rspamd: add ip whitelist map

Author: jnorell

install/lib/installer_base.lib.php

@@ -1935,6 +1935,23 @@ public function configure_rspamd() {
 			}
 		}
 
+		# generated local.d/maps.d files
+		$filename = '/etc/rspamd/local.d/maps.d/ip_whitelist.inc.ispc';
+		@unlink($filename);
+		$records = $this->db->queryAllRecords("SELECT `source` FROM ?? WHERE `type` = 'client' AND `access` = 'OK' AND `active` = 'y' AND `server_id` = ? ORDER BY `source` ASC", $conf['mysql']['database'] . '.mail_access', $conf['server_id']);
+		if (count($records) > 0) {
+			if ($fp = fopen($filename, 'w')) {
+				fwrite($fp, "# ISPConfig whitelisted ip addresses\n\n");
+				foreach($records as $record) {
+					fwrite($fp, $record['source'] . "\n");
+				}
+				fclose($fp);
+			} else {
+				$this->error("Error: cannot open $filename for writing");
+			}
+		}
+
+
 		# rename rspamd templates we no longer use
 		if(file_exists("/etc/rspamd/local.d/greylist.conf")) {
 			rename("/etc/rspamd/local.d/greylist.conf", "/etc/rspamd/local.d/greylist.old");

install/tpl/rspamd_multimap.conf.master

@@ -1,3 +1,14 @@
+ISPC_WHITELIST_IP {
+  description = "Whitelisted ip address";
+  group = "ISPConfig";
+  type = "ip";
+  map = [ "$LOCAL_CONFDIR/local.d/maps.d/ip_whitelist.inc.ispc", "$LOCAL_CONFDIR/local.d/maps.d/ip_whitelist.inc.local" ];
+  prefilter = "true";
+  action = "accept";
+}
+
+# ISPC_BLACKLIST_IP:  Postfix blocks blacklisted IP's, no need to configure those here.
+
 # from https://rspamd.com/doc/configuration/selectors.html
 INVALUEMENT_SENDGRID_ID {
   type = "selector";

server/plugins-available/rspamd_plugin.inc.php

@@ -119,6 +119,9 @@ function onLoad() {
 		$app->plugins->registerEvent('mail_access_insert', $this->plugin_name, 'spamfilter_wblist_insert');
 		$app->plugins->registerEvent('mail_access_update', $this->plugin_name, 'spamfilter_wblist_update');
 		$app->plugins->registerEvent('mail_access_delete', $this->plugin_name, 'spamfilter_wblist_delete');
+		$app->plugins->registerEvent('mail_access_insert', $this->plugin_name, 'mail_access_update');
+		$app->plugins->registerEvent('mail_access_update', $this->plugin_name, 'mail_access_update');
+		$app->plugins->registerEvent('mail_access_delete', $this->plugin_name, 'mail_access_update');
 
 		//* server
 		$app->plugins->registerEvent('server_insert', $this->plugin_name, 'server_update');
@@ -498,6 +501,32 @@ function spamfilter_wblist_delete($event_name, $data) {
 		}
 	}
 
+	function mail_access_update($event_name, $data) {
+		global $app, $conf;
+
+		if(!is_dir('/etc/rspamd')) {
+			return;
+		}
+
+		$mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail');
+
+		# generated local.d/maps.d files
+		$filename = '/etc/rspamd/local.d/maps.d/ip_whitelist.inc.ispc';
+		@unlink($filename);
+		$records = $app->db->queryAllRecords("SELECT `source` FROM ?? WHERE `type` = 'client' AND `access` = 'OK' AND `active` = 'y' AND `server_id` = ? ORDER BY `source` ASC", $conf['mysql']['database'] . '.mail_access', $conf['server_id']);
+		if (count($records) > 0) {
+			if ($fp = fopen($filename, 'w')) {
+				fwrite($fp, "# ISPConfig whitelisted ip addresses\n\n");
+				foreach($records as $record) {
+					fwrite($fp, $record['source'] . "\n");
+				}
+				fclose($fp);
+			} else {
+				$app->log("Error: cannot open $filename for writing", LOGLEVEL_WARN);
+			}
+		}
+	}
+
 	function server_update($event_name, $data) {
 		global $app, $conf;