From 89433f3f061a7a972a2a4e1752a3c566986a4272 Mon Sep 17 00:00:00 2001 From: mdecimus Date: Fri, 5 Apr 2024 15:27:16 +0200 Subject: [PATCH] Updated spamfilter rules --- resources/config/build.py | 8 ++-- .../config/{minimal.toml => config.toml} | 14 ++----- resources/config/security.toml | 19 ---------- resources/config/spamfilter.toml | 37 +++++++++---------- .../config/spamfilter/maps/spam_config.map | 14 +++++++ resources/config/spamfilter/settings.toml | 20 ---------- 6 files changed, 37 insertions(+), 75 deletions(-) rename resources/config/{minimal.toml => config.toml} (75%) delete mode 100644 resources/config/security.toml create mode 100644 resources/config/spamfilter/maps/spam_config.map delete mode 100644 resources/config/spamfilter/settings.toml diff --git a/resources/config/build.py b/resources/config/build.py index a9d428b1..5af133b2 100644 --- a/resources/config/build.py +++ b/resources/config/build.py @@ -45,7 +45,8 @@ script_names = { "greylist" : "Greylisting" } -maps = ["scores.map", +maps = ["spam_config.map", + "scores.map", "allow_dmarc.list", "allow_domains.list", "allow_spf_dkim.list", @@ -68,7 +69,7 @@ def read_file(file): return f.read() + "\n" def build_spam_filters(scripts): - spam_filter = read_file("./spamfilter/settings.toml") + spam_filter = "[version]\nspam-filter = \"1.0\"\n\n" for script_name, file_list in scripts.items(): script_content = read_and_concatenate(file_list).replace("'''", "\\'\\'\\'") script_description = script_names[script_name] @@ -85,9 +86,6 @@ def main(): spam_filter = build_spam_filters(scripts) with open("spamfilter.toml", "w", encoding="utf-8") as toml_file: toml_file.write(spam_filter) - config = read_file("./minimal.toml") + read_file("./security.toml") + spam_filter - with open("config.toml", "w", encoding="utf-8") as toml_file: - toml_file.write(config) print("Stalwart TOML configuration files have been generated.") if __name__ == "__main__": diff --git a/resources/config/minimal.toml b/resources/config/config.toml similarity index 75% rename from resources/config/minimal.toml rename to resources/config/config.toml index fea40d54..dd680a65 100644 --- a/resources/config/minimal.toml +++ b/resources/config/config.toml @@ -49,13 +49,6 @@ compression = "lz4" type = "internal" store = "rocksdb" -[lookup.default] -domain = "%{env:DOMAIN}%" -hostname = "%{env:HOSTNAME}%" - -[oauth] -key = "%{env:OAUTH_KEY}%" - [tracer."stdout"] type = "stdout" level = "info" @@ -66,7 +59,6 @@ enable = true #user = "stalwart-mail" #group = "stalwart-mail" -[server.http] -headers = ["Access-Control-Allow-Origin: *", - "Access-Control-Allow-Methods: POST, GET, PATCH, PUT, DELETE, HEAD, OPTIONS", - "Access-Control-Allow-Headers: Authorization, Content-Type, Accept, X-Requested-With"] +[authentication.fallback-admin] +user = "admin" +secret = "%{env:ADMIN_SECRET}%" diff --git a/resources/config/security.toml b/resources/config/security.toml deleted file mode 100644 index d786b452..00000000 --- a/resources/config/security.toml +++ /dev/null @@ -1,19 +0,0 @@ -[queue.quota.queue-max-size] -messages = 100000 -size = 10737418240 # 10gb -enable = true - -[queue.throttle.recipient-limit] -key = ["rcpt_domain"] -concurrency = 5 -enable = true - -[session.throttle.concurrency-by-remote-ip] -key = ["remote_ip"] -concurrency = 5 -enable = true - -[session.throttle.rate-by-sender] -key = ["sender_domain", "rcpt"] -rate = "25/1h" -enable = true diff --git a/resources/config/spamfilter.toml b/resources/config/spamfilter.toml index 9242b846..7335a10e 100644 --- a/resources/config/spamfilter.toml +++ b/resources/config/spamfilter.toml @@ -1,23 +1,5 @@ -[spam.header] -is-spam = "X-Spam-Status: Yes" - -[lookup.spam-config] -add-spam = true -add-spam-result = true -learn-enable = true -learn-balance = "0.9" -learn-ham-replies = true -learn-ham-threshold = "-0.5" -learn-spam-threshold = "6.0" -threshold-spam = "5.0" -threshold-discard = "0.0" -threshold-reject = "0.0" -directory = "" -lookup = "" - -[session.data] -script = [ { if = "is_empty(authenticated_as)", then = "'spam-filter'"}, - { else = "'track-replies'" } ] +[version] +spam-filter = "1.0" [sieve.trusted.scripts.spam-filter] name = "Spam Filter" @@ -2464,6 +2446,21 @@ if eval "!key_exists(SPAM_DB, triplet)" { [lookup] +spam-config = { +"add-spam" = true, +"add-spam-result" = true, +"learn-enable" = true, +"learn-balance" = "0.9", +"learn-ham-replies" = true, +"learn-ham-threshold" = "-0.5", +"learn-spam-threshold" = "6.0", +"threshold-spam" = "5.0", +"threshold-discard" = "0.0", +"threshold-reject" = "0.0", +"directory" = "", +"lookup" = "" +} + spam-scores = {"ABUSE_SURBL" = "5.0", "ALLOWLIST_DKIM" = "-1.0", "ALLOWLIST_DMARC" = "-7.0", diff --git a/resources/config/spamfilter/maps/spam_config.map b/resources/config/spamfilter/maps/spam_config.map new file mode 100644 index 00000000..c8a167b7 --- /dev/null +++ b/resources/config/spamfilter/maps/spam_config.map @@ -0,0 +1,14 @@ +spam-config = { +"add-spam" = true, +"add-spam-result" = true, +"learn-enable" = true, +"learn-balance" = "0.9", +"learn-ham-replies" = true, +"learn-ham-threshold" = "-0.5", +"learn-spam-threshold" = "6.0", +"threshold-spam" = "5.0", +"threshold-discard" = "0.0", +"threshold-reject" = "0.0", +"directory" = "", +"lookup" = "" +} diff --git a/resources/config/spamfilter/settings.toml b/resources/config/spamfilter/settings.toml deleted file mode 100644 index f082c270..00000000 --- a/resources/config/spamfilter/settings.toml +++ /dev/null @@ -1,20 +0,0 @@ -[spam.header] -is-spam = "X-Spam-Status: Yes" - -[lookup.spam-config] -add-spam = true -add-spam-result = true -learn-enable = true -learn-balance = "0.9" -learn-ham-replies = true -learn-ham-threshold = "-0.5" -learn-spam-threshold = "6.0" -threshold-spam = "5.0" -threshold-discard = "0.0" -threshold-reject = "0.0" -directory = "" -lookup = "" - -[session.data] -script = [ { if = "is_empty(authenticated_as)", then = "'spam-filter'"}, - { else = "'track-replies'" } ]