diff --git a/library/roles/roundcube/defaults/main.yml b/library/roles/roundcube/defaults/main.yml
index 7e2c7a38..746ba7a9 100644
--- a/library/roles/roundcube/defaults/main.yml
+++ b/library/roles/roundcube/defaults/main.yml
@@ -124,6 +124,28 @@ roundcube_enigma_gpgconf_bin: /usr/bin/gpgconf
roundcube_enigma_gpgagent_bin: /usr/bin/gpg-agent
roundcube_enigma_multihost: 'false'
+roundcube_sauserprefs_plugin_install: False
+roundcube_sauserprefs_plugin_name: sauserprefs
+roundcube_sauserprefs_version: '1.18.1'
+roundcube_sauserprefs_db_type: 'pgsql'
+roundcube_sauserprefs_db_host: 'localhost'
+roundcube_sauserprefs_db_name: 'spamassassin'
+roundcube_sauserprefs_db_user: 'spamassassin'
+# roundcube_sauserprefs_db_pwd: 'vault file'
+roundcube_sauserprefs_git: 'https://github.com/johndoh/roundcube-sauserprefs.git'
+roundcube_sauserprefs_username_field: '%i'
+roundcube_sauserprefs_abook_sync: 'false'
+roundcube_sauserprefs_abook_import: 'false'
+roundcube_sauserprefs_pyzor_enabled: '0'
+roundcube_sauserprefs_bayes_enabled: False
+roundcube_sauserprefs_bayes_rules: '0'
+roundcube_sauserprefs_bayes_autolearn: '0'
+roundcube_sauserprefs_autowhitelist_enabled: False
+roundcube_sauserprefs_subject: '[SPAM]'
+roundcube_sauserprefs_report_safe: '0'
+roundcube_sauserprefs_skip_rbl_checks: '0'
+roundcube_sauserprefs_do_not_override_array: "'use_razor1','use_razor2','use_dcc'"
+
roundcube_managesieve_config: True
roundcube_managesieve_auth: 'plain'
roundcube_managesieve_port: 4190
diff --git a/library/roles/roundcube/tasks/roundcube-install.yml b/library/roles/roundcube/tasks/roundcube-install.yml
index 6fd58d42..7403b981 100644
--- a/library/roles/roundcube/tasks/roundcube-install.yml
+++ b/library/roles/roundcube/tasks/roundcube-install.yml
@@ -52,6 +52,25 @@
when: roundcube_install_enigma | bool
tags: [ 'roundcube', 'roundcube_plugins', 'roundcube_config', 'roundcube_enigma' ]
+- name: Manage the Spamassassin preferences plugin and its dependency
+ block:
+ - name: Install the sauserprefs plugin
+ git: repo={{ roundcube_sauserprefs_git }} dest={{ roundcube_web_root }}/plugins/{{ roundcube_sauserprefs_plugin_name }} version={{ roundcube_sauserprefs_version }}
+
+ - name: Install the sauserprefs plugin configuration
+ template: src=sauserprefs-config.inc.php.j2 dest={{ roundcube_web_root }}/plugins/{{ roundcube_sauserprefs_plugin_name }}/config.inc.php owner=root group={{ roundcube_user }} mode=0440
+
+ when: roundcube_sauserprefs_plugin_install | bool
+ tags: [ 'roundcube', 'roundcube_plugins', 'roundcube_config', 'roundcube_sauserprefs' ]
+
+- name: Remove the Spamassassin preferences plugin when not enabled
+ block:
+ - name: Remove the sauserprefs plugin
+ file: dest={{ roundcube_web_root }}/plugins/{{ roundcube_sauserprefs_plugin_name }} state=absent
+
+ when: not roundcube_sauserprefs_plugin_install | bool
+ tags: [ 'roundcube', 'roundcube_plugins', 'roundcube_config', 'roundcube_sauserprefs' ]
+
- block:
- name: Configure the roundcube instance
template: src=config.inc.php.j2 dest={{ roundcube_web_root }}/config/config.inc.php owner=root group=root mode=0444
diff --git a/library/roles/roundcube/templates/sauserprefs-config.inc.php.j2 b/library/roles/roundcube/templates/sauserprefs-config.inc.php.j2
new file mode 100644
index 00000000..2a11819a
--- /dev/null
+++ b/library/roles/roundcube/templates/sauserprefs-config.inc.php.j2
@@ -0,0 +1,132 @@
+<?php
+
+/**
+ * SAUserPrefs configuration file
+ */
+
+// spamassassin database settings
+$config['sauserprefs_db_dsnw'] = '{{ roundcube_sauserprefs_db_type }}://{{ roundcube_sauserprefs_db_user }}:{{ roundcube_sauserprefs_db_pwd }}@{{ roundcube_sauserprefs_db_host }}/{{ roundcube_sauserprefs_db_name }}';
+
+// PEAR database DSN for read only operations (if empty write database will be used)
+// useful for database replication
+$config['sauserprefs_db_dsnr'] = '';
+
+// use persistent db-connections
+// beware this will not "always" work as expected
+// see: http://www.php.net/manual/en/features.persistent-connections.php
+$config['sauserprefs_db_persistent'] = false;
+
+// table that holds user prefs
+$config['sauserprefs_sql_table_name'] = 'userpref';
+
+// name of the username field in the user prefs table
+$config['sauserprefs_sql_username_field'] = 'username';
+
+// name of the preference field in the user prefs table, holds the name of the preference
+$config['sauserprefs_sql_preference_field'] = 'preference';
+
+// name of the value field in the user prefs table, holds the value of the preference
+$config['sauserprefs_sql_value_field'] = 'value';
+
+// username of the current user in the database, normaly %u (username from the session info)
+// %u is replaced with the username (from the session info)
+// %l is replaced with the local part of the username (if the username is an email address)
+// %d is replaced with the domain part of the username (if the username is an email address or default mail domain if not)
+// %i is replaced with the email address from the user's default identity
+$config['sauserprefs_userid'] = '{{ roundcube_sauserprefs_username_field }}';
+
+// username of the global or default settings user in the database, normaly $GLOBAL or @GLOBAL
+$config['sauserprefs_global_userid'] = '\$GLOBAL';
+
+// enable address whitelist synchronisation with address book(s)
+// possible values:
+// false - synchronisation disabled
+// true - synchronise with default address book
+// array - an array of address book ids to synchronise with e.g. array('0', 'global'); '0' = the default address book
+$config['sauserprefs_abook_sync'] = {{ roundcube_sauserprefs_abook_sync }};
+
+// set to false to disable address book import
+// possible values:
+// false - address import disabled
+// true - import addresses from default address book
+// array - an array of address book ids to import e.g. array('0', 'global'); '0' = the default address book
+$config['sauserprefs_abook_import'] = {{ roundcube_sauserprefs_abook_import }};
+
+// don't allow these settings to be overriden by the user
+// eg. $config['sauserprefs_dont_override'] = array('required_score','rewrite_header Subject');
+// to disable entire sections enter the section name surrounded by braces. Sections are: general,tests,bayes,headers,report,addresses
+// eg. $config['sauserprefs_dont_override'] = array('{tests}');
+$config['sauserprefs_dont_override'] = array({{ roundcube_sauserprefs_do_not_override_array }});
+
+// activate SAUserPrefs for selected mail hosts only. If this is not set all mail hosts are allowed.
+// example: $config['sauserprefs_allowed_hosts'] = array('mail1.domain.tld', 'mail2.domain.tld');
+$config['sauserprefs_allowed_hosts'] = null;
+
+// load specific config for different mail hosts
+// example: $config['sauserprefs_host_config'] = array(
+// 'mail1.domain.tld' => 'mail1_config.inc.php',
+// 'mail2.domain.tld' => 'mail2_config.inc.php',
+// );
+$config['sauserprefs_host_config'] = null;
+
+// default settings
+// these are overridden by $GLOBAL and user settings from the database
+$config['sauserprefs_default_prefs'] = array(
+ 'required_score' => 5,
+ 'rewrite_header Subject' => '{{ roundcube_sauserprefs_subject }}',
+ 'ok_languages' => 'all',
+ 'ok_locales' => 'all',
+ 'fold_headers' => 1,
+ 'add_header all Level' => '_STARS(*)_',
+ 'use_razor1' => 0,
+ 'use_razor2' => 0,
+ 'use_pyzor' => {{ roundcube_sauserprefs_pyzor_enabled }},
+ 'use_dcc' => 0,
+ 'report_safe' => {{ roundcube_sauserprefs_report_safe }},
+{% if roundcube_sauserprefs_bayes_enabled %}
+ 'use_bayes' => 1,
+ 'bayes_auto_learn' => {{ roundcube_sauserprefs_bayes_autolearn }},
+ 'bayes_auto_learn_threshold_nonspam' => 0.1,
+ 'bayes_auto_learn_threshold_spam' => 12.0,
+ 'use_bayes_rules' => {{ roundcube_sauserprefs_bayes_rules }},
+{% endif %}
+{% if roundcube_sauserprefs_autowhitelist_enabled %}
+ 'use_auto_whitelist' => 1,
+{% else %}
+ 'use_auto_whitelist' => 0,
+{% endif %}
+ 'skip_rbl_checks' => {{ roundcube_sauserprefs_skip_rbl_checks }},
+ 'score USER_IN_BLACKLIST' => 10,
+ 'score USER_IN_WHITELIST' => -10
+ );
+
+// score options
+// define the ranges for the various score select boxes
+// '[field name]' => array('min' => [min], 'max' => [max], 'increment' => [increment], 'extra' => array())
+// note: the 'extra' key is optional and should contain further arrays with min, max and increment keys
+$config['sauserprefs_score_options'] = array(
+ '*' => array('min' => 1, 'max' => 10, 'increment' => 1),
+ '_bayesnonspam' => array('min' => -1, 'max' => 1, 'increment' => 0.1),
+ '_bayesspam' => array('min' => 1, 'max' => 20, 'increment' => 1),
+ '_score_user_blacklist' => array('min' => 0, 'max' => 100, 'increment' => 10, 'extra' => array(array('min' => 1, 'max' => 10, 'increment' => 1))),
+ '_score_user_whitelist' => array('min' => -100, 'max' => -1, 'increment' => 10, 'extra' => array(array('min' => -10, 'max' => -1, 'increment' => 1)))
+ );
+
+// delete user bayesian data stored in database
+// the query can contain the following macros that will be expanded as follows:
+// %u is replaced with the username from the sauserprefs_userid setting above
+// use an array to run multiple queries
+// set to null to disable this option
+// eg. $config['sauserprefs_bayes_delete_query'] = array(
+// 'DELETE FROM bayes_seen WHERE id IN (SELECT id FROM bayes_vars WHERE username = %u);',
+// 'DELETE FROM bayes_token WHERE id IN (SELECT id FROM bayes_vars WHERE username = %u);',
+// 'DELETE FROM bayes_vars WHERE username = %u;'
+// );
+$config['sauserprefs_bayes_delete_query'] = null;
+
+// allowed languages
+// set to array of language codes to limit the language list available for the ok_languages option
+// eg array('en', 'es', 'ru', 'zh');
+// see the README for a full list of supported languages
+// set to null for all possible languages
+$config['sauserprefs_langs_allowed'] = null;