From 7d4809038fdb5abd83e551e267f7382a88c9e7d2 Mon Sep 17 00:00:00 2001
From: Robin Raymond <robin@robinraymond.de>
Date: Sun, 13 Aug 2017 21:51:07 +0200
Subject: [PATCH] add virus scanning

---
 README.md                |  2 +-
 mail-config.nix          |  3 +--
 mail-server/clamav.nix   | 23 +++++++++++++++++++++++
 mail-server/postfix.nix  |  2 --
 mail-server/rmilter.nix  |  2 +-
 mail-server/services.nix |  4 ++++
 6 files changed, 30 insertions(+), 6 deletions(-)
 create mode 100644 mail-server/clamav.nix

diff --git a/README.md b/README.md
index 21942d0..a2577a5 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,7 @@
     - [x] scans emails
     - [ ] Dovecot moves spam to spam folder (to check)
  * Virus Scanning
-    - [ ] TODO: Implement
+    - [x] Checks incoming mail for viruses
  * DKIM Signing
     - [ ] TODO: Implement
  * User Management
diff --git a/mail-config.nix b/mail-config.nix
index 7e990dd..eb6a22e 100644
--- a/mail-config.nix
+++ b/mail-config.nix
@@ -123,9 +123,8 @@ let
   #
   # Whether to activate virus scanning. Note that virus scanning is _very_
   # expensive memory wise.
-  # TODO: Implement
   #
-  virus_scanning = false;
+  virus_scanning = true;
 
   #
   # Whether to activate dkim signing.
diff --git a/mail-server/clamav.nix b/mail-server/clamav.nix
new file mode 100644
index 0000000..acea48f
--- /dev/null
+++ b/mail-server/clamav.nix
@@ -0,0 +1,23 @@
+#  nixos-mailserver: a simple mail server
+#  Copyright (C) 2016-2017  Robin Raymond
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 3 of the License, or
+#  (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program. If not, see <http://www.gnu.org/licenses/>
+
+{ virus_scanning }:
+
+{
+  daemon.enable = virus_scanning;
+  updater.enable = virus_scanning;
+}
+
diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix
index 908f56b..d9ff629 100644
--- a/mail-server/postfix.nix
+++ b/mail-server/postfix.nix
@@ -61,8 +61,6 @@ in
     disable_vrfy_command = yes
     message_size_limit = 20971520
 
-    milter_rcpt_macros = i {rcpt_addr}
-
     # virtual mail system
     virtual_uid_maps = static:5000
     virtual_gid_maps = static:5000
diff --git a/mail-server/rmilter.nix b/mail-server/rmilter.nix
index ab35248..173a1e4 100644
--- a/mail-server/rmilter.nix
+++ b/mail-server/rmilter.nix
@@ -21,7 +21,7 @@ let
            then
            ''
              clamav {
-               servers = /var/run/clamav/clam.ctl;
+               servers = /var/run/clamav/clamd.ctl;
              };
            ''
            else "";
diff --git a/mail-server/services.nix b/mail-server/services.nix
index 6cea1c4..d1fcd1b 100644
--- a/mail-server/services.nix
+++ b/mail-server/services.nix
@@ -51,4 +51,8 @@ in
     inherit vmail_group_name vmail_user_name mail_dir enable_imap
             enable_pop3 cert key;
   };
+
+  clamav = import ./clamav.nix {
+    inherit virus_scanning;
+  };
 }