diff options
| -rw-r--r-- | ansible/roles/spamassassin/handlers/main.yml | 10 | ||||
| -rw-r--r-- | ansible/roles/spamassassin/tasks/main.yml | 51 | ||||
| -rw-r--r-- | ansible/roles/spamassassin/templates/local.cf.j2 | 114 | ||||
| -rw-r--r-- | ansible/roles/spamassassin/vars/main.yml | 2 | 
4 files changed, 177 insertions, 0 deletions
| diff --git a/ansible/roles/spamassassin/handlers/main.yml b/ansible/roles/spamassassin/handlers/main.yml new file mode 100644 index 0000000..761230e --- /dev/null +++ b/ansible/roles/spamassassin/handlers/main.yml @@ -0,0 +1,10 @@ +--- +- name: Restart spamd +  service: +    name: spamd +    state: restarted + +- name: Reload spamd +  service: +    name: spamd +    state: reloaded diff --git a/ansible/roles/spamassassin/tasks/main.yml b/ansible/roles/spamassassin/tasks/main.yml new file mode 100644 index 0000000..837e32a --- /dev/null +++ b/ansible/roles/spamassassin/tasks/main.yml @@ -0,0 +1,51 @@ +--- +- name: Install spamassassin packages +  package: +    state: present +    name: +      - spamassassin +      - spamc +  tags: +    - role::spamassassin + +- name: Create spamd user +  user: +    name: spamd +    home: /var/spamd +    comment: "SpamAssassin user" +  tags: +    - role::spamassassin + +- name: Update spamd defaults +  lineinfile: +    path: /etc/default/spamd +    regexp: '^{{ item[''key''] }}="' +    line: '{{ item["key"] }}="{{ item["value"] }}"' +    mode: "0644" +    owner: root +    group: root +  loop: +    - key: ENABLED +      value: "1" +    - key: AHOME +      value: "/var/log/spamassassin/" +    - key: OPTIONS +      value: "--create-prefs --max-children 5 --username spamd --helper-home-dir /var/spamd/ -s /var/spamd/spamd.log" +    - key: CRON +      value: "1" +  tags: +    - role::spamassassin +  notify: +    - Restart spamd + +- name: Template local.cf spamassassin configuation file +  template: +    src: local.cf.j2 +    dest: /etc/spamassassin/local.cf +    group: root +    owner: root +    mode: "0644" +  tags: +    - role::spamassassin +  notify: +    - Reload spamd diff --git a/ansible/roles/spamassassin/templates/local.cf.j2 b/ansible/roles/spamassassin/templates/local.cf.j2 new file mode 100644 index 0000000..f59e9bc --- /dev/null +++ b/ansible/roles/spamassassin/templates/local.cf.j2 @@ -0,0 +1,114 @@ +# Managed by Ansible + +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# Only a small subset of options are listed below +# +########################################################################### + +#    A 'contact address' users should contact for more info. (replaces +#    _CONTACTADDRESS_ in the report template) +report_contact {{ spamassassin_contact_email }} + + +#   Add *****SPAM***** to the Subject header of spam e-mails +# +rewrite_header Subject *****SPAM***** + + +#   Save spam messages as a message/rfc822 MIME attachment instead of +#   modifying the original message (0: off, 2: use text/plain instead) +# +# report_safe 1 + + +#   Set which networks or hosts are considered 'trusted' by your mail +#   server (i.e. not spammers) +# +# trusted_networks 212.17.35. + + +#   Set file-locking method (flock is not safe over NFS, but is faster) +# +# lock_method flock + + +#   Set the threshold at which a message is considered spam (default: 5.0) +# +# required_score 5.0 + + +#   Use Bayesian classifier (default: 1) +# +use_bayes 1 + + +#   Bayesian classifier auto-learning (default: 1) +# +bayes_auto_learn 1 + + +#   Set headers which may provide inappropriate cues to the Bayesian +#   classifier +# +# bayes_ignore_header X-Bogosity +# bayes_ignore_header X-Spam-Flag +# bayes_ignore_header X-Spam-Status + + +#   Whether to decode non- UTF-8 and non-ASCII textual parts and recode +#   them to UTF-8 before the text is given over to rules processing. +# +# normalize_charset 1 + +#   Textual body scan limit    (default: 50000) +# +#   Amount of data per email text/* mimepart, that will be run through body +#   rules.  This enables safer and faster scanning of large messages, +#   perhaps having very large textual attachments.  There should be no need +#   to change this well tested default. +# +# body_part_scan_size 50000 + +#   Textual rawbody data scan limit    (default: 500000) +# +#   Amount of data per email text/* mimepart, that will be run through +#   rawbody rules. +# +# rawbody_part_scan_size 500000 + +#   Some shortcircuiting, if the plugin is enabled +# +ifplugin Mail::SpamAssassin::Plugin::Shortcircuit +# +#   default: strongly-welcomelisted mails are *really* welcomelisted now, if +#   the shortcircuiting plugin is active, causing early exit to save CPU +#   load.  Uncomment to turn this on +# +#   SpamAssassin tries hard not to launch DNS queries before priority -100. +#   If you want to shortcircuit without launching unneeded queries, make +#   sure such rule priority is below -100. These examples are already: +# +# shortcircuit USER_IN_WELCOMELIST       on +# shortcircuit USER_IN_DEF_WELCOMELIST   on +# shortcircuit USER_IN_ALL_SPAM_TO     on + +#   the opposite; blocklisted mails can also save CPU +# +# shortcircuit USER_IN_BLOCKLIST       on +# shortcircuit USER_IN_BLOCKLIST_TO    on + +#   if you have taken the time to correctly specify your "trusted_networks", +#   this is another good way to save CPU +# +# shortcircuit ALL_TRUSTED             on + +#   and a well-trained bayes DB can save running rules, too +# +# shortcircuit BAYES_99                spam +# shortcircuit BAYES_00                ham + +endif # Mail::SpamAssassin::Plugin::Shortcircuit diff --git a/ansible/roles/spamassassin/vars/main.yml b/ansible/roles/spamassassin/vars/main.yml new file mode 100644 index 0000000..ba0ec41 --- /dev/null +++ b/ansible/roles/spamassassin/vars/main.yml @@ -0,0 +1,2 @@ +--- +spamassassin_contact_email: "[email protected]" | 
