HOW TO: RSPAMD integration
Posted: Sun Mar 24, 2019 2:13 pm
Hi everyone :)
I have replaced spamassassin with rspamd. I think maybe it will be suitable and for your servers ;) My tutorial is only covering CentOS7 installation, but I think you should be able to do this and with other distros.
Why rspamd is better, please look here:
https://www.rspamd.com/comparison.html
https://www.rspamd.com/performance.html
Ok, so lets start. First you should remove / disable spamassassin (I don't describe how to do this). In my opinion, you can just stop and disable autostart of spamassassin.
1) rspamd and redis installation
Addtional you may tune a little bit redis. Add to bottom of /etc/redis.conf add:
For saving data to disk, it is also useful to setup overcommit memory behavior which might be useful for loaded systems. It could be done in Linux by using the following command:
Enable and start rspamd and redis:
At the end run rspamd configuration wizard (I chose default options):
More information about installing read here: https://www.rspamd.com/downloads.html
2) Lets start integration with exim!
Please make backup of original exim.conf!
Edit /etc/exim/exim.conf
3) Rspamd interface from vestacp
Add rspamd web interface location to vesta-nginx: /usr/local/vesta/nginx/conf/nginx.conf
Add link to top menu: /usr/local/vesta/web/templates/admin/panel.html
ADD:
RIGHT AFTER:
Restart vestacp panel:
I have replaced spamassassin with rspamd. I think maybe it will be suitable and for your servers ;) My tutorial is only covering CentOS7 installation, but I think you should be able to do this and with other distros.
Why rspamd is better, please look here:
https://www.rspamd.com/comparison.html
https://www.rspamd.com/performance.html
Ok, so lets start. First you should remove / disable spamassassin (I don't describe how to do this). In my opinion, you can just stop and disable autostart of spamassassin.
1) rspamd and redis installation
Code: Select all
curl https://rspamd.com/rpm-stable/centos-7/rspamd.repo > /etc/yum.repos.d/rspamd.repo
rpm --import https://rspamd.com/rpm-stable/gpg.key
yum update
yum install rspamd redis
Code: Select all
maxmemory 100mb
maxmemory-policy volatile-ttl
Code: Select all
echo 1 > /proc/sys/vm/overcommit_memory
Code: Select all
systemctl enable rspamd
systemctl enable redis
systemctl start rspamd
systemctl start redis
Code: Select all
rspamadm configwizard
2) Lets start integration with exim!
Please make backup of original exim.conf!
Edit /etc/exim/exim.conf
Code: Select all
(...)
#SPAMASSASSIN = yes
RSPAMD = yes
SPAM_SCORE = 50
#CLAMD = yes <<< If you use clamava, you may leave it uncommented
(...)
.ifdef RSPAMD
spamd_address = 127.0.0.1 11333 variant=rspamd
.endif
(...)
acl_check_rcpt:
(...)
.ifdef RSPAMD
warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes
.endif
accept
(...)
acl_check_data:
(...)
#RSPAMD https://www.rspamd.com/doc/integration.html
.ifdef RSPAMD
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{500K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = nobody:true
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
# use greylisting available in rspamd v1.3+
defer message = Please try again later
condition = ${if eq{$spam_action}{soft reject}}
# use for discarding spam email
deny message = Message discarded as high-probability spam (from $sender_address to $recipients)
condition = ${if eq{$spam_action}{reject}}
# Remove foreign headers
warn remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status
# add spam header
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
.endif
(...)
Add rspamd web interface location to vesta-nginx: /usr/local/vesta/nginx/conf/nginx.conf
Code: Select all
(...)
location ~ \.php$ {
include /usr/local/vesta/nginx/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/local/vesta/web/$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_pass unix:/var/run/vesta-php.sock;
fastcgi_intercept_errors on;
break;
}
location /rspamd/ {
proxy_pass http://localhost:11334/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
(...)
ADD:
Code: Select all
<div class="l-menu__item <?php if($TAB == 'RSPAMD' ) echo 'l-menu__item--active' ?>"><a target="_blank" href="/rspamd/"><?=__('Rspamd')?></a></div>
Code: Select all
<div class="l-menu__item <?php if($TAB == 'SERVER' ) echo 'l-menu__item--active' ?>"><a href="/list/server/"><?=__('Server')?></a></div>
Code: Select all
service vesta restart