From f76c3ee7f3663ebad1317743c9254b3e3bf2f7db Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 26 Nov 2018 09:06:34 +0100 Subject: [PATCH] [Dovecot] Unsupported examples for IMAP auth via LDAP [Rspamd] Globel whitelist/blacklist from via multimap --- data/conf/dovecot/dovecot.conf | 9 +++++++++ data/conf/dovecot/ldap/passdb.conf | 9 +++++++++ .../conf/rspamd/custom/global_from_blacklist.map | 1 + .../conf/rspamd/custom/global_from_whitelist.map | 1 + data/conf/rspamd/local.d/multimap.conf | 16 ++++++++++++++++ 5 files changed, 36 insertions(+) create mode 100644 data/conf/dovecot/ldap/passdb.conf create mode 100644 data/conf/rspamd/custom/global_from_blacklist.map create mode 100644 data/conf/rspamd/custom/global_from_whitelist.map diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf index 934a4f2f..50cee0d5 100644 --- a/data/conf/dovecot/dovecot.conf +++ b/data/conf/dovecot/dovecot.conf @@ -1,6 +1,12 @@ # -------------------------------------------------------------------------- # Please create a file "extra.conf" for persistent overrides to dovecot.conf # -------------------------------------------------------------------------- +# LDAP example: +#passdb { +# args = /usr/local/etc/dovecot/ldap/passdb.conf +# driver = ldap +#} + auth_mechanisms = plain login #mail_debug = yes #auth_debug = yes @@ -48,6 +54,9 @@ passdb { passdb { args = /usr/local/etc/dovecot/sql/dovecot-dict-sql-passdb.conf driver = sql + result_success = return-ok + result_failure = continue + result_internalfail = continue } # Set doveadm_password=your-secret-password in data/conf/dovecot/extra.conf (create if missing) service doveadm { diff --git a/data/conf/dovecot/ldap/passdb.conf b/data/conf/dovecot/ldap/passdb.conf new file mode 100644 index 00000000..12fc3c05 --- /dev/null +++ b/data/conf/dovecot/ldap/passdb.conf @@ -0,0 +1,9 @@ +#hosts = 1.2.3.4 +#dn = cn=admin,dc=example,dc=local +#dnpass = password +#ldap_version = 3 +#base = ou=People,dc=example,dc=local +#auth_bind = no +#pass_filter = (&(objectClass=posixAccount)(mail=%u)) +#pass_attrs = mail=user,userPassword=password +#default_pass_scheme = SSHA diff --git a/data/conf/rspamd/custom/global_from_blacklist.map b/data/conf/rspamd/custom/global_from_blacklist.map new file mode 100644 index 00000000..dd04f45c --- /dev/null +++ b/data/conf/rspamd/custom/global_from_blacklist.map @@ -0,0 +1 @@ +# /.*@example.com/i' diff --git a/data/conf/rspamd/custom/global_from_whitelist.map b/data/conf/rspamd/custom/global_from_whitelist.map new file mode 100644 index 00000000..dd04f45c --- /dev/null +++ b/data/conf/rspamd/custom/global_from_whitelist.map @@ -0,0 +1 @@ +# /.*@example.com/i' diff --git a/data/conf/rspamd/local.d/multimap.conf b/data/conf/rspamd/local.d/multimap.conf index c27a9d63..40cbfda7 100644 --- a/data/conf/rspamd/local.d/multimap.conf +++ b/data/conf/rspamd/local.d/multimap.conf @@ -33,3 +33,19 @@ LOCAL_BL_ASN { description = "Sender's ASN is on the local blacklist"; symbols_set = ["LOCAL_BL_ASN"]; } + +GLOBAL_FROM_WL { + type = "from"; + map = "$LOCAL_CONFDIR/custom/global_from_whitelist.map"; + regexp = true; + prefilter = true; + action = "accept"; +} + +GLOBAL_FROM_BL { + type = "from"; + map = "$LOCAL_CONFDIR/custom/global_from_blacklist.map"; + regexp = true; + prefilter = true; + action = "reject"; +}