This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== N) Spam filtering ====== [[https://github.com/rspamd/rspamd|RSpamD]] is an advanced spam filtering system and email processing framework that allows evaluation of messages by a number of rules including regular expressions, statistical analysis and custom services such as URL black lists. Each message is analysed by Rspamd and given a verdict that might be used by MTA for further processing (e.g. to reject a message, or add a special header indicating spam) along with other information, such as possible DKIM signature or modifications suggested for a message. ===== Installation ===== My VPS is pretty ancient and the CPU does not support sse4_2, instructions, so i had to disable **hyperscan** use flag by writing the following **/etc/portage/package.use/rspamd** file: <file - rspamd> mail-filter/rspamd -hyperscan </file> Now simply emerge it: <code bash> emerge -vp rspamd dev-db/redis </code> rspamd requires redis, but somehow it doesn't pull it directly. ===== Configure rspamd ===== Create **/etc/rspamd/local.d/actions.conf**: <file - actions.conf> # Basic action thresholds reject = 15; # Reject obvious spam add_header = 6; # Add spam headers greylist = 4; # Temporary delay suspicious mail </file> Configure redis **/etc/rspamd/local.d/redis.conf**: <file redis.conf> # Redis connection for statistics and caching servers = "127.0.0.1:6379"; </file> Setup a controller password for the web interface: <code bash> rspamadm pw </code> Create **/etc/rspamd/local.d/worker-controller.inc**: <file - worker-controller.inc> # Replace with your generated password password = "$2$your_generated_password_here"; </file> ===== Configure redis ===== Setup redis at least in a basic and secure way **/etc/redis/redis.conf**: <file - redis.conf> # Bind only to localhost for security bind 127.0.0.1 ::1 # Set memory limit maxmemory 500mb maxmemory-policy volatile-ttl </file> ===== Configure postfix link ===== Add milter integration to your Postfix configuration in **/etc/postfix/main.cf**: <code> # Enable Rspamd milter smtpd_milters = inet:localhost:11332 milter_default_action = accept milter_protocol = 6 </code> Configure Rspamd proxy worker in **/etc/rspamd/local.d/worker-proxy.inc**: <file - worker-proxy.inc> # Enable milter mode for Postfix integration milter = yes; timeout = 120s; upstream "local" { default = yes; self_scan = yes; # Scan messages directly } </file> ===== Startup ===== Ensure all the services are running and setup to start on boot: <code bash> for i in rspamd redis postfix do rc-update add $i default /etc/init.d/$i restart done </code> ===== Web interface ===== By default rspamd web interface is exposed on **http://127.0.0.1:11334/** but of course, you must slap NGINX in front of it. I choose to expose it as **https://mail.mydomain.com/rspamd/** so add the following to your NGINX setup for **mail.mydomain.com**: <code> location /rspamd/ { proxy_pass http://127.0.0.1:11334/; proxy_redirect default; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Proto $scheme; } </code>
