implementation start of rspam/antispam feature

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

lib/configfiles/gentoo.xml

@@ -1727,12 +1727,9 @@ compatibility_level = 2
 ## General Postfix configuration
 # should be the default domain from your provider eg. "server100.provider.tld"
 mydomain = <SERVERNAME>
-
-# should be different from $mydomain eg. "mail.$mydomain"
-myhostname = mail.$mydomain
+myhostname = $mydomain
 
 mydestination = $myhostname,
-	$mydomain,
 	localhost.$myhostname,
 	localhost.$mydomain,
 	localhost
@@ -2218,6 +2215,98 @@ plugin {
 					<command><![CDATA[/etc/init.d/dovecot restart]]></command>
 				</daemon>
 			</service>
+			<!-- Antispam services -->
+			<service type="antispam" title="Antispam">
+				<!-- general RSpamd commands -->
+				<general>
+					<installs index="1">
+						<install><![CDATA[emerge mail-filter/rspamd]]></install>
+					</installs>
+					<commands index="2">
+						<command><![CDATA[mkdir -p /etc/rspamd/local.d/]]></command>
+						<command><![CDATA[mkdir -p /etc/rspamd/override.d/]]></command>
+						<command><![CDATA[mkdir -p mkdir /var/lib/rspamd/dkim/]]></command>
+					</commands>
+					<files index="1">
+						<file name="/etc/rspamd/local.d/actions.conf"
+							  chown="root:root" chmod="0644">
+							<content><![CDATA[
+# Set rewrite subject to this value (%s is replaced by the original subject)
+subject = "***SPAM*** %s"
+]]>
+							</content>
+						</file>
+						<file name="/etc/rspamd/local.d/arc.conf"
+							  chown="root:root" chmod="0644">
+							<content><![CDATA[
+try_fallback = true;
+### Enable DKIM signing for alias sender addresses
+allow_username_mismatch = true;
+path = "/var/lib/rspamd/dkim/$domain.$selector.key";
+selector_map = "/etc/rspamd/dkim_selectors.map";
+]]>
+							</content>
+						</file>
+						<file name="/etc/rspamd/local.d/milter_headers.conf"
+							  chown="root:root" chmod="0644">
+							<content><![CDATA[
+use = ["x-spamd-bar", "x-spam-level", "authentication-results"];
+authenticated_headers = ["authentication-results"];
+extended_spam_headers = true
+skip_local = false
+skip_authenticated = false
+]]>
+							</content>
+						</file>
+						<file name="/etc/rspamd/local.d/replies.conf"
+							  chown="root:root" chmod="0644">
+							<content><![CDATA[
+## If a user has replied to an email, don’t mark other emails in the same thread as spam
+action = "no action";
+]]>
+							</content>
+						</file>
+						<file name="/etc/rspamd/local.d/settings.conf"
+							  chown="root:root" chmod="0644" backup="true">
+							<content><![CDATA[
+## Feel free to include your own settings or adjustments here, for example:
+#whitelist {
+#  priority = low;
+#  rcpt = "postmaster@example.com";
+#  want_spam = yes;
+#}
+
+## Include froxlor generated settings
+.include(try=true,priority=1,duplicate=merge) "{{settings.antispam.config_file}}"
+]]>
+							</content>
+						</file>
+					</files>
+					<commands index="3">
+						<command><![CDATA[cp /etc/rspamd/local.d/arc.conf /etc/rspamd/local.d/dkim_signing.conf]]></command>
+						<command><![CDATA[postconf -e "milter_protocol = 6"]]></command>
+						<command><![CDATA[postconf -e "milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}"]]></command>
+						<command><![CDATA[postconf -e "milter_default_action = accept"]]></command>
+						<command><![CDATA[postconf -e "smtpd_milters = inet:127.0.0.1:11332"]]></command>
+						<command><![CDATA[postconf -e "non_smtpd_milters = inet:127.0.0.1:11332"]]></command>
+						<command><![CDATA[chown -R _rspamd:_rspamd /var/lib/rspamd/dkim]]></command>
+						<command><![CDATA[chmod 440 /var/lib/rspamd/dkim/*]]></command>
+						<command><![CDATA[rc-update add rspamd default]]></command>
+						<command><![CDATA[/etc/init.d/rspamd restart]]></command>
+					</commands>
+				</general>
+				<!-- rspamd -->
+				<daemon name="rspamd" title="Rspamd" default="true">
+					<include>//service[@type='antispam']/general/installs[@index=1]
+					</include>
+					<include>//service[@type='antispam']/general/commands[@index=2]
+					</include>
+					<include>//service[@type='antispam']/general/files[@index=1]
+					</include>
+					<include>//service[@type='antispam']/general/commands[@index=3]
+					</include>
+				</daemon>
+			</service>
 			<!-- FTP services -->
 			<service type="ftp" title="{{lng.admin.configfiles.ftp}}">
 				<!-- Proftpd -->