aknuth
/
email-amazon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' of git.bizmatch.net:aknuth/email-amazon

This commit is contained in:
Andreas Knuth 2026-02-09 10:58:31 -06:00
parent 1d66485068 38fcf8c4d8
commit 6fccc0b2f9
8 changed files with 72 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
DMS/Dockerfile
View File

@ -4,7 +4,6 @@ LABEL maintainer="andreas.knuth@bayarea-cc.com"
LABEL description="Custom DMS with Python3 support and Sieve Sync" LABEL description="Custom DMS with Python3 support and Sieve Sync"
# 1. Python, pip und dependencies installieren # 1. Python, pip und dependencies installieren
# croniter hinzufügen!
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y --no-install-recommends \ apt-get install -y --no-install-recommends \
python3 \ python3 \
@ -20,9 +19,8 @@ WORKDIR /scripts
COPY sync_dynamodb_to_sieve.py /scripts/sync.py COPY sync_dynamodb_to_sieve.py /scripts/sync.py
RUN chmod +x /scripts/sync.py RUN chmod +x /scripts/sync.py
# 4. Schedule Konfiguration kopieren (Der Cron-String) # 4. Schedule Konfiguration kopieren
COPY sieve-schedule /etc/sieve-schedule COPY sieve-schedule /etc/sieve-schedule
# 5. Supervisor Konfiguration kopieren # 5. Supervisor Konfiguration kopieren
# DMS scannt diesen Ordner beim Start
COPY sieve-supervisor.conf /etc/supervisor/conf.d/sieve-sync.conf COPY sieve-supervisor.conf /etc/supervisor/conf.d/sieve-sync.conf

30
DMS/docker-compose.yml
View File

@ -17,6 +17,7 @@ services:
- "993:993" # IMAP SSL - "993:993" # IMAP SSL
- "110:110" # POP3 - "110:110" # POP3
- "995:995" # POP3 SSL - "995:995" # POP3 SSL
- "127.0.0.1:11334:11334" # Bindet nur an Localhost!
volumes: volumes:
- ./docker-data/dms/mail-data/:/var/mail/ - ./docker-data/dms/mail-data/:/var/mail/
- ./docker-data/dms/mail-state/:/var/mail-state/ - ./docker-data/dms/mail-state/:/var/mail-state/
@ -32,25 +33,36 @@ services:
- SSL_TYPE=manual - SSL_TYPE=manual
# Diese Pfade beziehen sich auf das INNERE des Containers (wo wir hin mounten) # Diese Pfade beziehen sich auf das INNERE des Containers (wo wir hin mounten)
- SSL_CERT_PATH=/etc/mail/certs/mail.email-srvr.com.crt - SSL_CERT_PATH=/etc/mail/certs/mail.email-srvr.com.crt
- SSL_KEY_PATH=/etc/mail/certs/mail.email-srvr.com.key - SSL_KEY_PATH=/etc/mail/certs/mail.email-srvr.com.key
- ENABLE_RSPAMD=0
- ENABLE_OPENDKIM=1 - ENABLE_OPENDKIM=1
- ENABLE_OPENDMARC=0 - ENABLE_OPENDMARC=0
- ENABLE_POLICYD_SPF=0 - ENABLE_POLICYD_SPF=0
# #### SPAM SECTION #####
# SPAM Rspamd aktivieren
- ENABLE_RSPAMD=1
# Greylisting AUS (vermeidet Verzögerungen)
- RSPAMD_GREYLISTING=0
# Eigene Mails NICHT scannen (vermeidet Probleme beim Senden)
- RSPAMD_CHECK_AUTHENTICATED=0
# Hostname Check AN (filtert Botnets, sehr sicher)
- RSPAMD_HFILTER=1
# Spam sortieren statt löschen (Sieve Magic)
- MOVE_SPAM_TO_JUNK=1
# Alte Dienste aus
- ENABLE_AMAVIS=0 - ENABLE_AMAVIS=0
- ENABLE_SPAMASSASSIN=0 - ENABLE_SPAMASSASSIN=0
- ENABLE_POSTGREY=0 - ENABLE_POSTGREY=0
- RSPAMD_GREYLISTING=0 # 2. ClamAV deaktivieren (Anti-Virus)
- ENABLE_CLAMAV=0 - ENABLE_CLAMAV=0
#- ENABLE_FAIL2BAN=1 # HACKERSCHUTZ (Pflicht!)
- ENABLE_FAIL2BAN=0 - ENABLE_FAIL2BAN=1
#- ENABLE_MANAGESIEVE=1 # DNS Resolver (verhindert Spamhaus-Probleme)
- ENABLE_UNBOUND=1
# #### END SPAM SECTION #####
# END SPAM SECTION
- ENABLE_MANAGESIEVE=0 - ENABLE_MANAGESIEVE=0
- ENABLE_POP3=1 - ENABLE_POP3=1
- RSPAMD_LEARN=1 - RSPAMD_LEARN=1
- MOVE_SPAM_TO_JUNK=1
- RSPAMD_CHECK_AUTHENTICATED=0
- RSPAMD_HFILTER=0
- ONE_DIR=1 - ONE_DIR=1
- ENABLE_UPDATE_CHECK=0 - ENABLE_UPDATE_CHECK=0
- PERMIT_DOCKER=network - PERMIT_DOCKER=network

4
DMS/docker-data/dms/config/rspamd/override.d/actions.conf Normal file
View File

@ -0,0 +1,4 @@
# Standard-Aktionen überschreiben
reject = 500; # Erst ab 500 Punkten ablehnen (passiert nie)
add_header = 6; # Ab 6 Punkten: X-Spam Header setzen
greylist = 500; # Greylisting faktisch deaktivieren (Schwellwert unerreichbar hoch)

9
DMS/docker-data/dms/config/rspamd/override.d/docker_whitelist.map Normal file
View File

@ -0,0 +1,9 @@
bayarea-cc.com
ruehrgedoens.de
annavillesda.org
bizmatch.net
biz-match.com
qrmaster.net
nqsltd.com
iitwelders.com
# Weitere Domains hier eintragen

1
DMS/docker-data/dms/config/rspamd/override.d/greylist.conf Normal file
View File

@ -0,0 +1 @@
enabled = false;

14
DMS/docker-data/dms/config/rspamd/override.d/multimap.conf Normal file
View File

@ -0,0 +1,14 @@
DOCKER_WL {
# ÄNDERUNG: Wir prüfen jetzt den Absender (Envelope From)
type = "from";
filter = "email:domain";
# Pfad bleibt gleich
map = "/etc/rspamd/override.d/docker_whitelist.map";
symbol = "DOCKER_WHITELIST";
score = -50.0;
description = "Whitelist fuer eigene Domains";
prefilter = true;
action = "accept";
}

1
DMS/docker-data/dms/config/rspamd/override.d/worker-controller.inc Normal file
View File

@ -0,0 +1 @@
password = "$2$eitni68mkfaaq957jx3bcx57sg1mmd9c$d9xyhjmmih7sjm3fpfu7r7tshhfm4ud93km65w5dkh151f5phiiy";

21
DMS/docker-data/dms/config/user-patches.sh Normal file
View File

@ -0,0 +1,21 @@
#!/bin/bash
# user-patches.sh läuft bei jedem Start von DMS automatisch
ACCOUNTS_FILE="/tmp/docker-mailserver/postfix-accounts.cf"
WHITELIST_FILE="/etc/rspamd/override.d/docker_whitelist.map"
echo "Patching: Generiere Rspamd Whitelist aus Accounts..."
if [ -f "$ACCOUNTS_FILE" ]; then
# Whitelist generieren
awk -F'|' '{print $1}' "$ACCOUNTS_FILE" | cut -d'@' -f2 | sort | uniq > "$WHITELIST_FILE"
# Berechtigungen korrigieren
chmod 644 "$WHITELIST_FILE"
chown _rspamd:_rspamd "$WHITELIST_FILE" 2>/dev/null || true
echo "Whitelist erfolgreich erstellt:"
cat "$WHITELIST_FILE"
else
echo "FEHLER: $ACCOUNTS_FILE wurde nicht gefunden!"
fi