scripts: make policyd-spf configurable (#3246)

target/scripts/start-mailserver.sh

@@ -80,6 +80,7 @@ function _register_functions
 
   _register_setup_function '_setup_opendkim'
   _register_setup_function '_setup_opendmarc' # must come after `_setup_opendkim`
+  _register_setup_function '_setup_policyd_spf'
 
   _register_setup_function '_setup_security_stack'
   _register_setup_function '_setup_spam_to_junk'

target/scripts/startup/setup.d/dmarc_dkim_spf.sh

@@ -84,3 +84,21 @@ function _setup_opendmarc
     _log 'debug' 'Disabling OpenDMARC'
   fi
 }
+
+# Configures the SPF check inside Postfix's configuration via policyd-spf. When
+# using Rspamd, you will likely want to turn that off.
+function _setup_policyd_spf
+{
+  if [[ ${ENABLE_POLICYD_SPF} -eq 1 ]]
+  then
+    _log 'debug' 'Configuring policyd-spf'
+    cat >>/etc/postfix/master.cf <<EOF
+
+policyd-spf    unix  -       n       n       -       0       spawn
+    user=policyd-spf argv=/usr/bin/policyd-spf
+EOF
+  else
+    _log 'debug' 'Disabling policyd-spf'
+    sedfile -i -E 's|check_policy_service unix:private/policyd-spf, ||g' /etc/postfix/main.cf
+  fi
+}

target/scripts/startup/variables-stack.sh

@@ -74,6 +74,7 @@ function __environment_variables_general_setup
   VARS[ENABLE_MANAGESIEVE]="${ENABLE_MANAGESIEVE:=0}"
   VARS[ENABLE_OPENDKIM]="${ENABLE_OPENDKIM:=1}"
   VARS[ENABLE_OPENDMARC]="${ENABLE_OPENDMARC:=1}"
+  VARS[ENABLE_POLICYD_SPF]="${ENABLE_POLICYD_SPF:=1}"
   VARS[ENABLE_POP3]="${ENABLE_POP3:=0}"
   VARS[ENABLE_POSTGREY]="${ENABLE_POSTGREY:=0}"
   VARS[ENABLE_QUOTAS]="${ENABLE_QUOTAS:=1}"