Puppet Class: spamassassin

Defined in:
modules/spamassassin/manifests/init.pp

Overview

SPDX-License-Identifier: Apache-2.0

Class: spamassassin

This class installs & manages SpamAssassin, spamassassin.apache.org/

Parameters

required_score

The minimum required score to mark a message as spam. Defaults to 5.0

max_children

Number of spamd workers to fork. Defaults to 8.

nicelevel

Nice level to run spamd as. Defaults to 10.

use_bayes

Use Bayesian classifier. Defaults to 1.

bayes_auto_learn

Bayesian classifier auto-learning. Defaults to 1.

short_report_template

Short-format report template. Defaults to false.

trusted_networks

Networks for which to trust Received headers from. Defaults to [].

spamd_user

The user to run spamd as. Defaults to “debian-spamd”, which is created if non-existent.

spamd_group

The group to run spamd as. Defaults to “debian-spamd”, which is created if non-existent.

custom_scores

Provide custom scores to existing tests. Hash of score => value, defaults to an empty hash.

debug_logging

Enable debug logging. Defaults to none. Example: “–debug spf” See: wiki.apache.org/spamassassin/DebugChannels

proxy

Enable proxy for sa-update. Useful for hosts without direct internet acces. Defaults to undef

monitoring_ensure

Determines whether to include the nrpe monitor for spamd. Defaults to 'present'

Parameters:

  • required_score (Any) (defaults to: '5.0')
  • max_children (Any) (defaults to: 8)
  • nicelevel (Any) (defaults to: 10)
  • use_bayes (Any) (defaults to: 1)
  • bayes_auto_learn (Any) (defaults to: 1)
  • short_report_template (Any) (defaults to: false)
  • trusted_networks (Any) (defaults to: [])
  • spamd_user (Any) (defaults to: 'debian-spamd')
  • spamd_group (Any) (defaults to: 'debian-spamd')
  • custom_scores (Any) (defaults to: {})
  • debug_logging (Any) (defaults to: '')
  • proxy (Any) (defaults to: undef)
  • monitoring_ensure (Any) (defaults to: 'present')


52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# File 'modules/spamassassin/manifests/init.pp', line 52

class spamassassin(
    $required_score = '5.0',
    $max_children = 8,
    $nicelevel = 10,
    $use_bayes = 1,
    $bayes_auto_learn = 1,
    $short_report_template = false,
    $trusted_networks = [],
    $spamd_user  = 'debian-spamd',
    $spamd_group = 'debian-spamd',
    $custom_scores = {},
    $debug_logging = '',
    $proxy = undef,
    $monitoring_ensure = 'present',
) {
    if debian::codename::ge('bookworm') {
        $sa_daemon='spamd'
    } else {
        $sa_daemon='spamassassin'
    }

    ensure_packages([$sa_daemon, 'libmail-spf-perl', 'libmail-dkim-perl'])

    file { '/etc/spamassassin/local.cf':
        content => template('spamassassin/local.cf'),
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        require => Package[$sa_daemon],
    }

    file { '/etc/default/spamassassin':
        content => template('spamassassin/spamassassin.default.erb'),
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        require => Package[$sa_daemon],
    }

    service { $sa_daemon:
        ensure    => running,
        require   => [
            File['/etc/default/spamassassin'],
            File['/etc/spamassassin/local.cf'],
            Package[$sa_daemon],
        ],
        subscribe => [
            File['/etc/default/spamassassin'],
            File['/etc/spamassassin/local.cf']
        ],
    }

    nrpe::monitor_service { 'spamd':
        ensure       => $monitoring_ensure,
        description  => 'spamassassin',
        nrpe_command => '/usr/lib/nagios/plugins/check_procs -w 1:20 -c 1:40 -a spamd',
        notes_url    => 'https://wikitech.wikimedia.org/wiki/Mail#SpamAssassin',
    }

    # If we need a proxy to reach the internet, we need a slightly modified
    # script updating spamassassin.
    if $proxy {
        file { '/etc/cron.daily/spamassassin':
            ensure  => absent,
            owner   => 'root',
            group   => 'root',
            mode    => '0755',
            content => template('spamassassin/sa-update-cron.erb'),
        }

        file { '/usr/local/sbin/spamassassin_updates':
            ensure  => present,
            owner   => 'root',
            group   => 'root',
            mode    => '0755',
            content => template('spamassassin/sa-update-cron.erb'),
        }

        systemd::timer::job { 'spamassassin_updates':
            ensure        => present,
            description   => 'Spamassassin definitions update',
            user          => 'root',
            command       => '/usr/local/sbin/spamassassin_updates',
            interval      => {'start' => 'OnCalendar', 'interval' => '*-*-* 09:17:00'},
            ignore_errors => true,
        }
    }
}