178 lines
7.2 KiB
YAML
178 lines
7.2 KiB
YAML
---
|
|
spamassassin_install: True
|
|
spamassassin_spamd_enabled: True
|
|
spamassassin_sql_backend: False
|
|
spamassassin_required_hits: 5
|
|
spamassassin_report_safe: '0'
|
|
spamassassin_rewrite_subject: "[SPAM]"
|
|
spamassassin_user: spamassassin
|
|
spamassassin_group: '{{ spamassassin_user }}'
|
|
spamassassin_home: /etc/mail/spamassassin
|
|
|
|
spamassassin_rh_packages:
|
|
- spamassassin
|
|
- spamassassin-iXhash2
|
|
- python2-pip
|
|
|
|
spamassassin_sql_rh_packages:
|
|
- perl-DBD-Pg
|
|
- perl-DBI
|
|
|
|
spamassassin_pyzor_pip_packages:
|
|
- pip
|
|
- pyzor
|
|
|
|
spamassassin_listen_ip: '127.0.0.1'
|
|
spamassassin_authorized_ip_addresses: '127.0.0.1'
|
|
spamassassin_spamd_port: 783
|
|
spamassassin_conf_dir: '{{ spamassassin_home }}'
|
|
spamassassin_sysconfig_file: '/etc/sysconfig/spamassassin'
|
|
# Only postgresql support for the time being
|
|
spamassassin_db_user_config: True
|
|
spamassassin_spamd_sql_opts: '-q -x -u {{ spamassassin_user }} -g {{ spamassassin_group }}'
|
|
spamassassin_db_name: 'spamassassin'
|
|
spamassassin_db_user: 'spamassassin_u'
|
|
# spamassassin_db_pwd: 'use a vault file'
|
|
spamassassin_db_host: 'localhost'
|
|
spamassassin_db_external_host: '{{ spamassassin_db_host }}'
|
|
spamassassin_db_port: 5432
|
|
spamassassin_db_sql_file: 'spamassassin-pg-3.4.sql'
|
|
spamassassin_db_allowed_hosts:
|
|
- '127.0.0.1'
|
|
- '{{ ansible_fqdn }}'
|
|
|
|
spamassassin_enable_pyzor: True
|
|
# in seconds
|
|
spamassassin_pyzor_timeout: '60'
|
|
spamassassin_use_bayes: False
|
|
spamassassin_bayes_sql_db: '{{ spamassassin_db_user_config }}'
|
|
spamassassin_use_bayes_autolearn: '0'
|
|
spamassassin_use_bayes_auto_expire: '1'
|
|
spamassassin_bayes_ignored_headers:
|
|
- 'X-Bogosity'
|
|
- 'X-Spam-Flag'
|
|
- 'X-Spam-Status'
|
|
spamassassin_auto_whitelist: False
|
|
spamassassin_auto_whitelist_sql_db: '{{ spamassassin_db_user_config }}'
|
|
spamassassin_disable_rbls: False
|
|
spamassassin_disabled_rbls_list: []
|
|
# - bldomain
|
|
# - sorbs.net
|
|
spamassassin_normalize_charset: '0'
|
|
# The following do not appear anywhere in the spamassassin code.
|
|
# Commented in local.cf for the time being
|
|
spamassassin_text_body_scan_size: '50000'
|
|
spamassassin_body_part_scan_size: '500000'
|
|
#
|
|
spamassassin_shortcircuit_plugin: False
|
|
spamassassin_shortcircuit_rules:
|
|
- { key: 'USER_IN_WHITELIST', value: 'on' }
|
|
- { key: 'USER_IN_DEF_WHITELIST', value: 'on' }
|
|
- { key: 'USER_IN_ALL_SPAM_TO', value: 'on' }
|
|
- { key: 'SUBJECT_IN_WHITELIST', value: 'on' }
|
|
- { key: 'USER_IN_BLACKLIST', value: 'on' }
|
|
- { key: 'USER_IN_BLACKLIST_TO', value: 'on' }
|
|
- { key: 'SUBJECT_IN_BLACKLIST', value: 'on' }
|
|
- { key: 'ALL_TRUSTED', value: 'on' }
|
|
|
|
spamassassin_shortcircuit_bayes_rules:
|
|
- { key: 'BAYES_99', value: 'spam' }
|
|
- { key: 'BAYES_00', value: 'ham' }
|
|
|
|
# See https://cwiki.apache.org/confluence/display/SPAMASSASSIN/WritingRules
|
|
spamassassin_local_rules: []
|
|
# - "score DKIM_VALID 0.001"
|
|
# - "score DKIM_INVALID 2"
|
|
# - "score PYZOR_CHECK 0 2.985 0 2.392 # n=0 n=2"
|
|
# - "score RCVD_IN_DNSWL_HI 1.0"
|
|
# - "score RCVD_IN_DNSWL_LOW 0.1 # default -1"
|
|
# - "score RCVD_IN_DNSWL_MED 0.5 # default -4"
|
|
# - "score SPF_FAIL 0 1.919 0 1.001 # n=0 n=2"
|
|
# - "score SPF_HELO_FAIL 0 1.001 0 1.001 # n=0 n=2"
|
|
# - "whitelist_from foo@example.org *@example.net"
|
|
# - "whitelist_to foo@example.com"
|
|
# - "blacklist_from foo@example.org *@example.net"
|
|
# - "blacklist_to foo@example.com"
|
|
### Some rules are multiline
|
|
# - "full blacklist_bar /bar\\@example.net/"
|
|
# - "describe blacklist_bar blacklist bar@example.net/"
|
|
# - "score blacklist_bar 6.5"
|
|
# - "header __f1 Return-path =~ /pop(store)?\\.(foo|bar)\\.example\\.org/"
|
|
# - "header __f2 From =~ /(([0-9]+)|pop(store)?)\\.(foo|bar)\\.example\\.org/"
|
|
# - "header __f3 Return-path =~ /([0-9]+)\\@example.org/"
|
|
# - "header __f4 exists:List-Id"
|
|
# - "meta unallow USER_IN_WHITELIST && (__f1||__f2||__f3||__f4||cnuce||SUBJECT_FUZZY_MEDS||diplomas_future)"
|
|
# - "describe unallow Remove almost all whitelist advantage"
|
|
# - "priority unallow 10"
|
|
# - "score unallow 98"
|
|
# - "header __more_bar ToCc =~ /(?<!me)\\@example\\.net/i"
|
|
# - "header __more_mine ToCc =~ /me\\@example\\.net/i"
|
|
# - "header __more_list_owner List-Owner =~ /.+/"
|
|
# - "meta more_mine __more_bar && !__more_min && !__more_list_owner"
|
|
# - "describe more_mine To someone different than me"
|
|
# - "score more_mine 0.5"
|
|
|
|
spamassassin_spamd_ssl_enabled: True
|
|
spamassassin_spamd_ssl_opts: '--ssl --server-key {{ spamassassin_home }}/client-key.pem --server-cert {{ spamassassin_home }}/client-cert.pem'
|
|
|
|
# https://cwiki.apache.org/confluence/display/SPAMASSASSIN/ClamAVPlugin
|
|
# https://cwiki.apache.org/confluence/display/SPAMASSASSIN/ClamAVMultipleScores
|
|
spamassassin_clamav_old_plugin: False
|
|
spamassassin_clamav_multiple_scores: False
|
|
spamassassin_clamav_plugin_score: '4'
|
|
spamassassin_clamav_ms_heuristics_score: '3.0'
|
|
|
|
# https://github.com/bigio/spamassassin-clamav
|
|
spamassassin_clamav_github_plugin: False
|
|
spamassassin_clamav_github_plugin_url: 'https://raw.githubusercontent.com/bigio/spamassassin-clamav/master/clamav.pm'
|
|
|
|
# https://github.com/bigio/spamassassin-vba-macro
|
|
spamassassin_ole2macro_github_plugin: True
|
|
spamassassin_ole2macro_github_plugin_url: 'https://raw.githubusercontent.com/bigio/spamassassin-vba-macro/master/ole2macro.pm'
|
|
spamassassin_ole2macro_github_plugin_score: '3'
|
|
|
|
# https://github.com/bigio/spamassassin-dmarc
|
|
spamassassin_dmarc_github_plugin: True
|
|
spamassassin_dmarc_github_plugin_url: 'https://raw.githubusercontent.com/bigio/spamassassin-dmarc/master/dmarc.pm'
|
|
spamassassin_dmarc_github_reject_score: '0.3'
|
|
spamassassin_dmarc_github_qar_score: '0.2'
|
|
spamassassin_dmarc_github_dmarc_none_score: '0.1'
|
|
spamassassin_dmarc_github_dmarc_missing_score: '0.0'
|
|
spamassassin_dmarc_github_dmarc_pass_score: '-0.1'
|
|
|
|
spamassassin_dmarc_perl_packages:
|
|
- 'perl-IO-Compress'
|
|
- 'perl-IO-Compress-Lzma'
|
|
- 'perl-MIME-tools'
|
|
- 'perl-OLE-Storage_Lite'
|
|
|
|
psql_db_data:
|
|
- { name: '{{ spamassassin_db_name }}', encoding: 'UTF8', user: '{{ spamassassin_db_user }}', roles: 'NOCREATEDB,NOSUPERUSER', pwd: '{{ spamassassin_db_pwd }}', managedb: True, allowed_hosts: '{{ spamassassin_db_allowed_hosts }}', extensions: [ '' ], schema_file: '/srv/spamassassin.sql' }
|
|
|
|
## Spamassassin milter settings
|
|
spamassassin_milter_install: False
|
|
spamassassin_rh_milter_packages:
|
|
- spamass-milter
|
|
- spamass-milter-postfix
|
|
|
|
spamassassin_milter_set_pref_dom_and_user: False
|
|
spamassassin_milter_pref_default_domain: 'localhost'
|
|
spamassassin_milter_pref_default_user: 'root'
|
|
spamassassin_milter_reject_code: '5.7.1'
|
|
spamassassin_milter_reject_message: 'Blocked by SpamAssassin'
|
|
spamassassin_milter_connect_to_external_spamd: False
|
|
# separate with a comma if more than one
|
|
spamassassin_milter_external_spamd_hosts: '127.0.0.1'
|
|
spamassassin_milter_external_round_robin_hosts: True
|
|
spamassassin_milter_external_spamd_port: '{{ spamassassin_spamd_port }}'
|
|
spamassassin_milter_exclude_whitelisted_networks: False
|
|
# Separate with commas
|
|
spamassassin_milter_whitelisted_networks: '127.0.0.1/8'
|
|
spamassassin_milter_reject_limit: 15
|
|
spamassassin_milter_change_headers: True
|
|
spamassassin_milter_ssl_enabled: '{{ spamassassin_spamd_ssl_enabled }}'
|
|
# In bytes
|
|
spamassassin_milter_spamc_max_msg_size: '512000'
|
|
spamassassin_milter_enable_compression: False
|
|
|