service[rspamd]=x,x,x,/etc/init.d/rspamd restart,rspamd,_rspamd |
* go to whm -> exim configuration manager | |
* choose advanced editor | |
* search spamd & replace with this: | |
spamd_address = 127.0.0.1 11333 variant=rspamd | |
* find and disable greylisting block | |
* find and disable acl_smtp_data:default_check_message_pre | |
* find section acl_smtp_data:custom_begin_spam_scan | |
* complete block with this: | |
# Remove spam headers from outside sources | |
warn remove_header = x-spam-subject : x-spam-status : x-spam-score : x-spam-bar : x-spam-report : x-spam-flag : x-ham-report | |
# add spam-score and spam-report header when told by rspamd | |
# also scan outgoing messages | |
warn spam = nobody:true | |
log_message = "rspam_score: $spam_score ($spam_bar) rspam_report: $spam_report" | |
!authenticated = * | |
add_header = X-Spam-Score: $spam_score ($spam_bar) | |
add_header = X-Spam-Report: $spam_report | |
add_header = X-Spam-Action: $spam_action | |
warn condition = ${if eq{$spam_action}{rewrite subject}} | |
add_header = X-Spam-Subject: ***SPAM*** $rh_subject | |
add_header = X-Spam-Status: Yes | |
defer message = Please try again later | |
condition = ${if eq{$spam_action}{greylist}} | |
defer message = Please try again later | |
condition = ${if eq{$spam_action}{soft reject}} | |
deny message = Message discarded as high-probability spam | |
condition = ${if eq{$spam_action}{reject}} | |
7. disable acl_smtp_data:default_spam_scan, acl_smtp_rcpt:default_spam_scan_check block | |
8. disable acl_not_smtp:outgoing_spam_scan_over_int, acl_smtp_data:no_forward_outbound_spam_over_int | |
9. reject mail which get score higher than 6 if they is sent via non_smtp (sendmail, php mail()) | |
Note: this will ignore completely messages which are sent from root user. | |
** Find block acl_not_smtp:custom_begin_not_smtp and paste this code | |
warn condition = ${if eq{$sender_address_local_part}{root} {no} {yes}} | |
spam = nobody:true | |
log_message = "rspam_score: $spam_score ($spam_bar) rspam_report: $spam_report sender_address_local_part = $sender_address_local_part" | |
add_header = X-Spam-Score: $spam_score ($spam_bar) | |
add_header = X-Spam-Report: $spam_report | |
add_header = X-Spam-Action: $spam_action | |
discard message = Message discarded as high-probability spam | |
condition = ${if match {$spam_report} {\NFREEMAIL_ENVFROM\N} {1} {0}} | |
condition = ${if >= {$spam_score_int}{60}} | |
deny message = Message rejected as high-probability spam | |
condition = ${if >= {$spam_score_int}{60}} | |
deny message = Message rejected as high-probability spam | |
condition = ${if eq{$spam_action}{reject}} | |
accept | |
** disable acl_not_smtp:end_default_outgoing_notsmtp_checkall | |
10. deliver mail with high score of spam to /dev/null if is try to be forwarded due email forwards | |
*** Put these block in to begin routers block, before router boxtrapper_autowhitelist or enforce_mail_permissions: | |
# version with using of delivery as save to /dev/null (logs will show actual delivery to recipient email, which is not true action) | |
# reject_forwarded_mail_marked_as_spam: | |
# driver = accept | |
# ignore_target_hosts = 127.0.0.1 | |
# condition = ${if eq {${lookup {$sender_address_domain} lsearch{/etc/userdomains}{$value}}}{}{true}{false}} | |
# condition = ${if match{$header_X-Spam-Score:}{\N\+\+\+\+\+\N}{yes}{no}} | |
# # condition = ${if >= {$spam_score_int}{50}} | |
# domains = ! +local_domains : !$primary_hostname | |
# transport = file_to_devnull | |
silent_drop_forwarded_mail_marked_as_spam: | |
driver = redirect | |
ignore_target_hosts = 127.0.0.1 | |
condition = ${if eq {${lookup {$sender_address_domain} lsearch{/etc/userdomains}{$value}}}{}{true}{false}} | |
# condition = ${if match{$header_X-Spam-Score:}{\N\+\+\+\+\+\N}{yes}{no}} | |
condition = ${if >= {$spam_score_int}{50}} | |
domains = ! +local_domains : !$primary_hostname | |
allow_filter | |
user = mailnull | |
file_transport = file_to_devnull | |
data = #Exim filter\n\ | |
save /dev/null | |
** Put this transport after begin transports: | |
file_to_devnull: | |
driver = appendfile | |
file = /dev/null | |
* add router which will store Spam messages in INBOX.Junk directory | |
* this will cause error when you will try to save settings in to WHM/cpanel exim editor | |
virtual_user_spam_dir: | |
driver = redirect | |
domains = !$primary_hostname | |
# condition = ${if match{$header_X-Spam-Score:}{\N\+\+\+\+\+\N}{yes}{no}} | |
condition = ${if >= {$spam_score_int}{60}} | |
require_files = "+/etc/valiases/$domain:+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/mail/$domain/$local_part" | |
data = "$local_part+Junk@$domain" | |
redirect_router = virtual_user |
# cat options.inc | |
dns { | |
nameserver = ["127.0.0.1"]; | |
} | |
# cat redis.conf | |
servers = "127.0.0.1"; # Read servers (unless write_servers are unspecified) | |
write_servers = "127.0.0.1"; # Servers to write data | |
#disabled_modules = ["ratelimit"]; # List of modules that should not use redis from this section | |
timeout = 2s; | |
db = "4"; | |
#password = "some_password"; |
MM_WHITELISTED_ASN { | |
type = "asn"; | |
map = "${LOCAL_CONFDIR}/local.d/whitelisted_asn.map"; | |
description = "Messages which are coming from whitelisted ASN"; | |
score = -10; | |
} | |
MM_BLACKLISTED_IP { | |
type = "ip"; | |
map = "${LOCAL_CONFDIR}/local.d/blacklisted_sourceip.map"; | |
description = "Blacklisted ips"; | |
score = 12; | |
} | |
MM_WHITELISTED_IP { | |
type = "ip"; | |
map = "${LOCAL_CONFDIR}/local.d/whitelisted_sourceip.map"; | |
description = "Whitelisted ips"; | |
score = -10; | |
} | |
MM_REJECTED_BY_SUBJECT { | |
type = "header"; | |
header = "Subject"; | |
map = "${LOCAL_CONFDIR}/local.d/rejected_by_subject.map"; | |
regexp = true; | |
score = 10; | |
symbols = ["HAS_X_PHP_SCRIPT"]; | |
# action = "reject"; | |
} | |
MM_BLACKLISTED_BY_FORGED_SENDER { | |
type = "from"; | |
filter = "email:user"; | |
map = "${LOCAL_CONFDIR}/local.d/blacklisted_by_forged_sender.map"; | |
symbols = ["FORGED_SENDER"]; | |
action = "reject"; | |
} | |
MM_BLACKLISTED_BY_USER { | |
type = "user"; | |
map = "${LOCAL_CONFDIR}/local.d/blacklisted_by_user.map"; | |
action = "reject"; | |
} | |
MM_WHITELISTED_BY_SUBJECT { | |
type = "header"; | |
header = "Subject"; | |
map = "${LOCAL_CONFDIR}/local.d/whitelisted_by_subject.map"; | |
regexp = true; | |
score = -5; | |
# action = "reject"; | |
} | |
MM_WHITELISTED_BY_USER { | |
type = "user"; | |
map = "${LOCAL_CONFDIR}/local.d/whitelisted_by_user.map"; | |
score = -5; | |
# action = "reject"; | |
} | |
MM_WHITELISTED_BY_ENVELOPE_FROM { | |
type = "from"; | |
map = "${LOCAL_CONFDIR}/local.d/whitelisted_by_envelope_from.map"; | |
regexp = true; | |
filter = "email:addr"; | |
score = -7; | |
} | |
MM_WHITELISTED_BY_FROM_HEADER { | |
type = "header"; | |
header = "From"; | |
map = "${LOCAL_CONFDIR}/local.d/whitelisted_by_from_header.map"; | |
regexp = true; | |
score = -7; | |
} | |
#MM_WHITELISTED_RSPAMD_BL { | |
# type = "header"; | |
# header = "To"; | |
# map = "${LOCAL_CONFDIR}/local.d/whitelisted_by_to_header_rspamd_bl.map"; | |
# symbols = ["RSPAMD_URIBL"]; | |
# action = "accept"; | |
#} | |
MM_BLACKLISTED_BY_FROM_HEADER { | |
type = "header"; | |
header = "From"; | |
map = "${LOCAL_CONFDIR}/local.d/blacklisted_by_from_header.map"; | |
regexp = true; | |
score = 15; | |
# action = "reject"; | |
} | |
MM_BLACKLISTED_BY_X_PHP_HEADER { | |
type = "from"; | |
symbols = ["HAS_X_PHP_SCRIPT"]; | |
action = "reject"; | |
map = "${LOCAL_CONFDIR}/local.d/blacklisted_by_x_php_header.map"; | |
} | |
MM_MAIL_DELIVERY_FAILED { | |
type = "header"; | |
header = "Subject"; | |
map = "${LOCAL_CONFDIR}/local.d/mail_delivery_failed_subject.map" | |
symbols = ["IS_MAIL_DELIVERY_FAILED"]; | |
regexp = true; | |
} | |
MM_REJECT_MAIL_DELIVERY_FAILED_BY_TO_HEADER { | |
type = "header"; | |
header = "To"; | |
map = "${LOCAL_CONFDIR}/local.d/reject_by_to_header.map"; | |
regexp = true; | |
action = "reject"; | |
#score = 10; | |
require_symbols = "MM_MAIL_DELIVERY_FAILED"; | |
} |
# cat logging.inc | |
type=file | |
filename=/var/log/rspamd.log | |
# cat actions.conf | |
reject = 15; # Reject when reaching this score | |
add_header = null; # Add header when reaching this score | |
greylist = 4; # Apply greylisting when reaching this score (will emit `soft reject action`) | |
# cat worker-controller.inc | |
bind_socket = "IP:11334"; | |
password = "PASSWORD HASH"; |
This comment has been minimized.
This comment has been minimized.
I'm looking forward towards improvement of the Exim integration document. Would you mind if I include your recipes to the official Rspamd documentation? Or you can add your own pull request against |
This comment has been minimized.
This comment has been minimized.
Thank you @mdupa! This was desperately needed! I hope you don't mind, I improved upon your solution with the following benefits:
Additional steps to your instructions:
FYI @vstakhov |
This comment has been minimized.
This comment has been minimized.
Sure, you may include this recipe to official rspamd documentation. |
This comment has been minimized.
This comment has been minimized.
Thank, i have updated gist with some changes |
This comment has been minimized.
This comment has been minimized.
There are any video step by step? i'm not so good with english. |
This comment has been minimized.
Hi!
I found your gist and I followed your guide but my exim not connect to rspamd. I'm using centos 7 and rspamd in same server with cpanel. Could you help me?
I'm using exim 4.89 (cpanel 11.64).
Thanks!