlsproxy unix - - y - 0 tlsproxy
21
+ #submission inet n - y - - smtpd
22
+ # -o syslog_name=postfix/submission
23
+ # -o smtpd_tls_security_level=encrypt
24
+ # -o smtpd_sasl_auth_enable=yes
25
+ # -o smtpd_tls_auth_only=yes
26
+ # -o smtpd_reject_unlisted_recipient=no
27
+ # -o smtpd_client_restrictions=$mua_client_restrictions
28
+ # -o smtpd_helo_restrictions=$mua_helo_restrictions
29
+ # -o smtpd_sender_restrictions=$mua_sender_restrictions
30
+ # -o smtpd_recipient_restrictions=
31
+ # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
32
+ # -o milter_macro_daemon_name=ORIGINATING
33
+ ##### SmartMachine Begin.
34
+ submission inet n - y - - smtpd
35
+ -o syslog_name=postfix/submission
36
+ -o smtpd_tls_security_level=encrypt
37
+ # -o smtpd_sasl_auth_enable=yes
38
+ # -o smtpd_tls_auth_only=yes
39
+ -o smtpd_reject_unlisted_recipient=no
40
+ -o smtpd_client_restrictions=permit_sasl_authenticated,reject
41
+ # -o smtpd_helo_restrictions=$mua_helo_restrictions
42
+ # -o smtpd_sender_restrictions=$mua_sender_restrictions
43
+ # -o smtpd_recipient_restrictions=
44
+ # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
45
+ -o milter_macro_daemon_name=ORIGINATING
46
+ ##### SmartMachine Close.
47
+ #smtps inet n - y - - smtpd
48
+ # -o syslog_name=postfix/smtps
49
+ # -o smtpd_tls_wrappermode=yes
50
+ # -o smtpd_sasl_auth_enable=yes
51
+ # -o smtpd_reject_unlisted_recipient=no
52
+ # -o smtpd_client_restrictions=$mua_client_restrictions
53
+ # -o smtpd_helo_restrictions=$mua_helo_restrictions
54
+ # -o smtpd_sender_restrictions=$mua_sender_restrictions
55
+ # -o smtpd_recipient_restrictions=
56
+ # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
57
+ # -o milter_macro_daemon_name=ORIGINATING
58
+ #628 inet n - y - - qmqpd
59
+ pickup unix n - y 60 1 pickup
60
+ cleanup unix n - y - 0 cleanup
61
+ qmgr unix n - n 300 1 qmgr
62
+ #qmgr unix n - n 300 1 oqmgr
63
+ tlsmgr unix - - y 1000? 1 tlsmgr
64
+ rewrite unix - - y - - trivial-rewrite
65
+ bounce unix - - y - 0 bounce
66
+ defer unix - - y - 0 bounce
67
+ trace unix - - y - 0 bounce
68
+ verify unix - - y - 1 verify
69
+ flush unix n - y 1000? 0 flush
70
+ proxymap unix - - n - - proxymap
71
+ proxywrite unix - - n - 1 proxymap
72
+ smtp unix - - y - - smtp
73
+ relay unix - - y - - smtp
74
+ -o syslog_name=postfix/$service_name
75
+ # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
76
+ showq unix n - y - - showq
77
+ error unix - - y - - error
78
+ retry unix - - y - - error
79
+ discard unix - - y - - discard
80
+ local unix - n n - - local
81
+ virtual unix - n n - - virtual
82
+ lmtp unix - - y - - lmtp
83
+ anvil unix - - y - 1 anvil
84
+ scache unix - - y - 1 scache
85
+ postlog unix-dgram n - n - 1 postlogd
86
+ #
87
+ # ====================================================================
88
+ # Interfaces to non-Postfix software. Be sure to examine the manual
89
+ # pages of the non-Postfix software to find out what options it wants.
90
+ #
91
+ # Many of the following services use the Postfix pipe(8) delivery
92
+ # agent. See the pipe(8) man page for information about ${recipient}
93
+ # and other message envelope options.
94
+ # ====================================================================
95
+ #
96
+ # maildrop. See the Postfix MAILDROP_README file for details.
97
+ # Also specify in main.cf: maildrop_destination_recipient_limit=1
98
+ #
99
+ maildrop unix - n n - - pipe
100
+ flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
101
+ #
102
+ # ====================================================================
103
+ #
104
+ # Recent Cyrus versions can use the existing "lmtp" master.cf entry.
105
+ #
106
+ # Specify in cyrus.conf:
107
+ # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
108
+ #
109
+ # Specify in main.cf one or more of the following:
110
+ # mailbox_transport = lmtp:inet:localhost
111
+ # virtual_transport = lmtp:inet:localhost
112
+ #
113
+ # ====================================================================
114
+ #
115
+ # Cyrus 2.1.5 (Amos Gouaux)
116
+ # Also specify in main.cf: cyrus_destination_recipient_limit=1
117
+ #
118
+ #cyrus unix - n n - - pipe
119
+ # flags=DRX user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
120
+ #
121
+ # ====================================================================
122
+ # Old example of delivery via Cyrus.
123
+ #
124
+ #old-cyrus unix - n n - - pipe
125
+ # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
126
+ #
127
+ # ====================================================================
128
+ #
129
+ # See the Postfix UUCP_README file for configuration details.
130
+ #
131
+ uucp unix - n n - - pipe
132
+ flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
133
+ #
134
+ # Other external delivery methods.
135
+ #
136
+ ifmail unix - n n - - pipe
137
+ flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
138
+ bsmtp unix - n n - - pipe
139
+ flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
140
+ scalemail-backend unix - n n - 2 pipe
141
+ flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
142
+ mailman unix - n n - - pipe
143
+ flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
144
+ ##### SmartMachine Begin.
145
+ spamassassin unix - n n - - pipe
146
+ user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
147
+ policyd-spf unix - n n - 0 spawn
148
+ user=policyd-spf argv=/usr/bin/policyd-spf
149
+ ##### SmartMachine Close.
@@ -0,0 +1,7 @@
1
+ ##### SmartMachine Begin.
2
+ user = %<mysql_user>s
3
+ password = %<mysql_password>s
4
+ hosts = %<mysql_host>s:%<mysql_port>s
5
+ dbname = %<mysql_database_name>s
6
+ query = SELECT email FROM virtual_users WHERE email IN ('%s', (SELECT CONCAT('%u', '@', destination_name) FROM virtual_domains WHERE name='%d' AND destination_name IS NOT NULL)) UNION SELECT destination FROM virtual_aliases WHERE source IN ('%s', (SELECT CONCAT('%u', '@', destination_name) FROM virtual_domains WHERE name='%d' AND destination_name IS NOT NULL))
7
+ ##### SmartMachine Close.
@@ -0,0 +1,7 @@
1
+ ##### SmartMachine Begin.
2
+ user = %<mysql_user>s
3
+ password = %<mysql_password>s
4
+ hosts = %<mysql_host>s:%<mysql_port>s
5
+ dbname = %<mysql_database_name>s
6
+ query = SELECT 1 FROM virtual_domains WHERE name='%s' AND destination_name IS NOT NULL
7
+ ##### SmartMachine Close.
@@ -0,0 +1,7 @@
1
+ ##### SmartMachine Begin.
2
+ user = %<mysql_user>s
3
+ password = %<mysql_password>s
4
+ hosts = %<mysql_host>s:%<mysql_port>s
5
+ dbname = %<mysql_database_name>s
6
+ query = SELECT concat('@', destination_name) FROM virtual_domains WHERE CONCAT('@', name)='%s' AND destination_name IS NOT NULL
7
+ ##### SmartMachine Close.
@@ -0,0 +1,7 @@
1
+ ##### SmartMachine Begin.
2
+ user = %<mysql_user>s
3
+ password = %<mysql_password>s
4
+ hosts = %<mysql_host>s:%<mysql_port>s
5
+ dbname = %<mysql_database_name>s
6
+ query = SELECT email FROM virtual_users WHERE email='%<sysadmin_email>s' AND ('%u'='postmaster' OR '%u'='abuse' OR '%u'='hostmaster' OR '%u'='webmaster')
7
+ ##### SmartMachine Close.
@@ -0,0 +1,7 @@
1
+ ##### SmartMachine Begin.
2
+ user = %<mysql_user>s
3
+ password = %<mysql_password>s
4
+ hosts = %<mysql_host>s:%<mysql_port>s
5
+ dbname = %<mysql_database_name>s
6
+ query = SELECT destination FROM virtual_aliases WHERE source='%s'
7
+ ##### SmartMachine Close.
@@ -0,0 +1,7 @@
1
+ ##### SmartMachine Begin.
2
+ user = %<mysql_user>s
3
+ password = %<mysql_password>s
4
+ hosts = %<mysql_host>s:%<mysql_port>s
5
+ dbname = %<mysql_database_name>s
6
+ query = SELECT email FROM virtual_users WHERE email='%s'
7
+ ##### SmartMachine Close.
@@ -0,0 +1,7 @@
1
+ ##### SmartMachine Begin.
2
+ user = %<mysql_user>s
3
+ password = %<mysql_password>s
4
+ hosts = %<mysql_host>s:%<mysql_port>s
5
+ dbname = %<mysql_database_name>s
6
+ query = SELECT 1 FROM virtual_domains WHERE name='%s' AND destination_name IS NULL
7
+ ##### SmartMachine Close.
@@ -0,0 +1,7 @@
1
+ ##### SmartMachine Begin.
2
+ user = %<mysql_user>s
3
+ password = %<mysql_password>s
4
+ hosts = %<mysql_host>s:%<mysql_port>s
5
+ dbname = %<mysql_database_name>s
6
+ query = SELECT 1 FROM virtual_users WHERE email='%s'
7
+ ##### SmartMachine Close.
@@ -0,0 +1,12 @@
1
+ # For a fully commented sample config file see policyd-spf.conf.commented
2
+
3
+ debugLevel = 1
4
+ TestOnly = 1
5
+
6
+ HELO_reject = Fail
7
+ Mail_From_reject = Fail
8
+
9
+ PermError_reject = False
10
+ TempError_Defer = False
11
+
12
+ skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1
@@ -0,0 +1,124 @@
1
+ # This is the right place to customize your installation of SpamAssassin.
2
+ #
3
+ # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
4
+ # tweaked.
5
+ #
6
+ # Only a small subset of options are listed below
7
+ #
8
+ ###########################################################################
9
+
10
+ # A 'contact address' users should contact for more info. (replaces
11
+ # _CONTACTADDRESS_ in the report template)
12
+ # report_contact youremailaddress@domain.tld
13
+
14
+
15
+ # Add *****SPAM***** to the Subject header of spam e-mails
16
+ #
17
+ # rewrite_header Subject *****SPAM*****
18
+
19
+
20
+ # Save spam messages as a message/rfc822 MIME attachment instead of
21
+ # modifying the original message (0: off, 2: use text/plain instead)
22
+ #
23
+ # report_safe 1
24
+
25
+
26
+ # Set which networks or hosts are considered 'trusted' by your mail
27
+ # server (i.e. not spammers)
28
+ #
29
+ # trusted_networks 212.17.35.
30
+
31
+
32
+ # Set file-locking method (flock is not safe over NFS, but is faster)
33
+ #
34
+ # lock_method flock
35
+
36
+
37
+ # Set the threshold at which a message is considered spam (default: 5.0)
38
+ #
39
+ # required_score 5.0
40
+
41
+
42
+ # Use Bayesian classifier (default: 1)
43
+ #
44
+ # use_bayes 1
45
+
46
+
47
+ # Bayesian classifier auto-learning (default: 1)
48
+ #
49
+ # bayes_auto_learn 1
50
+
51
+
52
+ # Set headers which may provide inappropriate cues to the Bayesian
53
+ # classifier
54
+ #
55
+ # bayes_ignore_header X-Bogosity
56
+ # bayes_ignore_header X-Spam-Flag
57
+ # bayes_ignore_header X-Spam-Status
58
+
59
+
60
+ # Whether to decode non- UTF-8 and non-ASCII textual parts and recode
61
+ # them to UTF-8 before the text is given over to rules processing.
62
+ #
63
+ # normalize_charset 1
64
+
65
+ # Textual body scan limit (default: 50000)
66
+ #
67
+ # Amount of data per email text/* mimepart, that will be run through body
68
+ # rules. This enables safer and faster scanning of large messages,
69
+ # perhaps having very large textual attachments. There should be no need
70
+ # to change this well tested default.
71
+ #
72
+ # body_part_scan_size 50000
73
+
74
+ # Textual rawbody data scan limit (default: 500000)
75
+ #
76
+ # Amount of data per email text/* mimepart, that will be run through
77
+ # rawbody rules.
78
+ #
79
+ # rawbody_part_scan_size 500000
80
+
81
+ # Some shortcircuiting, if the plugin is enabled
82
+ #
83
+ ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
84
+ #
85
+ # default: strongly-whitelisted mails are *really* whitelisted now, if the
86
+ # shortcircuiting plugin is active, causing early exit to save CPU load.
87
+ # Uncomment to turn this on
88
+ #
89
+ # SpamAssassin tries hard not to launch DNS queries before priority -100.
90
+ # If you want to shortcircuit without launching unneeded queries, make
91
+ # sure such rule priority is below -100. These examples are already:
92
+ #
93
+ # shortcircuit USER_IN_WHITELIST on
94
+ # shortcircuit USER_IN_DEF_WHITELIST on
95
+ # shortcircuit USER_IN_ALL_SPAM_TO on
96
+ # shortcircuit SUBJECT_IN_WHITELIST on
97
+
98
+ # the opposite; blacklisted mails can also save CPU
99
+ #
100
+ # shortcircuit USER_IN_BLACKLIST on
101
+ # shortcircuit USER_IN_BLACKLIST_TO on
102
+ # shortcircuit SUBJECT_IN_BLACKLIST on
103
+
104
+ # if you have taken the time to correctly specify your "trusted_networks",
105
+ # this is another good way to save CPU
106
+ #
107
+ # shortcircuit ALL_TRUSTED on
108
+
109
+ # and a well-trained bayes DB can save running rules, too
110
+ #
111
+ # shortcircuit BAYES_99 spam
112
+ # shortcircuit BAYES_00 ham
113
+
114
+ endif # Mail::SpamAssassin::Plugin::Shortcircuit
115
+
116
+ ##### SmartMachine Begin.
117
+ loadplugin Mail::SpamAssassin::Plugin::DCC
118
+
119
+ report_safe 0
120
+ required_score 10.0
121
+ use_razor2 0
122
+ use_dcc 0
123
+ use_pyzor 0
124
+ ##### SmartMachine Close.
@@ -0,0 +1,22 @@
1
+ #!/bin/sh
2
+ PERCENT=$1
3
+ USER=$2
4
+ cat << EOF | /usr/lib/dovecot/dovecot-lda -d $USER -o "plugin/quota=maildir:User quota:noenforcing"
5
+ From: Email Postmaster <postmaster@%<mailname>s>
6
+ Subject: Your mailbox is $PERCENT% full.
7
+
8
+ Hello there,
9
+
10
+ Your mailbox can store a limited amount of emails. Currently it is $PERCENT% full. New emails will not be stored if you reach 100%.
11
+
12
+ To get more space in your mailbox you can:
13
+ 1. Contact your email provider and upgrade your plan.
14
+ 2. Delete emails from your mailbox.
15
+
16
+ If using option 2, please ensure you have emptied your Trash folder to free up the space.
17
+
18
+ Thanks for reading. Hope this was helpful.
19
+
20
+ Regards,
21
+ Your Email Postmaster
22
+ EOF
@@ -0,0 +1,37 @@
1
+ emailerone:
2
+ fqdn: "youremailerone.yourdomain.com"
3
+ mailname: "yourdomain.com"
4
+ sysadmin_email: "adminname@yourdomain.com"
5
+ networks: ["mysqlone-network"]
6
+ mysql_host: mysqlone
7
+ mysql_port: 3306
8
+ mysql_user: <%= SmartMachine.credentials.dig(:emailerone, :mysql_user) %>
9
+ mysql_password: <%= SmartMachine.credentials.dig(:emailerone, :mysql_password) %>
10
+ mysql_database_name: <%= SmartMachine.credentials.dig(:emailerone, :mysql_database_name) %>
11
+ monit_smtp_email_name: "Your Emailer One"
12
+ monit_smtp_email_address: "yourmachineemailerone@yourdomain.com"
13
+ monit_smtp_host: "youremailerone.yourdomain.com"
14
+ monit_smtp_port: 587
15
+ monit_smtp_username: <%= SmartMachine.credentials.dig(:emailerone, :monit_smtp_username) %>
16
+ monit_smtp_password: <%= SmartMachine.credentials.dig(:emailerone, :monit_smtp_password) %>
17
+ oracle_ips_allowed: []
18
+ oracle_deflect_url: "https://yourdomain.com"
19
+
20
+ # emailertwo:
21
+ # fqdn: "youremailertwo.yourdomain.com"
22
+ # mailname: "yourdomain.com"
23
+ # sysadmin_email: "adminname@yourdomain.com"
24
+ # networks: ["mysqlone-network"]
25
+ # mysql_host: mysqlone
26
+ # mysql_port: 3306
27
+ # mysql_user: <%= SmartMachine.credentials.dig(:emailertwo, :mysql_user) %>
28
+ # mysql_password: <%= SmartMachine.credentials.dig(:emailertwo, :mysql_password) %>
29
+ # mysql_database_name: <%= SmartMachine.credentials.dig(:emailertwo, :mysql_database_name) %>
30
+ # monit_smtp_email_name: "Your Emailer Two"
31
+ # monit_smtp_email_address: "yourmachineemailertwo@yourdomain.com"
32
+ # monit_smtp_host: "youremailertwo.yourdomain.com"
33
+ # monit_smtp_port: 587
34
+ # monit_smtp_username: <%= SmartMachine.credentials.dig(:emailertwo, :monit_smtp_username) %>
35
+ # monit_smtp_password: <%= SmartMachine.credentials.dig(:emailertwo, :monit_smtp_password) %>
36
+ # oracle_ips_allowed: []
37
+ # oracle_deflect_url: "https://yourdomain.com"
@@ -0,0 +1,2 @@
1
+ engineone:
2
+ timezone: "Etc/UTC"
@@ -0,0 +1,35 @@
1
+ <VirtualHost *:80>
2
+ # The ServerName directive sets the request scheme, hostname and port that
3
+ # the server uses to identify itself. This is used when creating
4
+ # redirection URLs. In the context of virtual hosts, the ServerName
5
+ # specifies what hostname must appear in the request's Host: header to
6
+ # match this virtual host. For the default virtual host (this file) this
7
+ # value is not decisive as it is used as a last resort host regardless.
8
+ # However, you must set it for any further virtual host explicitly.
9
+ #ServerName www.example.com
10
+
11
+ ServerAdmin webmaster@localhost
12
+ DocumentRoot /var/www/html
13
+
14
+ ServerSignature Off
15
+
16
+ # If you are setting a different request_path other than '/' in roundcube.yml config file,
17
+ # then please uncomment the below line and add that path here as an alias.
18
+ #Alias /your/request/path /var/www/html
19
+
20
+ # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
21
+ # error, crit, alert, emerg.
22
+ # It is also possible to configure the loglevel for particular
23
+ # modules, e.g.
24
+ #LogLevel info ssl:warn
25
+
26
+ ErrorLog ${APACHE_LOG_DIR}/error.log
27
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
28
+
29
+ # For most configuration files from conf-available/, which are
30
+ # enabled or disabled at a global level, it is possible to
31
+ # include a line for only one particular virtual host. For example the
32
+ # following line enables the CGI configuration for this host only
33
+ # after it has been globally disabled with "a2disconf".
34
+ #Include conf-available/serve-cgi-bin.conf
35
+ </VirtualHost>
@@ -0,0 +1,4 @@
1
+ ; Add custom PHP config here. It will be used when running roundcube.
2
+
3
+ expose_php=Off
4
+ ;memory_limit=128M