/Integrate rspamd with cpanel
Last active Jan 8, 2019
Integrate rspamd with cpanel
| service[rspamd]=x,x,x,/etc/init.d/rspamd restart,rspamd,_rspamd |
| * go to whm -> exim configuration manager | |
| * choose advanced editor | |
| * search spamd & replace with this: | |
| spamd_address = 127.0.0.1 11333 variant=rspamd | |
| system_filter = /etc/exim_system_filter | |
| system_filter_file_transport = address_file | |
| * find and disable greylisting block | |
| * find and disable _default_check_message_pre_ on acl_smtp_data | |
| * find section acl_smtp_data:custom_begin_spam_scan | |
| * complete block with this: | |
| # Remove spam headers from outside sources | |
| warn remove_header = x-spam-subject : x-spam-status : x-spam-score : x-spam-bar : x-spam-report : x-spam-flag : x-ham-report | |
| # add spam-score and spam-report header when told by rspamd | |
| # also scan outgoing messages | |
| warn spam = nobody:true | |
| log_message = "rspam_score: $spam_score ($spam_bar) rspam_report: $spam_report" | |
| !authenticated = * | |
| add_header = X-Spam-Score: $spam_score ($spam_bar) | |
| add_header = X-Spam-Report: $spam_report | |
| add_header = X-Spam-Action: $spam_action | |
| warn condition = ${if eq{$spam_action}{rewrite subject}} | |
| add_header = X-Spam-Subject: ***SPAM*** $rh_subject | |
| add_header = X-Spam-Status: Yes | |
| defer message = Please try again later | |
| condition = ${if eq{$spam_action}{greylist}} | |
| defer message = Please try again later | |
| condition = ${if eq{$spam_action}{soft reject}} | |
| deny message = Message discarded as high-probability spam | |
| condition = ${if eq{$spam_action}{reject}} | |
| 7. disable default_spam_scan, default_spam_scan_check block | |
| 8. disable acl_not_smtp:outgoing_spam_scan_over_int, acl_smtp_data:no_forward_outbound_spam_over_int | |
| 9. reject mail which get score higher than 6 if they is sent via non_smtp (sendmail, php mail()) | |
| Note: this will ignore completely messages which are sent from root user. | |
| ** Find block acl_not_smtp:custom_begin_not_smtp and paste this code | |
| warn condition = ${if eq{$sender_address_local_part}{root} {no} {yes}} | |
| spam = nobody:true | |
| log_message = "rspam_score: $spam_score ($spam_bar) rspam_report: $spam_report" | |
| add_header = X-Spam-Score: $spam_score ($spam_bar) | |
| add_header = X-Spam-Report: $spam_report | |
| add_header = X-Spam-Action: $spam_action | |
| deny message = Message discarded as high-probability spam | |
| condition = ${if >= {$spam_score_int}{60}} | |
| ** disable acl_not_smtp:end_default_outgoing_notsmtp_checkall | |
| 10. deliver mail with high score of spam to /dev/null if is try to be forwarded due email forwards | |
| *** Put these block in to begin routers block, before router boxtrapper_autowhitelist or enforce_mail_permissions: | |
| # version with using of delivery as save to /dev/null (logs will show actual delivery to recipient email, which is not true action) | |
| # reject_forwarded_mail_marked_as_spam: | |
| # driver = accept | |
| # ignore_target_hosts = 127.0.0.1 | |
| # condition = ${if eq {${lookup {$sender_address_domain} lsearch{/etc/userdomains}{$value}}}{}{true}{false}} | |
| # condition = ${if match{$header_X-Spam-Score:}{\N\+\+\+\+\+\N}{yes}{no}} | |
| # # condition = ${if >= {$spam_score_int}{50}} | |
| # domains = ! +local_domains : !$primary_hostname | |
| # transport = file_to_devnull | |
| silent_drop_forwarded_mail_marked_as_spam: | |
| driver = redirect | |
| ignore_target_hosts = 127.0.0.1 | |
| condition = ${if eq {${lookup {$sender_address_domain} lsearch{/etc/userdomains}{$value}}}{}{true}{false}} | |
| # condition = ${if match{$header_X-Spam-Score:}{\N\+\+\+\+\+\N}{yes}{no}} | |
| condition = ${if >= {$spam_score_int}{50}} | |
| domains = ! +local_domains : !$primary_hostname | |
| allow_filter | |
| user = mailnull | |
| file_transport = file_to_devnull | |
| data = #Exim filter\n\ | |
| save /dev/null | |
| ** Put this transport after begin transports: | |
| file_to_devnull: | |
| driver = appendfile | |
| file = /dev/null | |
| ** system_filter: | |
| # Exim filter | |
| if "${if def:header_X-Spam-Subject: {there}}" is there | |
| then | |
| headers remove Subject | |
| headers add "Subject: $rh_X-Spam-Subject:" | |
| headers remove X-Spam-Subject | |
| endif | |
| * add router which will store Spam messages in INBOX.Junk directory | |
| virtual_user_spam_dir: | |
| driver = redirect | |
| domains = !$primary_hostname | |
| # condition = ${if match{$header_X-Spam-Score:}{\N\+\+\+\+\+\N}{yes}{no}} | |
| condition = ${if >= {$spam_score_int}{60}} | |
| require_files = "+/etc/valiases/$domain:+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/mail/$domain/$local_part" | |
| data = "$local_part+Junk@$domain" | |
| redirect_router = virtual_user |
| # cat logging.inc | |
| type=file | |
| filename=/var/log/rspamd.log | |
| # cat metrics.conf | |
| actions { | |
| reject = 15; | |
| rewrite_subject = 8; | |
| add_header = 6; | |
| greylist = 4; | |
| } | |
| # cat worker-controller.inc | |
| bind_socket = "IP:11334"; | |
| password = "PASSWORD HASH"; |
| # some filter to remove shit from qq.com | |
| local reconf = config['regexp']; | |
| reconf['FROM_SPAM_QQCOM'] = { | |
| re = 'From=/<[0-9a-z]+@qq.com>/Hm', | |
| score = 10.0, | |
| description = 'Spam from qq.com', | |
| group = 'header' | |
| } |
| # Exim filter | |
| if not first_delivery then | |
| finish | |
| endif | |
| if "${if def:header_X-Spam-Subject: {there}}" is there then | |
| headers remove Subject | |
| headers add "Subject: $rh_X-Spam-Subject:" | |
| headers remove X-Spam-Subject | |
| endif | |
| if $h_X-Spam-Score: contains "+++++" and $h_To does not contains "postmaster" then | |
| if $h_X-Spam-Score: contains "+++++++++++" then | |
| save "/dev/null" | |
| else | |
| deliver "spam@XXXXXX" | |
| endif | |
| endif |
This comment has been minimized.
This comment has been minimized.
vstakhov
commented
May 22, 2017
|
I'm looking forward towards improvement of the Exim integration document. Would you mind if I include your recipes to the official Rspamd documentation? Or you can add your own pull request against |
This comment has been minimized.
This comment has been minimized.
ScOut3R
commented
Oct 16, 2018
|
Thank you @mdupa! This was desperately needed! I hope you don't mind, I improved upon your solution with the following benefits:
Additional steps to your instructions:
FYI @vstakhov |
This comment has been minimized.
This comment has been minimized.
Sure, you may include this recipe to official rspamd documentation. |
This comment has been minimized.
This comment has been minimized.
Thank, i have updated gist with some changes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
robertol commentedMay 18, 2017
Hi!
I found your gist and I followed your guide but my exim not connect to rspamd. I'm using centos 7 and rspamd in same server with cpanel. Could you help me?
I'm using exim 4.89 (cpanel 11.64).
Thanks!