File diff 67d9190a521a → 12abf97ac229
roles/mail_server/tasks/main.yml
Show inline comments
 
@@ -22,6 +22,44 @@
 
- name: Install SWAKS
 
  apt: name="swaks" state=installed
 

			




	
	
	
		
 
- name: Set ClamAV Milter socket path

			




	
	
	
		
 
  debconf: name=clamav-milter question=clamav-milter/MilterSocket vtype=string value=/var/spool/postfix/var/run/clamav/clamav-milter.ctl

			




	
	
	
		
 

			




	
	
	
		
 
- name: Have ClamAV Milter reject infected files

			




	
	
	
		
 
  debconf: name=clamav-milter question=clamav-milter/OnInfected vtype=select value=Reject

			




	
	
	
		
 

			




	
	
	
		
 
- name: Have ClamAV Milter log full information about infected mails

			




	
	
	
		
 
  debconf: name=clamav-milter question=clamav-milter/LogInfected vtype=select value=Full

			




	
	
	
		
 

			




	
	
	
		
 
- name: Set ClamAV Milter reject message

			




	
	
	
		
 
  debconf: name=clamav-milter question=clamav-milter/RejectMsg vtype=string value="Your message has been rejected due to a possible virus (%v). Please contact the postmaster if you believe this is incorrect."

			




	
	
	
		
 

			




	
	
	
		
 
- name: Do not limit log file size for ClamAV Milter

			




	
	
	
		
 
  debconf: name=clamav-milter question=clamav-milter/LogFileMaxSize vtype=string value=0M

			




	
	
	
		
 

			




	
	
	
		
 
- name: Allow members of Postfix group to access the ClamAV Milter socket file

			




	
	
	
		
 
  debconf: name=clamav-milter question=clamav-milter/MilterSocketGroup vtype=string value=postfix

			




	
	
	
		
 

			




	
	
	
		
 
- name: Restrict access to ClamAV Milter socket to socket owner and group.

			




	
	
	
		
 
  debconf: name=clamav-milter question=clamav-milter/MilterSocketMode vtype=string value=660

			




	
	
	
		
 

			




	
	
	
		
 
- name: Install milter packages

			




	
	
	
		
 
  apt: name=clamav-milter state=installed

			




	
	
	
		
 

			




	
	
	
		
 
- name: Make sure that the ClamAV Milter socket file path is correct (workaround for Debian bug \#778445)

			




	
	
	
		
 
  lineinfile: dest=/etc/clamav/clamav-milter.conf state=present backrefs=yes

			




	
	
	
		
 
              line="MilterSocket /var/spool/postfix/var/run/clamav/clamav-milter.ctl"

			




	
	
	
		
 
              regexp="^MilterSocket "

			




	
	
	
		
 
  notify:

			




	
	
	
		
 
    - Restart ClamAV Milter

			




	
	
	
		
 

			




	
	
	
		
 
- name: Set-up privileges for directories within Postfix chroot

			




	
	
	
		
 
  file: dest="{{ item }}" mode=755

			




	
	
	
		
 
  with_items:

			




	
	
	
		
 
    - /var/spool/postfix/var

			




	
	
	
		
 
    - /var/spool/postfix/var/run

			




	
	
	
		
 
    - /var/spool/postfix/var/run/clamav

			




	
	
	
		
 

			




	
	
	
		
 
- name: Copy the LDAP TLS truststore into Postfix chroot

			




	
	
	
		
 
  file: dest="/var/spool/postfix/etc/ssl/certs/truststore.pem" src="/etc/ssl/certs/truststore.pem"

			




	
	
	
		
 
        mode=644 owner=root group=root state=file

			




	
	
		
 
@@ -69,6 +107,15 @@

			




	
	
	
		
 
  notify:

			




	
	
	
		
 
    - Restart Postfix

			




	
	
	
		
 

			




	
	
	
		
 
- name: Enable ClamAV service

			




	
	
	
		
 
  service: name="{{ item }}" state=started

			




	
	
	
		
 
  with_items:

			




	
	
	
		
 
    - clamav-daemon

			




	
	
	
		
 
    - clamav-freshclam

			




	
	
	
		
 

			




	
	
	
		
 
- name: Enable ClamAV milter service.

			




	
	
	
		
 
  service: name=clamav-milter state=started

			




	
	
	
		
 

			




	
	
	
		
 
- name: Enable Postfix service

			




	
	
	
		
 
  service: name=postfix enabled=yes state=started

			




	
	
	
		
 

			




        

    



    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.