Page 1 of 2
Request Interface for Spam
Posted: Thu Jan 03, 2019 11:16 am
by rj2010ism
Hi is there a way to control the spam and monitor what mail address is sending continues mail?
Iv seen something called rSpamd that looks nice...
Also is there a fail2ban for web-mail clients? say if tried 4times on web client and failed they will be blocked?
regards..
Re: Request Interface for Spam
Posted: Thu Mar 14, 2019 11:15 pm
by dreiggy
Hi,
you may try to replace spamassassin with rspamd. I have writed an article how to do this
here.
Re: Request Interface for Spam
Posted: Sun Mar 24, 2019 12:00 pm
by rj2010ism
I tried to follow the steps but don't understand a few parts..
can you please make a video or a manual with pictures..
Also im using CentOs 6.10 i found to much problems with CentOs 7
Thanks...
Re: Request Interface for Spam
Posted: Mon Mar 25, 2019 4:51 pm
by dreiggy
Please clarify what parts are not understandable for you? Where are you stuck?
Re: Request Interface for Spam
Posted: Mon Mar 25, 2019 8:01 pm
by rj2010ism
Iv figured it out and got it to work after some confusing thanks alot!....
It works almost great! nice but it doesn't show:
# what sender is blocked for example
[email protected] message for
[email protected] is spam
# cant detect virus signature...
also can rSPAMD be configured to detect internal mail spam before sending it? example say domain1.tld have a user on that domain and the userPC is infected sending out spam can it be blocked if the same message sent multiple times?
also is there a way to block specific domains as spam?
Thanks...
Re: Request Interface for Spam
Posted: Mon Mar 25, 2019 8:22 pm
by dreiggy
At my configuration rspamd only discard high score spam mails. If mail is marked as spam, then rspamd add spam header: X-Spam-Status: Yes
and exim router should route to spamdelivery transport.
You may configure scores in rspamd web-console:
Rspamd and spamassassin they are for spam scanning. For virus signatures, you should enable clamav scan.
rj2010ism wrote: ↑Mon Mar 25, 2019 8:01 pm
also can rSPAMD be configured to detect internal mail spam before sending it? example say domain1.tld have a user on that domain and the userPC is infected sending out spam can it be blocked if the same message sent multiple times?
It may should be configured in exim ACL section. You can read here about exim integration:
https://www.rspamd.com/doc/integration.html
You can replace:
Code: Select all
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{200K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = nobody:true
to:
Code: Select all
# do not scan messages submitted from our own hosts
# +relay_from_hosts is assumed to be a list of hosts in configuration
accept hosts = +relay_from_hosts
# do not scan messages from submission port (or maybe you want to?)
accept condition = ${if eq{$interface_port}{587}}
# skip scanning for authenticated users (if desired?)
accept authenticated = *
# scan the message with rspamd
warn spam = nobody:true
rj2010ism wrote: ↑Mon Mar 25, 2019 8:01 pm
also is there a way to block specific domains as spam?
To block or whitelist specific domains you should add them to these files:
Code: Select all
hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf
hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf
Re: Request Interface for Spam
Posted: Tue Mar 26, 2019 6:55 pm
by rj2010ism
Dreiggy
is there a way to set the password correctly for rspamd?
at the moment i found a way around..
i edited this:
etc/rspamd/worker-controller.inc
added the line:
secure_ip = "192.168.100.12";
this allows me to login to the webgui without password cause the password i set during rspamadm config wizard doesnt work..
Re: Request Interface for Spam
Posted: Wed Mar 27, 2019 1:17 pm
by dreiggy
rj2010ism wrote: ↑Tue Mar 26, 2019 6:55 pm
Dreiggy
is there a way to set the password correctly for rspamd?
at the moment i found a way around..
i edited this:
etc/rspamd/worker-controller.inc
added the line:
secure_ip = "192.168.100.12";
this allows me to login to the webgui without password cause the password i set during rspamadm config wizard doesnt work..
Here is described how to set password manually:
https://www.rspamd.com/doc/quickstart.html
Find title: Setting the controller password
Re: Request Interface for Spam
Posted: Wed Mar 27, 2019 4:30 pm
by rj2010ism
Thanks..
Re: Request Interface for Spam
Posted: Sun Apr 14, 2019 1:19 pm
by rj2010ism
Iv tried the password steps. didn't work for me.
also iv tried the steps you explained also didn't work.. didn't scan internal mail for possible spam when sending mail..
or maybe i just did it wrong?