From 47dc5bd9dd21df3c86a60df6a8f66bb158a34cda Mon Sep 17 00:00:00 2001 From: Thomas Kaltenbrunner Date: Fri, 5 Dec 2025 12:54:42 +0100 Subject: [PATCH] fix(open-xchange): Streamline postfix milter configuration --- .../open-xchange/values-postfix.yaml.gotmpl | 34 ++++++++++++------- .../values-postfix.yaml.gotmpl | 30 +++++++++------- .../environments/default/charts.yaml.gotmpl | 2 +- .../environments/default/smtp.yaml.gotmpl | 2 +- 4 files changed, 40 insertions(+), 28 deletions(-) diff --git a/helmfile/apps/open-xchange/values-postfix.yaml.gotmpl b/helmfile/apps/open-xchange/values-postfix.yaml.gotmpl index 64e2608a..79ced250 100644 --- a/helmfile/apps/open-xchange/values-postfix.yaml.gotmpl +++ b/helmfile/apps/open-xchange/values-postfix.yaml.gotmpl @@ -47,10 +47,27 @@ postfix: inetProtocols: "ipv4" messageSizeLimit: {{ mul .Values.functional.groupware.mail.maxSize 1024 1024 | int | printf "%d" | quote }} milterDefaultAction: "tempfail" - {{- if .Values.apps.dkimpy.enabled }} - dkimpyHost: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}:8892" - {{- end }} - rspamdHost: "{{ .Values.smtp.spamMilter.host }}:{{ .Values.smtp.spamMilter.port }}" + smtpdMilters: + {{- if .Values.apps.dkimpy.enabled }} + - host: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}" + port: 8892 + {{- end }} + {{- if .Values.smtp.spamMilter.host }} + - host: {{ .Values.smtp.spamMilter.host | quote }} + port: {{ .Values.smtp.spamMilter.port }} + {{- end }} + {{- if .Values.antivirus.milter.host }} + - host: {{ .Values.antivirus.milter.host | quote }} + port: {{ .Values.antivirus.milter.port }} + {{- else }} + {{- if .Values.apps.clamavDistributed.enabled }} + - host: "clamav-milter" + port:7357 + {{- else if .Values.apps.clamavSimple.enabled }} + - host: "clamav-simple" + port: 7357 + {{- end }} + {{- end }} minTLSVersion: "TLSv1.2" smtpdTLSMandatoryCiphers: "medium" {{- if .Values.smtp.host }} @@ -100,15 +117,6 @@ postfix: # -- return the following attribute from all found leaves when a recursive search is done leafResultAttribute: "mailPrimaryAddress" - {{- if .Values.antivirus.milter.host }} - smtpdMilters: "inet:{{ .Values.antivirus.milter.host }}:{{ .Values.antivirus.milter.port }}" - {{- else }} - {{- if .Values.apps.clamavDistributed.enabled }} - smtpdMilters: "inet:clamav-milter:7357" - {{- else if .Values.apps.clamavSimple.enabled }} - smtpdMilters: "inet:clamav-simple:7357" - {{- end }} - {{- end }} virtualMailboxDomains: {{ toYaml (prepend .Values.global.additionalMailDomains (.Values.global.mailDomain | default .Values.global.domain) | uniq) | nindent 4 }} virtualTransport: "lmtps:dovecot:24" diff --git a/helmfile/apps/services-external/values-postfix.yaml.gotmpl b/helmfile/apps/services-external/values-postfix.yaml.gotmpl index c22c28fb..1ebe4716 100644 --- a/helmfile/apps/services-external/values-postfix.yaml.gotmpl +++ b/helmfile/apps/services-external/values-postfix.yaml.gotmpl @@ -57,10 +57,23 @@ postfix: hostname: "postfix" inetProtocols: "ipv4" milterDefaultAction: "accept" - {{- if .Values.apps.dkimpy.enabled }} - dkimpyHost: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}:8892" - {{- end }} - rspamdHost: "" + smtpdMilters: + {{- if .Values.apps.dkimpy.enabled }} + - host: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}" + port: 8892 + {{- end }} + {{- if .Values.antivirus.milter.host }} + - host: {{ .Values.antivirus.milter.host | quote }} + port: {{ .Values.antivirus.milter.port }} + {{- else }} + {{- if .Values.apps.clamavDistributed.enabled }} + - host: "clamav-milter" + port: 7357 + {{- else if .Values.apps.clamavSimple.enabled }} + - host: "clamav-simple" + port: 7357 + {{- end }} + {{- end }} {{- if .Values.smtp.host }} relayHost: enabled: true @@ -116,15 +129,6 @@ postfix: # -- return the following attribute from all found leaves when a recursive search is done leafResultAttribute: "mailPrimaryAddress" - {{- if .Values.antivirus.milter.host }} - smtpdMilters: "inet:{{ .Values.antivirus.milter.host }}:{{ .Values.antivirus.milter.port }}" - {{- else }} - {{- if .Values.apps.clamavDistributed.enabled }} - smtpdMilters: "inet:clamav-milter:7357" - {{- else if .Values.apps.clamavSimple.enabled }} - smtpdMilters: "inet:clamav-simple:7357" - {{- end }} - {{- end }} # Only deliver mail to Dovecot, if it is available {{- if .Values.apps.oxAppSuite.enabled }} virtualMailboxDomains: {{ toYaml (prepend .Values.global.additionalMailDomains (.Values.global.mailDomain | default .Values.global.domain) | uniq) | nindent 4 }} diff --git a/helmfile/environments/default/charts.yaml.gotmpl b/helmfile/environments/default/charts.yaml.gotmpl index 93608a70..e1bf01d1 100644 --- a/helmfile/environments/default/charts.yaml.gotmpl +++ b/helmfile/environments/default/charts.yaml.gotmpl @@ -437,7 +437,7 @@ charts: registry: "registry.opencode.de" repository: "bmi/opendesk/components/platform-development/charts/opendesk-postfix" name: "postfix" - version: "5.1.0" + version: "5.1.1" verify: true postgresql: # providerCategory: "Platform" diff --git a/helmfile/environments/default/smtp.yaml.gotmpl b/helmfile/environments/default/smtp.yaml.gotmpl index e48d7f99..37000b9d 100644 --- a/helmfile/environments/default/smtp.yaml.gotmpl +++ b/helmfile/environments/default/smtp.yaml.gotmpl @@ -9,7 +9,7 @@ smtp: localpartNoReply: "no-reply" spamMilter: host: "" - port: "" + port: 11332 # For the following settings to have effect `apps.dkimpy.enabled` must be `true`. dkim: