Antispam plugin for Dovecot + rspamd pipe script

README.md

@@ -145,7 +145,7 @@ Connect to redis database:
 ./n-build-redis.sh --client
 ```
 
-### Rspamd examples
+### Some examples
 
 Use rspamadm:
 ```
@@ -157,6 +157,11 @@ Use rspamc:
 docker exec -it rspamd-mailcow rspamc --help
 ```
 
+Use doveadm:
+```
+docker exec -it dovecot-mailcow doveadm
+```
+
 ### Remove persistent data
 
 MariaDB:

data/Dockerfiles/dovecot/Dockerfile

@@ -3,10 +3,32 @@ MAINTAINER Andre Peters <andre.peters@servercow.de>
 
 ENV DEBIAN_FRONTEND noninteractive
 
-RUN apt-get update
+RUN apt-get update \
+	&& apt-get -y install dovecot-common \
+		dovecot-core \
+		dovecot-imapd \
+		dovecot-lmtpd \
+		dovecot-managesieved \
+		dovecot-sieve \
+		dovecot-mysql \
+		dovecot-pop3d \
+		dovecot-dev \
+		wget \
+		build-essential \
+		autotools-dev \
+		automake
 
-RUN apt-get -y install dovecot-common dovecot-core dovecot-imapd dovecot-lmtpd dovecot-managesieved dovecot-sieve dovecot-mysql dovecot-pop3d
+WORKDIR /tmp
+RUN wget http://hg.dovecot.org/dovecot-antispam-plugin/archive/tip.tar.gz -O - | tar xvz  \
+	&& cd /tmp/dovecot-antispam* \
+	&& ./autogen.sh \
+	&& ./configure --prefix=/usr \
+	&& make \
+	&& make install
 
+ADD rspamd-pipe /usr/local/bin/rspamd-pipe
+
+RUN chmod +x /usr/local/bin/rspamd-pipe
 RUN groupadd -g 5000 vmail
 RUN useradd -g vmail -u 5000 vmail -d /var/vmail
 

data/Dockerfiles/dovecot/rspamd-pipe

@@ -0,0 +1,6 @@
+#!/bin/bash
+if [[ ${1} == "learn_spam" ]]; then
+/usr/bin/curl --data-binary @- http://rspamd:11334/learnspam < /dev/stdin
+elif [[ ${1} == "learn_ham" ]]; then
+/usr/bin/curl --data-binary @- http://rspamd:11334/learnham < /dev/stdin
+fi

data/conf/dovecot/dovecot.conf

@@ -10,7 +10,7 @@ disable_plaintext_auth = yes
 login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k"
 mail_home = /var/vmail/%d/%n
 mail_location = maildir:~/
-mail_plugins = quota acl
+mail_plugins = quota acl zlib antispam
 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
 ssl_protocols = !SSLv3 !SSLv2
 ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
@@ -190,10 +190,10 @@ userdb {
   driver = sql
 }
 protocol imap {
-  mail_plugins = quota imap_quota imap_acl acl
+  mail_plugins = quota imap_quota imap_acl acl zlib imap_zlib antispam
 }
 protocol lmtp {
-  mail_plugins = quota sieve acl
+  mail_plugins = quota sieve acl zlib
   auth_socket_path = /var/run/dovecot/auth-master
 }
 protocol sieve {
@@ -205,6 +205,13 @@ plugin {
   acl = vfile
   quota = dict:Userquota::proxy::sqlquota
   quota_rule2 = Trash:storage=+100%%
+  antispam_backend = mailtrain
+  antispam_spam    = Junk
+  antispam_trash   = Trash
+  antispam_mail_sendmail = /usr/local/bin/rspamd-pipe
+  antispam_mail_spam     = learn_spam
+  antispam_mail_notspam  = learn_ham
+  #antispam_mail_sendmail_args = 
   sieve = /var/vmail/sieve/%u.sieve
   sieve_after = /var/vmail/sieve/global.sieve
   sieve_max_script_size = 1M

data/conf/rspamd/override.d/worker-controller.inc

@@ -1,2 +1,7 @@
 bind_socket = "*:11334";
 enable_password ="$2$ibe1yt89kq5rtb9juy8z7cmkt1yg5d9w$bezuyyo8o4kge13rzj8epasdf6ojsgo1jgojce8msbt5bsq9n3dy";
+secure_ip = "192.168.0.0/16";
+secure_ip = "172.16.0.0/12";
+secure_ip = "10.0.0.0/8";
+secure_ip = "127.0.0.1";
+secure_ip = "::1";