ansible/oopen-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update...

Browse Source
This commit is contained in:
Christoph
2023-05-01 10:47:10 +02:00
parent 9766f7841e
commit bb57e8e555
35 changed files with 1416 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
roles/common/files/o13-mail/etc/postfix/header_checks.pcre Normal file
View File

@ -0,0 +1,43 @@
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
# ---
# - Replace headers
# - Replace recieved from IPv4 / IPv6 header - hide senders IP address and also 'Authenticated sender'
#
/^Received: from (.* \([-._[:alnum:]]+ \[[.[:digit:]]{7,15}\]\))(.*)\(Authenticated sender: ([^)]+)\)(.*)/ REPLACE Received: from anonymized.ipv4 (localhost [127.0.0.1])$2(Authenticated sender: hidden)$4
#
/^Received: from (.*IP[vV]6:(([0-9a-f]{0,4}:){1,7}[0-9a-f]{1,4})\]\){0,1})(.*)\(Authenticated sender: ([^)]+)\)(.*)/ REPLACE Received: from anonymized.ipv6 (localhost [::1])$4(Authenticated sender: hidden)$6
# - Replace recieved from IPv4 / IPv6 header - hide only sender IP address
#
#/^Received: from (.* \([-._[:alnum:]]+ \[[.[:digit:]]{7,15}\]\))(.*)\(Authenticated sender: (.*) / REPLACE Received: from anonymized.ipv4 (localhost [127.0.0.1])$2(Authenticated sender: $3
#/^Received: from (.*IP[vV]6:(([0-9a-f]{0,4}:){1,7}[0-9a-f]{1,4})\]\){0,1})(.*)\(Authenticated sender: (.*) / REPLACE Received: from anonymized.ipv6 (localhost [::1])$4(Authenticated sender: $5
# ---
# - Ignore Headers
# ---
#/^\s*User-Agent/ IGNORE
#/^\s*X-Enigmail/ IGNORE
#/^\s*X-Mailer/ IGNORE
#/^\s*X-Originating-IP/ IGNORE
# ---
# - Reject / Discard headers
# ---
/^To:.*<>/ REJECT Possible SPAM Blank email address To: header - Header-Spamschutzregel T0-1001
/\(envelope-from <>\)/ REJECT Possible SPAM - Header-Spamschutzregel RECIEV-1001
/^Reply-To: .+\@inx1and1\..+/ REJECT Possible SPAM - Header-Spamschutzregel REPLY-1001
/^From:.*<>/ REJECT Possible SPAM - Header-Spamschutzregel FROM-1001
/^Date: .* 19[0-9][0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1001
/^Date: .* 200[0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1002
/^Date: .* 201[0-9]/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1003
/^Date: .* 2020/ REJECT Date from the past. Fix your system clock. - Header-Spamschutzregel DATE-1004

22
roles/common/files/o13-mail/etc/postfix/postfwd.wl-hosts Normal file
View File

@ -0,0 +1,22 @@
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
# ---
# Trusted hosts whitelisted by postfwd
#
# This file is called with '=~'. This means perl regexp is possible
#
#
# To increase performance use ^ and/or $ in regular expressions
#
# Example:
#
# # all hosts of domain 'oopen.de'
# \.oopen\.de$
#
# # host a.mx.oopen.de
# ^a\.mx\.oopen\.de$
#
# ---
# give truested hostnames here

18
roles/common/files/o13-mail/etc/postfix/postfwd.wl-nets Normal file
View File

@ -0,0 +1,18 @@
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
# ---
# Trusted networks whitelisted by postfwd
#
# Example:
#
# # web0.warenform.de
# #83.223.86.76
# #2a01:30:0:505:286:96ff:fe4a:6ee
# #2a01:30:0:13:286:96ff:fe4a:6eee
#
# ---
# give truested networrk adresses here
# d.mx.oopen.de (listen server)
95.217.204.227
2a01:4f9:4a:47e5::227

23
roles/common/files/o13-mail/etc/postfix/postfwd.wl-sender Normal file
View File

@ -0,0 +1,23 @@
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
# ---
# Trusted senders whitelisted by postfwd
#
# This file is called with '=~'. This means perl regexp is possible
#
#
# To increase performance use ^ and/or $ in regular expressions
#
# Example:
#
# # all senders of maildomaindomain 'oopen.de'
# @oopen\.de$
#
# # sender address ckubu@oopen.de
# ^ckubu@oopen\.de$
#
# ---
# give trusted sender addresses here
^noreply@login\.ubuntu\.com$

14
roles/common/files/o13-mail/etc/postfix/postfwd.wl-user Normal file
View File

@ -0,0 +1,14 @@
# *** [ Ansible managed: DO NOT EDIT DIRECTLY ] ***
# ---
# SASL Users whitelisted by postfwd
#
# example:
#
# # give trusted sasl usernames here
# ckubu@oopen.de
# vertrieb@akweb.de
#
# ---
# give trusted sasl usernames here