fix(open-xchange): Streamline postfix milter configuration

2025-12-06 07:21:36 +01:00 · 2025-12-05 22:16:10 +01:00
4 changed files with 40 additions and 28 deletions
--- a/helmfile/apps/open-xchange/values-postfix.yaml.gotmpl
+++ b/helmfile/apps/open-xchange/values-postfix.yaml.gotmpl
@@ -47,10 +47,27 @@ postfix:
  inetProtocols: "ipv4"
  messageSizeLimit: {{ mul .Values.functional.groupware.mail.maxSize 1024 1024 | int | printf "%d" | quote }}
  milterDefaultAction: "tempfail"
-  {{- if .Values.apps.dkimpy.enabled }}
-  dkimpyHost: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}:8892"
-  {{- end }}
-  rspamdHost: "{{ .Values.smtp.spamMilter.host }}:{{ .Values.smtp.spamMilter.port }}"
+  smtpdMilters:
+    {{- if .Values.apps.dkimpy.enabled }}
+    - host: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}"
+      port: 8892
+    {{- end }}
+    {{- if .Values.smtp.spamMilter.host }}
+    - host: {{ .Values.smtp.spamMilter.host | quote }}
+      port: {{ .Values.smtp.spamMilter.port }}
+    {{- end }}
+    {{- if .Values.antivirus.milter.host }}
+    - host: {{ .Values.antivirus.milter.host | quote }}
+      port: {{ .Values.antivirus.milter.port }}
+    {{- else }}
+    {{- if .Values.apps.clamavDistributed.enabled }}
+    - host: "clamav-milter"
+      port:7357
+    {{- else if .Values.apps.clamavSimple.enabled }}
+    - host: "clamav-simple"
+      port: 7357
+    {{- end }}
+    {{- end }}
  minTLSVersion: "TLSv1.2"
  smtpdTLSMandatoryCiphers: "medium"
  {{- if .Values.smtp.host }}
@@ -100,15 +117,6 @@ postfix:
      # -- return the following attribute from all found leaves when a recursive search is done
      leafResultAttribute: "mailPrimaryAddress"

-  {{- if .Values.antivirus.milter.host }}
-  smtpdMilters: "inet:{{ .Values.antivirus.milter.host }}:{{ .Values.antivirus.milter.port }}"
-  {{- else }}
-  {{- if .Values.apps.clamavDistributed.enabled }}
-  smtpdMilters: "inet:clamav-milter:7357"
-  {{- else if .Values.apps.clamavSimple.enabled }}
-  smtpdMilters: "inet:clamav-simple:7357"
-  {{- end }}
-  {{- end }}
  virtualMailboxDomains: {{ toYaml (prepend .Values.global.additionalMailDomains (.Values.global.mailDomain | default .Values.global.domain) | uniq) | nindent 4 }}
  virtualTransport: "lmtps:dovecot:24"

--- a/helmfile/apps/services-external/values-postfix.yaml.gotmpl
+++ b/helmfile/apps/services-external/values-postfix.yaml.gotmpl
@@ -57,10 +57,23 @@ postfix:
  hostname: "postfix"
  inetProtocols: "ipv4"
  milterDefaultAction: "accept"
-  {{- if .Values.apps.dkimpy.enabled }}
-  dkimpyHost: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}:8892"
-  {{- end }}
-  rspamdHost: ""
+  smtpdMilters:
+    {{- if .Values.apps.dkimpy.enabled }}
+    - host: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}"
+      port: 8892
+    {{- end }}
+    {{- if .Values.antivirus.milter.host }}
+    - host: {{ .Values.antivirus.milter.host | quote }}
+      port: {{ .Values.antivirus.milter.port }}
+    {{- else }}
+    {{- if .Values.apps.clamavDistributed.enabled }}
+    - host: "clamav-milter"
+      port: 7357
+    {{- else if .Values.apps.clamavSimple.enabled }}
+    - host: "clamav-simple"
+      port: 7357
+    {{- end }}
+    {{- end }}
  {{- if .Values.smtp.host }}
  relayHost:
    enabled: true
@@ -116,15 +129,6 @@ postfix:
      # -- return the following attribute from all found leaves when a recursive search is done
      leafResultAttribute: "mailPrimaryAddress"

-  {{- if .Values.antivirus.milter.host }}
-  smtpdMilters: "inet:{{ .Values.antivirus.milter.host }}:{{ .Values.antivirus.milter.port }}"
-  {{- else }}
-  {{- if .Values.apps.clamavDistributed.enabled }}
-  smtpdMilters: "inet:clamav-milter:7357"
-  {{- else if .Values.apps.clamavSimple.enabled }}
-  smtpdMilters: "inet:clamav-simple:7357"
-  {{- end }}
-  {{- end }}
  # Only deliver mail to Dovecot, if it is available
  {{- if .Values.apps.oxAppSuite.enabled }}
  virtualMailboxDomains: {{ toYaml (prepend .Values.global.additionalMailDomains (.Values.global.mailDomain | default .Values.global.domain) | uniq) | nindent 4 }}
--- a/helmfile/environments/default/charts.yaml.gotmpl
+++ b/helmfile/environments/default/charts.yaml.gotmpl
@@ -437,7 +437,7 @@ charts:
    registry: "registry.opencode.de"
    repository: "bmi/opendesk/components/platform-development/charts/opendesk-postfix"
    name: "postfix"
-    version: "5.1.0"
+    version: "5.1.1"
    verify: true
  postgresql:
    # providerCategory: "Platform"
--- a/helmfile/environments/default/smtp.yaml.gotmpl
+++ b/helmfile/environments/default/smtp.yaml.gotmpl
@@ -9,7 +9,7 @@ smtp:
  localpartNoReply: "no-reply"
  spamMilter:
    host: ""
-    port: ""
+    port: 11332

  # For the following settings to have effect `apps.dkimpy.enabled` must be `true`.
  dkim: