mail/rspamd: merge version 1.2 from master

mail/rspamd/Makefile

@@ -1,5 +1,5 @@
 PLUGIN_NAME=		rspamd
-PLUGIN_VERSION=		1.1
+PLUGIN_VERSION=		1.2
 PLUGIN_COMMENT=		Protect your network from spam
 PLUGIN_DEPENDS=		rspamd
 PLUGIN_MAINTAINER=	franz.fabian.94@gmail.com

mail/rspamd/src/opnsense/mvc/app/controllers/OPNsense/Rspamd/forms/settings.xml

@@ -14,6 +14,15 @@
                 <help>If you check this box, the local Redis server will be available to the modules (some do not work without it).</help>
             </field>
         </subtab>
+        <subtab id="rspamd-general-multimap" description="Multimap Settings">
+            <field>
+                <id>rspamd.multimap.badfileextension</id>
+                <label>Blocked File Extensions</label>
+                <type>select_multiple</type>
+                <style>tokenize</style>
+                <help>If an attached file has a suffix in this list, the mail will be rejected via a hard reject, which means that the server will be immeadiately informed about the policy violation.</help>
+            </field>
+        </subtab>
     </tab>
     <tab id="rspamd-anti-spam" description="Spam Protection">
         <subtab id="rspamd-anti-spam-graylist" description="Graylisting">

mail/rspamd/src/opnsense/mvc/app/models/OPNsense/Rspamd/RSpamd.xml

@@ -333,5 +333,12 @@
         <Required>N</Required>
       </exceptions>
     </surbl>
+
+    <multimap>
+      <badfileextension type="CSVListField">
+        <Required>N</Required>
+        <default>exe,dll,scr,com,cmd,js,bat,vbs,ps1,bat,cpl,lnk,msi,msp,reg</default>
+      </badfileextension>
+    </multimap>
   </items>
 </model>

mail/rspamd/src/opnsense/mvc/app/views/OPNsense/Rspamd/index.volt

@@ -35,10 +35,7 @@
         mapDataToFormUI(data_get_map).done(function(){
             formatTokenizersUI();
             $('.selectpicker').selectpicker('refresh');
-            // request service status on load and update status box
-            ajaxCall(url="/api/rspamd/service/status", sendData={}, callback=function(data,status) {
-                updateServiceStatusUI(data['status']);
-            });
+            updateServiceControlUI('rspamd');
         });
 
         // update history on tab state and implement navigation
@@ -80,9 +77,7 @@
                                 draggable: true
                             });
                         } else {
-                            ajaxCall(url="/api/rspamd/service/status", sendData={}, callback=function(data,status) {
-                                updateServiceStatusUI(data['status']);
-                            });
+                            updateServiceControlUI('rspamd');
                         }
                     });
                 });

mail/rspamd/src/opnsense/scripts/rspamd/setup.sh

@@ -3,6 +3,11 @@ mkdir -p /var/db/rspamd
 mkdir -p /var/log/rspamd
 mkdir -p /var/run/rspamd
 
+# fix permissions of files generated by configd
+chmod +r /usr/local/etc/rspamd/local.d/*
+chmod o+rx /usr/local/etc/rspamd/local.d
+chown -R nobody /var/log/rspamd
+
 chown nobody:nobody /var/db/rspamd
 chown nobody:nobody /var/log/rspamd
 chown nobody:nobody /var/run/rspamd

mail/rspamd/src/opnsense/service/templates/OPNsense/Rspamd/+TARGETS

@@ -1,6 +1,7 @@
 rspamd:/etc/rc.conf.d/rspamd
 antivirus.wl:/usr/local/etc/rspamd/local.d/antivirus.wl
 antivirus.conf:/usr/local/etc/rspamd/local.d/antivirus.conf
+bad_file_extensions-map:/usr/local/etc/rspamd/local.d/bad_file_extensions.map
 dkim_signing.conf:/usr/local/etc/rspamd/local.d/dkim_signing.conf
 dkim.conf:/usr/local/etc/rspamd/local.d/dkim.conf
 spf.conf:/usr/local/etc/rspamd/local.d/spf.conf
@@ -9,6 +10,7 @@ surbl-whitelist.inc.local:/var/db/rspamd/surbl-whitelist.inc.local
 2tld.inc.local:/var/db/rspamd/2tld.inc.local
 greylist.conf:/usr/local/etc/rspamd/local.d/greylist.conf
 phishing.conf:/usr/local/etc/rspamd/local.d/phishing.conf
+multimap.conf:/usr/local/etc/rspamd/local.d/multimap.conf
 mx_check.conf:/usr/local/etc/rspamd/local.d/mx_check.conf
 ratelimit.conf:/usr/local/etc/rspamd/local.d/ratelimit.conf
 redis.conf:/usr/local/etc/rspamd/local.d/redis.conf

mail/rspamd/src/opnsense/service/templates/OPNsense/Rspamd/bad_file_extensions-map

@@ -0,0 +1,5 @@
+{% if helpers.exists('OPNsense.Rspamd.general.enabled') and OPNsense.Rspamd.general.enabled == '1' and helpers.exists('OPNsense.Rspamd.multimap.badfileextension') and OPNsense.Rspamd.multimap.badfileextension != '' %}
+{% for extension in OPNsense.Rspamd.multimap.badfileextension.split(',') %}
+{{ extension }}
+{% endfor %}
+{% endif %}

mail/rspamd/src/opnsense/service/templates/OPNsense/Rspamd/multimap.conf

@@ -0,0 +1,13 @@
+# Please don't modify this file as your changes might be overwritten with
+# the next update.
+#
+
+{% if helpers.exists('OPNsense.Rspamd.general.enabled') and OPNsense.Rspamd.general.enabled == '1' and helpers.exists('OPNsense.Rspamd.multimap') %}
+extension_blacklist {
+  type = "filename";
+  filter = "extension";
+  map = "/${LOCAL_CONFDIR}/local.d/bad_file_extensions.map";
+  symbol = "FILENAME_BLACKLISTED";
+  action = "reject";
+}
+{% endif %}