Dovecot antispam with Rspamd (part 1)
I am using Rspamd since a while now and I happy with it. In a nutshell Rspamd is a fast, free and extensible spam filtering system.
To be honest I am not a guru when it comes to mail server
configuration. Every time I'm hacking something in the mail
territory I have to look up what is a MTA, MDA etc.
Well, now I think I am kinda good at understanding emails.
Unlike spamassasin, Rspamd was simple to setup and has sane defaults so I adopted it merrily. As a bonus, it has a sexy Web UI.
In this post I'll provide my configuration for a nice integration with the Dovecot antispam plugin.
This is the first part of the Dovecot & Rspamd integration setup, talking about Rspamd autolearn integration with Dovecot antispam plugin.
Part 2 about mail filtering using Dovecot spamtest is here.
both Dovecot antispam plugins are deprecated in favour of AntispamWithSieve. If you have pigeonhole v0.4.14 or later, you should definitely use IMAPSieve instead.
Figuring out your dovecot antispam plugin version
There are two versions of the Dovecot antispam plugin:
The configuration differ slightly between the two, so you need to find out which one you have installed (for info Debian package the original, while FreeBSD package the fork).
run man dovecot-antispam and check the end of the man page. If it contains something like:
THIS FORK AUTHOR AND MAINTAINER
o Eugene Paskevich <eugene@raptor.kiev.ua>.
Then you have the fork version, otherwise it is the original.
Dovecot configuration
Add the antispam mail plugin to the relevant part of the imap configuration:
conf.d/20-imap.conf
1 2 3 4 5 6 7 | protocol imap { ... # Space separated list of plugins to load (default is global mail_plugins). #mail_plugins = $mail_plugins mail_plugins = $mail_plugins antispam ... } |
Then configure the plugin (pick your matching version):
conf.d/90-plugin.conf (original version)
1 2 3 4 5 6 7 8 9 | plugin { antispam_backend = pipe antispam_spam = Junk antispam_trash = Trash antispam_mail_sendmail = /usr/local/bin/rspamc antispam_mail_spam = learn_spam antispam_mail_notspam = learn_ham antispam_mail_sendmail_args = -h;localhost:11334;-P;q1 } |
conf.d/90-plugin.conf (fork version)
1 2 3 4 5 6 7 8 9 | plugin { antispam_backend = mailtrain antispam_spam = Junk antispam_trash = Trash antispam_mail_sendmail = /usr/local/bin/rspamc antispam_mail_spam = learn_spam antispam_mail_notspam = learn_ham antispam_mail_sendmail_args = -h;localhost:11334;-P;q1 } |
- This is the part that differ between the original (pipe) and fork (mailtrain) version.
- YMMV, adapt the rspamc(1) executable path (/usr/local/bin/rspamc in this example).
What this configuration does is:
-
When a mail is moved from any IMAP directory (except
TrashandJunk) to theJunkdirectory, the following command will be issued:% /usr/local/bin/rspamc -h localhost:11334 -P q1 learn_spam < mail
-
When a mail is moved from the
Junkdirectory to any IMAP directory (exceptTrashandJunk) the following command will be issued:% /usr/local/bin/rspamc -h localhost:11334 -P q1 learn_ham < mail
So every time a user gets a spam into its Inbox, moving it
into Junk will make Rspamd learn it
as spam (and hopefully filter it better the next time). Every time someone
gets a desired email into Junk, moving it into its
Inbox (or else) will make Rspamd
learn it as ham.
This is not perfect for all needs though. As you can see I use a system-wide spam/ham database, so choices from one user does effectively affect how Rspamd filter mail for every users.
Notes
Be sure to adapt the Rspamd password to the one
you've choosen while configuring Rspamd. I've
left the default password q1 in this
example.
Be extra careful if you need to tweak
antispam_mail_sendmail_args: it uses ;
as separator for arguments. I remember having a lot of troubles while
debugging because of that.
If you need help or want to know more about Rspamd, check the website or join #rspamd on freenode :D
Check out part 2 about mail filtering using Dovecot spamtest.