====== Vestacp RSPAMD integration (CentOS 7) ======
(This article in progress)
===== Install and configure rspamd / redis =====
curl https://rspamd.com/rpm-stable/centos-7/rspamd.repo > /etc/yum.repos.d/rspamd.repo
rpm --import https://rspamd.com/rpm-stable/gpg.key
yum update
yum install rspamd redis
Add to bottom of /etc/redis.conf
maxmemory 100mb
maxmemory-policy volatile-ttl
For saving data to disk, it is also useful to setup overcommit memory behavior which might be useful for loaded systems. It could be done in Linux by using the following command:
echo 1 > /proc/sys/vm/overcommit_memory
Enable and start rspamd and redis:
systemctl enable rspamd
systemctl enable redis
systemctl start rspamd
systemctl start redis
Run rspamd config wizard (use default preference):
rspamadm configwizard
More information: https://www.rspamd.com/downloads.html
===== Configuring exim.conf =====
/etc/exim/exim.conf:
(...)
#SPAMASSASSIN = yes
RSPAMD = yes
SPAM_SCORE = 50
#CLAMD = yes
(...)
.ifdef RSPAMD
spamd_address = 127.0.0.1 11333 variant=rspamd
.endif
(...)
acl_check_rcpt:
(...)
.ifdef RSPAMD
warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes
.endif
accept
(...)
acl_check_data:
(...)
#RSPAMD https://www.rspamd.com/doc/integration.html
.ifdef RSPAMD
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{500K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = nobody:true
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
# use greylisting available in rspamd v1.3+
defer message = Please try again later
condition = ${if eq{$spam_action}{soft reject}}
# use for discarding spam email
deny message = Message discarded as high-probability spam (from $sender_address to $recipients)
condition = ${if eq{$spam_action}{reject}}
# Remove foreign headers
warn remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status
# add spam header
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
.endif
(...)
===== Rspamd interface from vestacp: =====
Add rspamd web interface location to vesta-nginx: /usr/local/vesta/nginx/conf/nginx.conf
(...)
location ~ \.php$ {
include /usr/local/vesta/nginx/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/local/vesta/web/$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_pass unix:/var/run/vesta-php.sock;
fastcgi_intercept_errors on;
break;
}
location /rspamd/ {
proxy_pass http://localhost:11334/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
(...)
Add link to top menu:
/usr/local/vesta/web/templates/admin/panel.html
ADD:
RIGHT AFTER:
Restart vestacp panel
service vesta restart