Fábio Kaiser Rauber
3 years ago
5 changed files with 114 additions and 0 deletions
@ -0,0 +1,6 @@ |
|||||
|
dependencies: |
||||
|
- name: redis |
||||
|
repository: https://charts.bitnami.com/bitnami |
||||
|
version: 17.0.1 |
||||
|
digest: sha256:971c7d3e44106de73552c8dee38509fd10b0ed4d08d308ed94e5249d1862e427 |
||||
|
generated: "2022-07-13T14:59:03.042613-03:00" |
Binary file not shown.
@ -0,0 +1,52 @@ |
|||||
|
apiVersion: v1 |
||||
|
kind: ConfigMap |
||||
|
metadata: |
||||
|
name: {{ include "rspamd.fullname" . }} |
||||
|
namespace: {{ .Release.Namespace | quote }} |
||||
|
labels: {{- include "rspamd.labels" . | nindent 4 }} |
||||
|
data: |
||||
|
ratelimit.conf: |- |
||||
|
rates { |
||||
|
# Limit for all mail per recipient (default rate 70 per day) |
||||
|
to = "{{ .Values.rspamd.rateLimits.to }}"; |
||||
|
# Limit for all mail per one source ip (default rate 150 per day) |
||||
|
to_ip = "{{ .Values.rspamd.rateLimits.toIp }}"; |
||||
|
# Limit for all mail per one source ip and from address (default rate 100 per day) |
||||
|
to_ip_from = "{{ .Values.rspamd.rateLimits.toIpFrom }}"; |
||||
|
# Limit for all bounce mail (rate 2 per hour) |
||||
|
#bounce_to = "2 / 1h"; |
||||
|
# Limit for bounce mail per one source ip (rate 1 per hour) |
||||
|
#bounce_to_ip = "1 / 1h"; |
||||
|
# Limit for all mail per authenticated user (default rate 100 per day) |
||||
|
user = "{{ .Values.rspamd.rateLimits.user }}"; |
||||
|
} |
||||
|
whitelisted_rcpts = "{{ .Values.rspamd.rateLimits.whitelisted.rcpts }}"; |
||||
|
whitelisted_ip = "/etc/rspamd/local.d/ratelimit_whitelist.map"; |
||||
|
max_rcpt = {{ .Values.rspamd.rateLimits.maxRcpt }}; |
||||
|
ratelimit_whitelist.map: |- |
||||
|
{{- range .Values.rspamd.rateLimits.whitelisted.ips }} |
||||
|
{{ . }} |
||||
|
{{- end }} |
||||
|
redis.conf: |- |
||||
|
servers = "{{ printf "%s-%s" .Release.Name "redis-master" | trunc 63 | trimSuffix "-" }}"; |
||||
|
db = "3"; |
||||
|
password = "{{ .Values.redis.auth.password }}"; |
||||
|
worker-proxy.inc: |- |
||||
|
milter = {{ .Values.rspamd.workerProxy.milter }}; |
||||
|
bind_socket = "*:11332" |
||||
|
timeout = {{ .Values.rspamd.workerProxy.timeout }}; |
||||
|
upstream "local" { |
||||
|
default = yes; # Self-scan upstreams are always default |
||||
|
self_scan = yes; # Enable self-scan |
||||
|
} |
||||
|
count = {{ .Values.rspamd.workerProxy.count }}; # Spawn more processes in self-scan mode |
||||
|
max_retries = {{ .Values.rspamd.workerProxy.maxRetries }}; # How many times master is queried in case of failure |
||||
|
discard_on_reject = {{ .Values.rspamd.workerProxy.discardOnReject }}; # Discard message instead of rejection |
||||
|
quarantine_on_reject = {{ .Values.rspamd.workerProxy.quarantineOnReject }}; # Tell MTA to quarantine rejected messages |
||||
|
spam_header = "{{ .Values.rspamd.workerProxy.spamHeader }}"; # Use the specific spam header |
||||
|
reject_message = "{{ .Values.rspamd.workerProxy.rejectMessage }}"; # Use custom rejection message |
||||
|
worker-normal.inc: |- |
||||
|
# Disable worker-normal in Milter mode |
||||
|
worker "normal" { |
||||
|
enabled = false; |
||||
|
} |
Loading…
Reference in new issue