diff --git a/plinth/modules/email_server/__init__.py b/plinth/modules/email_server/__init__.py
index 7785bfc7e..450b034ca 100644
--- a/plinth/modules/email_server/__init__.py
+++ b/plinth/modules/email_server/__init__.py
@@ -9,6 +9,7 @@ import plinth.daemon
import plinth.frontpage
import plinth.menu
from plinth import actions
+from plinth.modules.apache.components import Webserver
from plinth.modules.firewall.components import Firewall
from . import audit
@@ -16,7 +17,8 @@ from . import manifest
version = 1
managed_packages = ['postfix', 'dovecot-pop3d', 'dovecot-imapd',
- 'dovecot-lmtpd', 'dovecot-ldap', 'dovecot-managesieved']
+ 'dovecot-lmtpd', 'dovecot-ldap', 'dovecot-managesieved',
+ 'rspamd']
managed_services = ['postfix', 'dovecot']
app = None
@@ -50,6 +52,11 @@ class EmailServerApp(plinth.app.App):
)
self.add(menu_item)
+ # /rspamd location
+ webserver = Webserver('webserver-email', 'email-server-freedombox',
+ urls=['https://{host}/rspamd'])
+ self.add(webserver)
+
shortcut = plinth.frontpage.Shortcut(
'shortcut_' + self.app_id,
name=info.name,
@@ -96,6 +103,7 @@ def setup(helper, old_version=None):
"""Installs and configures module"""
helper.install(managed_packages)
helper.call('post', audit.ldap.repair)
+ helper.call('post', audit.spam.repair)
helper.call('post', app.enable)
for service_name in managed_services:
actions.superuser_run('service', ['reload', service_name])
diff --git a/plinth/modules/email_server/audit/__init__.py b/plinth/modules/email_server/audit/__init__.py
index 80c90ceb5..41f1b99c6 100644
--- a/plinth/modules/email_server/audit/__init__.py
+++ b/plinth/modules/email_server/audit/__init__.py
@@ -5,5 +5,6 @@ Provides diagnosis and repair of email server configuration issues
from . import ldap
from . import domain
+from . import spam
-__all__ = ['ldap', 'domain']
+__all__ = ['ldap', 'domain', 'spam']
diff --git a/plinth/modules/email_server/audit/spam.py b/plinth/modules/email_server/audit/spam.py
new file mode 100644
index 000000000..a7ec22318
--- /dev/null
+++ b/plinth/modules/email_server/audit/spam.py
@@ -0,0 +1,26 @@
+"""Configures spam filters and the virus scanner"""
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+import logging
+
+from plinth import actions
+
+import plinth.modules.email_server.postconf as postconf
+
+milter_config = {
+ 'milter_mail_macros': 'i {auth_type} {auth_authen} {auth_author} '\
+ '{client_addr} {client_name} {mail_addr} {mail_host} {mail_mailer}',
+ 'smtpd_milters': 'inet:127.0.0.1:11332',
+ 'non_smtpd_milters': 'inet:127.0.0.1:11332'
+}
+
+logger = logging.getLogger(__name__)
+
+
+def repair():
+ logger.debug('Updating postconf: %r', milter_config)
+ actions.superuser_run('email_server', ['ipc', 'spam', 'set_filter'])
+
+
+def action_set_filter():
+ postconf.set_many(milter_config)
diff --git a/plinth/modules/email_server/data/etc/apache2/conf-available/email-server-freedombox.conf b/plinth/modules/email_server/data/etc/apache2/conf-available/email-server-freedombox.conf
new file mode 100644
index 000000000..f674fc07c
--- /dev/null
+++ b/plinth/modules/email_server/data/etc/apache2/conf-available/email-server-freedombox.conf
@@ -0,0 +1,23 @@
+
+ Redirect "/rspamd/"
+
+
+
+ ProxyPass http://127.0.0.1:11334/
+ ProxyPassReverse http://127.0.0.1:11334/
+ # Modify proxy headers
+ ProxyAddHeaders off
+ RequestHeader unset Forwarded
+ RequestHeader unset Via
+ RequestHeader unset X-Forwarded-For
+ RequestHeader unset X-Forwarded-Host
+ RequestHeader unset X-Forwarded-Proto
+ RequestHeader unset X-Forwarded-Server
+ RequestHeader unset X-Real-IP
+ RequestHeader set X-Forwarded-For "127.0.0.1"
+ # Require SSO
+ Include includes/freedombox-single-sign-on.conf
+
+ TKTAuthToken "admin"
+
+