Vesta Control Panel - Forum • HOW TO: RSPAMD integration - Page 2

Page 2 of 2

Re: HOW TO: RSPAMD integration

Posted: Fri Feb 07, 2020 4:48 pm

by compiz

dreiggy wrote: ↑
Thu Feb 06, 2020 8:31 pm

compiz wrote: ↑
Wed Nov 13, 2019 5:58 pm
Does this work for all domains in the server or just for the domain name of the server?
Thank you very much for the guide :)
Yes, it works globally for all domains.

Thanks! It took me a while to train it to block all spam but now it blocks all incoming emails

Re: HOW TO: RSPAMD integration

Posted: Tue Apr 14, 2020 10:18 am

by plutocrat

Thought I'd give this a go on a non-critical server. I'm on Ubuntu 18, rather than Centos, but the idea is the same. Followed your config, making adjustments for platform, and rspamd, redis and exim are all running happily. The only trouble is that rspamd doesn't seem to be chewing on any emails. I can send and receive as normal, but the web stats interface of rspamd shows zero mails passing through. I added a test spam to the web interface, and that registered, but its the only mail I can see.

Nothing in particular in the exim or rspamd logs that gives me a clue. Has anyone else been through this on Ubuntu?

Spam assassin is happily disabled. I can roll back the config pretty easily, but I'm going to leave it going for a day to see if anything suggests itself.

Re: HOW TO: RSPAMD integration

Posted: Wed Apr 15, 2020 8:49 am

by plutocrat

Replaced original email, as it might have been confusing. OK, so on Ubuntu, there is one key change to the original poster's config. In the check_rcpt section, you set a variable acl_m1 depending on whether a file exists for that domain:

Code: Select all

.ifdef RSPAMD
  warn    set acl_m1    = no
  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
          set acl_m1    = yes
.endif

Its crucial to note that for Ubuntu, the path is /etc/exim4 rather than /etc/exim which the Centos example used.!

Once you have that set, the conditions for scanning the mail work fine, specifically this one which has now been correctly set:
condition = ${if eq{$acl_m1}{yes}{yes}{no}}

I've been tweaking the exim config. Currently it looks like this:

Code: Select all

.ifdef RSPAMD
  accept hosts = +relay_from_hosts
  accept condition = ${if eq{$interface_port}{587}}
  accept authenticated = *

  # If message size is less than 500k and the domain has antispam enabled, scan the message with rspamd
  # This will set variables as follows: $spam_action, $spam_score, $spam_score_int (spam score x10), $spam_report, $spam_bar
  # So we add these as headers, first removing any existing ones
  warn  condition      = ${if < {$message_size}{500K}}
        condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
        spam = nobody:true
        remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status
        add_header     = X-Spam-Score: $spam_score_int
        add_header     = X-Spam-Report: $spam_report
	add_header     = X-Spam-Action: $spam_action
        set acl_m2     = $spam_score_int

  # add x-spam-bar header if score is positive
  warn  condition = ${if >{$spam_score_int}{0}}
        add_header = X-Spam-Bar: $spam_bar

  # use greylisting if action is soft reject
  defer message    = Please try again later
        condition  = ${if eq{$spam_action}{soft reject}}

  # Hard reject if spam action is reject 
  deny  message    = Message discarded as high-probability spam
        condition  = ${if eq{$spam_action}{reject}}

  # Tag mesage as spam-report header when spam action is "add header" 
    warn
    condition  = ${if eq{$spam_action}{add header}}
    add_header = X-Spam-Status: Yes

  # add x-spam-status header if message action is "rewrite subject"
  warn
    condition  = ${if eq{$spam_action}{rewrite subject}}
    add_header = X-Spam-Status: Yes
.endif

Re: HOW TO: RSPAMD integration

Posted: Tue Apr 21, 2020 11:08 pm

by criptop

Hi,

question should be changed condition = ${if eq{$acl_m1}{yes}{yes}{no}} from ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} ??

Regards

Ruben

plutocrat wrote: ↑

Wed Apr 15, 2020 8:49 am

Replaced original email, as it might have been confusing. OK, so on Ubuntu, there is one key change to the original poster's config. In the check_rcpt section, you set a variable acl_m1 depending on whether a file exists for that domain:

Code: Select all

.ifdef RSPAMD
  warn    set acl_m1    = no
  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
          set acl_m1    = yes
.endif

Its crucial to note that for Ubuntu, the path is /etc/exim4 rather than /etc/exim which the Centos example used.!

Once you have that set, the conditions for scanning the mail work fine, specifically this one which has now been correctly set:
condition = ${if eq{$acl_m1}{yes}{yes}{no}}

I've been tweaking the exim config. Currently it looks like this:

Code: Select all

.ifdef RSPAMD
  accept hosts = +relay_from_hosts
  accept condition = ${if eq{$interface_port}{587}}
  accept authenticated = *

  # If message size is less than 500k and the domain has antispam enabled, scan the message with rspamd
  # This will set variables as follows: $spam_action, $spam_score, $spam_score_int (spam score x10), $spam_report, $spam_bar
  # So we add these as headers, first removing any existing ones
  warn  condition      = ${if < {$message_size}{500K}}
        condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
        spam = nobody:true
        remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status
        add_header     = X-Spam-Score: $spam_score_int
        add_header     = X-Spam-Report: $spam_report
	add_header     = X-Spam-Action: $spam_action
        set acl_m2     = $spam_score_int

  # add x-spam-bar header if score is positive
  warn  condition = ${if >{$spam_score_int}{0}}
        add_header = X-Spam-Bar: $spam_bar

  # use greylisting if action is soft reject
  defer message    = Please try again later
        condition  = ${if eq{$spam_action}{soft reject}}

  # Hard reject if spam action is reject 
  deny  message    = Message discarded as high-probability spam
        condition  = ${if eq{$spam_action}{reject}}

  # Tag mesage as spam-report header when spam action is "add header" 
    warn
    condition  = ${if eq{$spam_action}{add header}}
    add_header = X-Spam-Status: Yes

  # add x-spam-status header if message action is "rewrite subject"
  warn
    condition  = ${if eq{$spam_action}{rewrite subject}}
    add_header = X-Spam-Status: Yes
.endif

Re: HOW TO: RSPAMD integration

Posted: Wed Apr 22, 2020 3:17 am

by plutocrat

criptop wrote: ↑
Tue Apr 21, 2020 11:08 pm
question should be changed condition = ${if eq{$acl_m1}{yes}{yes}{no}} from ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}

I don't understand what you're asking.

The config I posted works. In the first section it uses this condition to look for a file. If the file exists, it sets $acl_m1 to "yes":
${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}

The second condition checks to see if $acl_m1="yes". If it does, it scans the mail with rspamd
${if eq{$acl_m1}{yes}{yes}{no}}

This was just the way it was set up in the original exim config file for vesta. If you understand what you're doing, then there's no reason (as far as I can see), why you can't remove the first section, and just replace
${if eq{$acl_m1}{yes}{yes}{no}}
with
${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
in the second section.

i.e. there doesn't seem to be a need to set the intermediate variable $acl_m1. Is that what you were asking?

Re: HOW TO: RSPAMD integration

Posted: Wed May 27, 2020 8:53 am

by compiz

I think that in my case something doesn't work as it should!
I am receiving every day the same and the same 4-5 emails from various addresses.
The content and the format of the emails is exactly the same.
I don't think that the rspamd learns from me marking emails as spam and moving them to the spam folder nor from when I train it from the GUI.
It will say for example the item is already learned but here it is, 10 minutes later in my inbox. The same item as 1000 before it!

Re: HOW TO: RSPAMD integration

Posted: Sat Jan 23, 2021 7:21 pm

by jalfared

Hi,
I'm Using CentOS 7 want to integrate rSpamD, I have confusion with some parts of this post.

1. During Instalation Which options Select?
1. Nginx + Apache OR Nginx + php-fpm ?
2. exim + devcot OR exim or No ?

2. Where to write this line?

Code: Select all

echo 1 > /proc/sys/vm/overcommit_memory

3. Which Options to Select in this during configuration

Code: Select all

rspamadm configwizard

4. Where to write this code in Edit /etc/exim/exim.conf bcz its a long file, should write in start or end?

Code: Select all

(...)

#SPAMASSASSIN = yes
RSPAMD = yes
SPAM_SCORE = 50
#CLAMD =  yes <<< If you use clamava, you may leave it uncommented

(...)

.ifdef RSPAMD
spamd_address = 127.0.0.1 11333 variant=rspamd
.endif

(...)

acl_check_rcpt:

(...)

.ifdef RSPAMD
  warn    set acl_m1    = no

  warn    condition     = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
          set acl_m1    = yes
.endif

  accept

(...)

acl_check_data:

(...)

#RSPAMD https://www.rspamd.com/doc/integration.html
.ifdef RSPAMD
  warn   !authenticated = *
         hosts          = !+relay_from_hosts
         condition      = ${if < {$message_size}{500K}}
         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
         spam           = nobody:true
         add_header     = X-Spam-Score: $spam_score_int
         add_header     = X-Spam-Report: $spam_report
         set acl_m2     = $spam_score_int

  # use greylisting available in rspamd v1.3+
  defer  message    = Please try again later
         condition  = ${if eq{$spam_action}{soft reject}}

  # use for discarding spam email
  deny   message    = Message discarded as high-probability spam (from $sender_address to $recipients)
         condition  = ${if eq{$spam_action}{reject}}

  # Remove foreign headers
  warn   remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status

  # add spam header
  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
         add_header     = X-Spam-Status: Yes

.endif

(...)

5. Where to add this code for, Add rspamd web interface location to vesta-nginx: /usr/local/vesta/nginx/conf/nginx.conf ?

Code: Select all

(...)
        location ~ \.php$ {
            include         /usr/local/vesta/nginx/conf/fastcgi_params;
            fastcgi_param   SCRIPT_FILENAME /usr/local/vesta/web/$fastcgi_script_name;
            fastcgi_param   QUERY_STRING    $query_string;
            fastcgi_pass    unix:/var/run/vesta-php.sock;
            fastcgi_intercept_errors        on;
            break;
        }

        location /rspamd/ {
            proxy_pass       http://localhost:11334/;
            proxy_set_header Host      $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
(...)

Please Reply, Because there is no Video Tutorial available on whole internet about rspamd installation and integration with VestaCP.

Re: HOW TO: RSPAMD integration

Posted: Sat Jan 23, 2021 8:03 pm

by Szektor

Hey,

I am fighting with this as well.
I found out rspamd install, on Ubuntu 18.

Code: Select all

apt-get install -y lsb-release wget # optional
CODENAME=`lsb_release -c -s`
wget -O- https://rspamd.com/apt-stable/gpg.key | apt-key add -
echo "deb [arch=amd64] http://rspamd.com/apt-stable/ $CODENAME main" > /etc/apt/sources.list.d/rspamd.list
echo "deb-src [arch=amd64] http://rspamd.com/apt-stable/ $CODENAME main" >> /etc/apt/sources.list.d/rspamd.list
apt-get update
apt-get --no-install-recommends install rspamd -y

You can use rspamd website to find your install method.
Also it was told to go with defaults but it depends on your system as well.

Re: HOW TO: RSPAMD integration

Posted: Sat Jan 23, 2021 8:21 pm

by Szektor

Ubuntu 18, Redis:

Code: Select all

apt install redis-server -y
sed -i 's/supervised no/supervised systemd/' /etc/redis/redis.conf
sed -i 's/# maxmemory <bytes>/maxmemory 100mb/' /etc/redis/redis.conf
sed -i 's/# maxmemory-policy noeviction/maxmemory-policy volatile-ttl/' /etc/redis/redis.conf
systemctl restart redis.service
echo 1 > /proc/sys/vm/overcommit_memory

sed -i 's/ReadWriteDirectories=-\/var\/run\/redis/ReadWriteDirectories=-\/run\/redis/' /lib/systemd/system/redis-server.service
sed -i 's/Type=forking/Type=notify/' /lib/systemd/system/redis-server.service

systemctl enable /lib/systemd/system/redis-server.service

sysctl vm.overcommit_memory=1
sed -i 's/# Protects against creating or following links under certain conditions/sysctl vm.overcommit_memory=1/' /etc/sysctl.conf

apt-get install hugepages -y
hugeadm --thp-never
sed -i '$i /usr/bin/hugeadm --thp-never' /etc/rc.local

systemctl edit redis-server

PASTE in the file:

Code: Select all

[Service]
Type=notify

And:

Code: Select all

systemctl daemon-reload
systemctl restart redis.service

systemctl enable rspamd
systemctl enable redis
systemctl start rspamd
systemctl start redis

Test: systemctl status redis

Finally:

Code: Select all

sed -i 's/ANTISPAM_SYSTEM=\'spamassasin\'/ANTISPAM_SYSTEM=\'rspamd\'/' /etc/redis/redis.conf
service vesta restart

FOR multi-user env.:

Code: Select all

sed -i 's/# requirepass foobared/requirepass CHANGETHISTOSOMETHINGREALLYLONGTOHAVEASECUREPASSWORD/' /etc/redis/redis.conf

+ change command names!!!

After all this I still have an error:

Code: Select all

Failed to enable unit: Refusing to operate on linked unit file redis.service

I wonder how to solve it. I googled for hours.

Re: HOW TO: RSPAMD integration

Posted: Sun Jan 24, 2021 3:25 pm

by jalfared

As you can see, after doing all hustle you still getting errors. I mean of what use a tool is when u can't give a proper method to use it?
If you visit rspamd website, they have given such a huge long and extremely extremely complex instruction to install that one would just take days in just reading, plus google each step, and when u google u won't even find a single video tutorial on entire internet! Like if it was that much useful there must be a course or video someone have made on it.
It proves 99% people can't even installl it.