--- /dev/null
+use strict;
+
+# You can modify this file to re-enable SPAM checking through spamassassin
+# and to re-enable antivirus checking.
+
+#
+# Default antivirus checking mode
+# Uncomment the two lines below to enable it back
+#
+
+@bypass_virus_checks_maps = (
+ \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
+
+
+#
+# Default SPAM checking mode
+# Uncomment the two lines below to enable it back
+#
+
+@bypass_spam_checks_maps = (
+ \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
+
+1; # ensure a defined return
# root.
#ssl_cert_file = /etc/ssl/certs/dovecot.pem
#ssl_key_file = /etc/ssl/private/dovecot.pem
+ssl_cert_file = /etc/ssl/certs/cert.crt
+ssl_key_file = /etc/ssl/private/cert.pem
# If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter.
# string.
#login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
+# Dont log user IPs
+login_log_format_elements = user=<%u> method=%m %c
+
# Login log format. %$ contains login_log_format_elements string, %s contains
# the data we want to log.
#login_log_format = %$: %s
# <doc/wiki/MailLocation.txt>
#
#mail_location =
+mail_location = maildir:/var/mail/virtual/%u
# If you need to set multiple mailbox locations or want to change default
# namespace settings, you can do it by defining namespace sections.
# Space separated list of wanted authentication mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
# NOTE: See also disable_plaintext_auth setting.
- mechanisms = plain
+ mechanisms = plain login
#
# Password database is used to verify user's password (and nothing more).
#}
# SQL database <doc/wiki/AuthDatabase.SQL.txt>
- #passdb sql {
+ passdb sql {
# Path for SQL configuration file
- #args = /etc/dovecot/dovecot-sql.conf
- #}
+ args = /etc/dovecot/dovecot-sql.conf
+ }
# LDAP database <doc/wiki/AuthDatabase.LDAP.txt>
#passdb ldap {
#}
# SQL database <doc/wiki/AuthDatabase.SQL.txt>
- #userdb sql {
+ userdb sql {
# Path for SQL configuration file
- #args = /etc/dovecot/dovecot-sql.conf
- #}
+ args = /etc/dovecot/dovecot-sql.conf
+ }
# LDAP database <doc/wiki/AuthDatabase.LDAP.txt>
#userdb ldap {
#ssl_username_from_cert = no
# It's possible to export the authentication interface to other programs:
- #socket listen {
+ socket listen {
#master {
# Master socket provides access to userdb information. It's typically
# used to give Dovecot's local delivery agent access to userdb so it
#user =
#group =
#}
- #client {
- # The client socket is generally safe to export to everyone. Typical use
- # is to export it to your SMTP server so it can do SMTP AUTH lookups
- # using it.
- #path = /var/run/dovecot/auth-client
- #mode = 0660
- #}
- #}
+ client {
+ # Assuming the default Postfix $queue_directory setting
+ path = /var/spool/postfix/private/auth
+ mode = 0660
+ # Assuming the default Postfix user and group
+ user = postfix
+ group = postfix
+ }
+ }
## dovecot-lda specific settings
##
--- /dev/null
+class mail::amavisd {
+ # TODO: master.cf
+
+ service { "amavisd":
+ ensure => running,
+ require => Package['amavisd-new'],
+ }
+
+ service { "freshclam":
+ ensure => running,
+ require => Package['clamav-freshclam'],
+ }
+
+ file { "/etc/amavis/conf.d/15-content_filter_mode":
+ ensure => present,
+ owner => root,
+ group => root,
+ mode => 0644,
+ source => "puppet://$server/modules/mail/amavisd/15-content_filter_mode",
+ notify => Service['amavisd'],
+ }
+
+ postfix::config { "content_filter": value => 'amavis:[127.0.0.1]:10024' }
+}
import "postfixadmin"
import "sasl.pp"
import "tls.pp"
+import "amavisd.pp"
#include mail::dovecot
#include mail::postfixadmin
#include mail::header_checks
+ #include mail::amavisd
# Postfix configuration
postfix::config {
"mydestination": value => "$postfix_mydestination";
"mynetworks": value => "$postfix_mynetworks";
"relay_domains": value => "$domain";
- "virtual_alias_maps": value => "hash:/etc/postfix/virtual"; # TODO: use postfixadmin config instead
"transport_maps": value => "hash:/etc/postfix/transport";
"mailbox_command": value => '/usr/bin/maildrop -d ${USER}';
+ "mailbox_command": value => '/var/mail/virtual';
}
postfix::hash { "/etc/postfix/virtual":
'/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf' ],
}
- # Additional for quota support
- postfix::config { "virtual_mailbox_limit_maps":
- value => 'mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf'
- require => File['/etc/postfix/mysql_virtual_mailbox_limit_maps.cf'],
- }
-
- postfix::config { "virtual_create_maildirsize": value => 'yes' }
- postfix::config { "virtual_mailbox_extended ": value => 'yes' }
- postfix::config { "virtual_mailbox_limit_override": value => 'yes' }
- postfix::config { "virtual_maildir_limit_message": value => 'The user's maildir has overdrawn his quota, try again later.' }
- postfix::config { "virtual_overquota_bounce": value => 'yes' }
-
#
# Map files
#
content => template('postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf'),
}
- file { "/etc/postfix/mysql_virtual_mailbox_limit_maps.cf":
- ensure => present,
- owner => root,
- mode => 0600,
- content => template('postfix/sql/mysql_virtual_mailbox_limit_maps.cf'),
- }
+ #
+ # Additional for quota support
+ #
+ #postfix::config { "virtual_mailbox_limit_maps":
+ # value => 'mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf'
+ # require => File['/etc/postfix/mysql_virtual_mailbox_limit_maps.cf'],
+ #}
+ #
+ #postfix::config { "virtual_create_maildirsize": value => 'yes' }
+ #postfix::config { "virtual_mailbox_extended ": value => 'yes' }
+ #postfix::config { "virtual_mailbox_limit_override": value => 'yes' }
+ #postfix::config { "virtual_maildir_limit_message": value => 'The user's maildir has overdrawn his quota, try again later.' }
+ #postfix::config { "virtual_overquota_bounce": value => 'yes' }
+ #
+ #file { "/etc/postfix/mysql_virtual_mailbox_limit_maps.cf":
+ # ensure => present,
+ # owner => root,
+ # mode => 0600,
+ # content => template('postfix/sql/mysql_virtual_mailbox_limit_maps.cf'),
+ #}
}
# Database driver: mysql, pgsql, sqlite
#driver =
+driver = mysql
# Database connection string. This is driver-specific setting.
#
# connect = /etc/dovecot/authdb.sqlite
#
#connect = dbname=virtual user=virtual
+connect = host=<%= postfixadmin_hosts %> dbname=<%= postfixadmin_dbname %> user=<%= postfixadmin_user %> password=<%= postfixadmin_password %>
# Default password scheme.
#
# http://wiki.dovecot.org/Authentication/PasswordSchemes
#
#default_pass_scheme = PLAIN-MD5
+default_pass_scheme = MD5-CRYPT
# Query to retrieve the password.
#
# password_query = SELECT pw AS password FROM users WHERE userid = '%u' AND active = 'Y'
#
#password_query = SELECT userid as user, password FROM users WHERE userid = '%u'
+password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
# Query to retrieve the user information.
#
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
#
#user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
+user_query = SELECT maildir, 1001 AS uid, 1001 AS gid FROM mailbox WHERE username = '%u' AND active='1'
# If you wish to avoid two SQL lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
projects / puppet-mail.git / commitdiff