Rspamd tag check for non-spam only (post-filter), remove sql files from repository"

data/Dockerfiles/dovecot/docker-entrypoint.sh

@@ -6,6 +6,8 @@ sed -i "/^\$DBUSER/c\\\$DBUSER='${DBUSER}';" /usr/local/bin/imapsync_cron.pl
 sed -i "/^\$DBPASS/c\\\$DBPASS='${DBPASS}';" /usr/local/bin/imapsync_cron.pl
 sed -i "/^\$DBNAME/c\\\$DBNAME='${DBNAME}';" /usr/local/bin/imapsync_cron.pl
 
+[[ ! -d /etc/dovecot/sql/ ]] && mkdir -p /etc/dovecot/sql/
+
 # Set Dovecot sql config parameters, escape " in db password
 DBPASS=$(echo ${DBPASS} | sed 's/"/\\"/g')
 

data/conf/dovecot/sql/dovecot-dict-sql.conf

@@ -1,15 +0,0 @@
-connect = "host=mysql dbname=mailcow user=mailcow password=mysafepasswd"
-
-map {
-  pattern = priv/quota/storage
-  table = quota2
-  username_field = username
-  value_field = bytes
-}
-map {
-  pattern = priv/quota/messages
-  table = quota2
-  username_field = username
-  value_field = messages
-}
-

data/conf/dovecot/sql/dovecot-mysql.conf

@@ -1,6 +0,0 @@
-driver = mysql
-connect = "host=mysql dbname=mailcow user=mailcow password=mysafepasswd"
-default_pass_scheme = SSHA256
-password_query = SELECT password FROM mailbox WHERE username = '%u' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1')
-user_query = SELECT CONCAT('maildir:/var/vmail/',maildir) AS mail, 5000 AS uid, 5000 AS gid, concat('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active = '1'
-iterate_query = SELECT username FROM mailbox WHERE active='1';

data/conf/postfix/sql/mysql_relay_recipient_maps.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT DISTINCT CASE WHEN '%d' IN (SELECT domain FROM domain WHERE relay_all_recipients=1 AND domain='%d' AND backupmx=1) THEN '%s' ELSE (SELECT goto FROM alias WHERE address='%s' AND active='1') END AS result;

data/conf/postfix/sql/mysql_tls_enforce_in_policy.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT IF( EXISTS( SELECT 'TLS_ACTIVE' FROM alias LEFT OUTER JOIN mailbox ON mailbox.username = alias.address WHERE (address='%s' OR address IN (SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain='%d')) AND mailbox.tls_enforce_in = '1' AND mailbox.active = '1'), 'reject_plaintext_session', 'DUNNO') AS 'tls_enforce_in';

data/conf/postfix/sql/mysql_tls_enforce_out_policy.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT IF( EXISTS( SELECT 'TLS_ACTIVE' FROM alias LEFT OUTER JOIN mailbox ON mailbox.username = alias.address WHERE (address='%s' OR address IN (SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain='%d')) AND mailbox.tls_enforce_out = '1' AND mailbox.active = '1'), 'smtp_enforced_tls:', 'DUNNO') AS 'tls_enforce_out';

data/conf/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf

@@ -1,6 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
-

data/conf/postfix/sql/mysql_virtual_alias_domain_maps.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT username FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'

data/conf/postfix/sql/mysql_virtual_alias_maps.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT goto FROM alias WHERE address='%s' AND active='1';

data/conf/postfix/sql/mysql_virtual_domains_maps.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query          = SELECT alias_domain from alias_domain WHERE alias_domain='%s' AND active='1' UNION SELECT domain FROM domain WHERE domain='%s' AND active = '1' AND backupmx = '0'

data/conf/postfix/sql/mysql_virtual_mailbox_maps.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'

data/conf/postfix/sql/mysql_virtual_relay_domain_maps.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '1' AND active = '1'

data/conf/postfix/sql/mysql_virtual_sender_acl.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT goto FROM alias WHERE address='%s' AND active='1' AND domain IN(SELECT domain FROM domain WHERE domain='%d' AND active='1') UNION SELECT logged_in_as FROM sender_acl WHERE send_as='@%d' OR send_as='%s' OR send_as IN ( SELECT CONCAT ('@',target_domain) FROM alias_domain WHERE alias_domain = '%d') OR send_as IN ( SELECT CONCAT ('%u','@',target_domain) FROM alias_domain WHERE alias_domain = '%d' ) AND logged_in_as NOT IN (SELECT goto FROM alias WHERE address='%s') UNION SELECT username FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' AND mailbox.username = CONCAT('%u','@',alias_domain.target_domain) AND mailbox.active ='1' AND alias_domain.active='1'

data/conf/postfix/sql/mysql_virtual_spamalias_maps.cf

@@ -1,5 +0,0 @@
-user = mailcow
-password = mysafepasswd
-hosts = mysql
-dbname = mailcow
-query = SELECT goto FROM spamalias WHERE address='%s' AND validity >= UNIX_TIMESTAMP()

data/conf/rspamd/lua/rspamd.local.lua

@@ -23,40 +23,46 @@ auth_domain_map = rspamd_config:add_map({
   description = 'Map of domains we are authoritative for'
 })
 
-rspamd_config.ADD_DELIMITER_TAG = {
-  callback = function(task)
-    local tag = nil
-    local util = require("rspamd_util")
-    local rspamd_logger = require "rspamd_logger"
-    local user_tagged = task:get_recipients(2)[1]['user']
-    local domain = task:get_recipients(1)[1]['domain']
-    local user, tag = user_tagged:match("([^+]+)+(.*)")
-    local authdomain = auth_domain_map:get_key(domain)
+rspamd_config:register_post_filter(function(task)
+  local tag = nil
+  local util = require("rspamd_util")
+  local rspamd_logger = require "rspamd_logger"
+  local user_tagged = task:get_recipients(2)[1]['user']
+  local domain = task:get_recipients(1)[1]['domain']
+  local user, tag = user_tagged:match("([^+]+)+(.*)")
+  local authdomain = auth_domain_map:get_key(domain)
+  local action = task:get_metric_action('default')
+  local action = task:get_metric_action('default')
+  rspamd_logger.infox("metric action now: %s", action)
 
-    if tag and authdomain then
-      rspamd_logger.infox("domain: %1, tag: %2", domain, tag)
-      local user_untagged = user .. '@' .. domain
-      rspamd_logger.infox("querying tag settings for user %1", user_untagged)
-      if modify_subject_map:get_key(user_untagged) then
-        rspamd_logger.infox("found user in map for subject rewrite")
-        local sbj = task:get_header('Subject')
-        new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='
-        task:set_rmilter_reply({
-          remove_headers = {['Subject'] = 1},
-          add_headers = {['Subject'] = new_sbj}
-        })
-      else
-        rspamd_logger.infox("add X-Moo-Tag header")
-        task:set_rmilter_reply({
-          add_headers = {['X-Moo-Tag'] = 'YES'}
-        })
-      end
+  if action ~= 'no action' and action ~= 'greylist' then
+    return false
+  end
+
+  if tag and authdomain then
+    rspamd_logger.infox("domain: %1, tag: %2", domain, tag)
+    local user_untagged = user .. '@' .. domain
+    rspamd_logger.infox("querying tag settings for user %1", user_untagged)
+    if modify_subject_map:get_key(user_untagged) then
+      rspamd_logger.infox("found user in map for subject rewrite")
+      local sbj = task:get_header('Subject')
+      new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='
+      task:set_rmilter_reply({
+        remove_headers = {['Subject'] = 1},
+        add_headers = {['Subject'] = new_sbj}
+      })
     else
-      rspamd_logger.infox("skip delimiter handling for untagged message or authenticated user")
+      rspamd_logger.infox("add X-Moo-Tag header")
+      task:set_rmilter_reply({
+        add_headers = {['X-Moo-Tag'] = 'YES'}
+      })
     end
-    return false
+  else
+    rspamd_logger.infox("skip delimiter handling for untagged message or authenticated user")
   end
-}
+  return false
+end)
+
 
 rspamd_config.MRAPTOR = {
   callback = function(task)