add mailman-check cronjob

diff --git a/roles/postfix/files/mailman-check b/roles/postfix/files/mailman-check
new file mode 100755 (executable)
index 0000000..595b28c
--- /dev/null
+++ b/roles/postfix/files/mailman-check
@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e
+## Usage:
+##   ./mailman-check
+## Checks all the mailman lists for bad configuration, and prints further details if it finds one.
+
+if ! test -d /var/lib/mailman; then
+    # nothing to do
+    exit 0
+fi
+
+cd /var/lib/mailman/lists
+for list in *; do
+    /usr/sbin/config_list  -i /dev/stdin "$list" <<EOF
+if not ((mlist.dmarc_moderation_action in (1, 2) and mlist.dmarc_quarantine_moderation_action == 1) or mlist.from_is_list in (1, 2)):
+    print "List",mlist.real_name,"by",(', '.join(mlist.owner)),"is not configured to deal with DMARC."
+if mlist.reply_goes_to_list != 0 and not mlist.first_strip_reply_to:
+    print "List",mlist.real_name,"by",(', '.join(mlist.owner)),"provides an inconsistent Reply-To treatment."
+EOF
+done

diff --git a/roles/postfix/tasks/postfix.yml b/roles/postfix/tasks/postfix.yml
index 8367b89ce4db0e57bdf64abdf83430d307cdbaa8..4810085689470d95b1b4f9d02edfb9f6c8d7cb7d 100644 (file)
--- a/roles/postfix/tasks/postfix.yml
+++ b/roles/postfix/tasks/postfix.yml
@@ -42,7 +42,7 @@
     groups: opendkim
     append: yes
   notify: postfix
-# cronjob
+# cronjobs
 - name: delete old local-mail cronjob
   file: path=/etc/cron.daily/local-mail state=absent
 - name: install check-for-local-mail cronjob
@@ -50,3 +50,14 @@
     dest: /etc/cron.daily/check-for-local-mail
     src: files/check-for-local-mail
     mode: u=rwx,g=rx,o=rx
+- name: install mailman-check cronjob
+  when: postfix.mailman is defined and postfix.mailman
+  copy:
+    dest: /etc/cron.daily/mailman-check
+    src: files/mailman-check
+    mode: u=rwx,g=rx,o=rx
+- name: remove mailman-check cronjob
+  when: not (postfix.mailman is defined and postfix.mailman)
+  file:
+    path: /etc/cron.daily/mailman-check
+    state: absent