Hits : 10548
Last Edit: 06.09.2017 01.20
Rspamd
a mini tutorial on Rspamd
Contents
Installation
# mkdir -pv rspamd # cd !$ # wget -c https://rspamd.com/rpm-stable/centos-6/x86_64/rspamd-1.6.3-1.x86_64.rpm # wget -c https://rspamd.com/rpm-stable/centos-6/x86_64/gmime-2.6.20-5.el6.x86_64.rpm # yum -y install *
Init File
# vim /etc/init.d/rspamd # ebal, Wed, 06 Sep 2017 00:31:37 +0300 ## RSPAMD_CONF_FILE="/etc/rspamd/rspamd.sysvinit.conf" RSPAMD_CONF_FILE="/etc/rspamd/rspamd.conf"
or
# ln -s /etc/rspamd/rspamd.conf /etc/rspamd/rspamd.sysvinit.conf
Start
# /etc/init.d/rspamd restart syntax OK Stopping rspamd: [FAILED] Starting rspamd: [ OK ]
Postfix
milter
# ebal, Wed, 06 Sep 2017 00:51:42 +0300 ## opendkim : 8891 ## opendmarc: 8893 ## ## A list of Milter (mail filter) applications for new mail that does not arrive via the Postfix smtpd(8) server. non_smtpd_milters=inet:127.0.0.1:8891,inet:127.0.0.1:8893,inet:127.0.0.1:11332 ## A list of Milter (mail filter) applications for new mail that arrives via the Postfix smtpd(8) server. smtpd_milters=inet:127.0.0.1:8891,inet:127.0.0.1:8893, inet:127.0.0.1:11332 # https://rspamd.com/doc/integration.html milter_protocol = 6 milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} # skip mail without checks if something goes wrong milter_default_action = accept
Training
Training the Bayesian classifier
# cd /storage/vmails/balaskas.gr/evaggelos/.Spam/cur/ # find . -type f -exec rspamc learn_spam {} \;
Auto Training
via cron example:
@daily /bin/find /storage/vmails/balaskas.gr/evaggelos/.Spam/cur/ -type f -mtime -1 -exec rspamc learn_spam {} \;
top
Stats
# rspamc stat Results for command: stat (0.012 seconds) Messages scanned: 1 Messages with action reject: 0, 0.00% Messages with action soft reject: 0, 0.00% Messages with action rewrite subject: 0, 0.00% Messages with action add header: 0, 0.00% Messages with action greylist: 0, 0.00% Messages with action no action: 1, 100.00% Messages treated as spam: 0, 0.00% Messages treated as ham: 1, 100.00% Messages learned: 1948 Connections count: 1 Control connections count: 2220 Pools allocated: 2247 Pools freed: 2228 Bytes allocated: 542k Memory chunks allocated: 41 Shared chunks allocated: 10 Chunks freed: 0 Oversized chunks: 763 Fuzzy hashes in storage "rspamd.com": 655428587 Fuzzy hashes stored: 655428587 Statfile: BAYES_SPAM type: sqlite3; length: 33.74M; free blocks: 0; total blocks: 444.74k; free: 0.00%; learned: 1948; users: 1; languages: 4 Statfile: BAYES_HAM type: sqlite3; length: 9.22k; free blocks: 0; total blocks: 0; free: 0.00%; learned: 0; users: 1; languages: 1 Total learns: 1948
X-Spamd-Result
Add extended reporting headers:
# vim /etc/rspamd/modules.d/milter_headers.conf 19 20 # ebal, Wed, 06 Sep 2017 01:52:08 +0300 21 extended_spam_headers = true; 22 23 use = [];
# /etc/init.d/rspamd restart
View Source:
X-Rspamd-Queue-Id: C024F2675E X-Rspamd-Server: kvm X-Spamd-Result: default: False [2.90 / 15.00]
Web Server
replace "SERVER_IP" with your server ip !!
# vim rspamd.conf worker { # ebal, Wed, 06 Sep 2017 01:21:27 +0300 # bind_socket = "localhost:11334"; bind_socket = "SERVER_IP:11334";
Web Server Login
vim /etc/rspamd/worker-controller.inc
1 # Included from top-level .conf file 2 3 type = "controller"; 4 count = 1; 5 # ebal, Wed, 06 Sep 2017 01:35:07 +0300 6 #password = "q1"; 7 password = "password"; 8 # ebal, Wed, 06 Sep 2017 01:34:51 +0300 9 # secure_ip = "127.0.0.1"; 10 secure_ip = "SERVER_IP"; 11 secure_ip = "::1"; 12 static_dir = "${WWWDIR}";
Enable Service
# chkconfig --list | egrep -i rspamd rspamd 0:off 1:off 2:off 3:off 4:off 5:off 6:off # chkconfig rspamd on # chkconfig --list | egrep -i rspamd rspamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Reverse Proxy
apache: httpd-2.2
ProxyPreserveHost On <Location /rspamd> AuthName "Rspamd Access" AuthType Basic AuthUserFile /etc/httpd/rspamd_passwd Require valid-user ProxyPass http://127.0.0.1:11334 ProxyPassReverse http://127.0.0.1:11334 Order allow,deny Allow from all </Location>
selinux
# setsebool -P httpd_can_network_connect=1
or
# setsebool httpd_can_network_connect_db on
IO write error
need to define host explicit !
rspamc -h 127.0.0.1:11334 learn_spam msg3856
wrapper
# cat /usr/local/bin/rspamc #!/bin/sh /usr/bin/rspamc -h 127.0.0.1:11334 $*