add Rspamd for spam DKIM and DMARC

This commit is contained in:
vincent 2023-10-04 20:55:42 +02:00
parent b4d1c7ffb9
commit eadf067157
2 changed files with 28 additions and 4 deletions

View File

@ -38,6 +38,21 @@ resource "hetznerdns_record" "spfEu" {
type = "TXT"
}
resource "hetznerdns_record" "dkimRecordEu" {
zone_id = hetznerdns_zone.externalZoneEU.id
name = "mail._domainkey"
value = "\"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GadPljh+zM+Hf8MAf2wyj+h9p72aBFeFaiDhnswxO68fM9Uk6XhN4s1BkHLY5AWQh0SP1JDBaFWDfJiOV/27E3qJIa4KDHPZcgxgvo+SbfgNZq5qGIhKyqAAtyg/dI8IMKVOZ5Cevdv9VFrSF84xnTmDBCrWydPyV8D5+xA/bVna/AVCAVUeXVppyMPpC0s1HpRNJ0YaY23RH1KwChxvZY+BkanELSzTA8K0ATbIzwgQaK10/lc1S6EFvaSNG8sy6EIoondl6t+uiqU3bHgAW68r8snzl2gclG+uMkjXkH7YGPJzL9Co1o1MlKOHIONz89CCe0puIH4qaCo1G6EDwIDAQAB\""
type = "TXT"
}
resource "hetznerdns_record" "dmarcEU" {
zone_id = hetznerdns_zone.externalZoneEU.id
name = "_dmarc.ducamps.eu."
value = "\"v=DMARC1; p=none; rua=mailto:vincent@ducamps.eu; ruf=mailto:vincent@ducamps.eu; sp=none; ri=86400\""
type = "TXT"
}
resource "hetznerdns_record" "rootalias" {
zone_id = hetznerdns_zone.externalZone.id
name = "@"

View File

@ -24,6 +24,9 @@ job "dockermailserver" {
port "esmtp" {
to = 465
}
port "rspamd" {
to = 11334
}
}
service {
name = "smtp"
@ -34,7 +37,7 @@ job "dockermailserver" {
"traefik.tcp.routers.smtp.entrypoints=smtp",
"traefik.tcp.routers.smtp.rule=HostSNI(`*`)",
"traefik.tcp.services.smtp.loadbalancer.proxyProtocol.version=1",
]
]
check {
name = "smtp_probe"
type = "tcp"
@ -95,7 +98,7 @@ job "dockermailserver" {
driver = "docker"
config {
image = "ghcr.io/docker-mailserver/docker-mailserver:edge"
ports = ["smtp", "esmtp", "imap"]
ports = ["smtp", "esmtp", "imap","rspamd"]
volumes = [
"/mnt/diskstation/nomad/dms/mail-data:/var/mail",
"/mnt/diskstation/nomad/dms/mail-state:/var/mail-state",
@ -114,8 +117,14 @@ job "dockermailserver" {
DMS_VMAIL_UID = 1000000
DMS_VMAIL_GID = 100
SSL_TYPE= "letsencrypt"
SSL_DOMAIN= "mail.ducamps.eu"
LOG_LEVEL="info"
POSTMASTER_ADDRESS="vincent@ducamps.eu"
ENABLE_RSPAMD=1
ENABLE_OPENDKIM=0
ENABLE_OPENDMARC=0
ENABLE_POLICYD_SPF=0
RSPAMD_CHECK_AUTHENTICATED=1
}
template {
data = <<EOH
@ -153,7 +162,7 @@ service imap-login {
destination = "local/dovecot.cf"
}
resources {
memory = 300
memory = 1000
}
}