====== Vestacp RSPAMD integration (CentOS 7) ======

(This article in progress)

===== Install and configure rspamd / redis =====
<code>
curl https://rspamd.com/rpm-stable/centos-7/rspamd.repo > /etc/yum.repos.d/rspamd.repo
rpm --import https://rspamd.com/rpm-stable/gpg.key
yum update
yum install rspamd redis
</code>

Add to bottom of /etc/redis.conf
<code>
maxmemory 100mb
maxmemory-policy volatile-ttl
</code>

For saving data to disk, it is also useful to setup overcommit memory behavior which might be useful for loaded systems. It could be done in Linux by using the following command:
<code>
echo 1 > /proc/sys/vm/overcommit_memory
</code>

Enable and start rspamd and redis:
<code>
systemctl enable rspamd
systemctl enable redis
systemctl start rspamd
systemctl start redis
</code>

Run rspamd config wizard (use default preference):
<code>
rspamadm configwizard
</code>

More information: https://www.rspamd.com/downloads.html

===== Configuring exim.conf =====

/etc/exim/exim.conf:
<code>
(...)

#SPAMASSASSIN = yes
RSPAMD = yes
SPAM_SCORE = 50
#CLAMD =  yes

(...)

.ifdef RSPAMD
spamd_address = 127.0.0.1 11333 variant=rspamd
.endif

(...)

acl_check_rcpt:

(...)

.ifdef RSPAMD
  warn    set acl_m1    = no

  warn    condition     = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
          set acl_m1    = yes
.endif

  accept

(...)

acl_check_data:

(...)

#RSPAMD https://www.rspamd.com/doc/integration.html
.ifdef RSPAMD
  warn   !authenticated = *
         hosts          = !+relay_from_hosts
         condition      = ${if < {$message_size}{500K}}
         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
         spam           = nobody:true
         add_header     = X-Spam-Score: $spam_score_int
         add_header     = X-Spam-Report: $spam_report
         set acl_m2     = $spam_score_int

  # use greylisting available in rspamd v1.3+
  defer  message    = Please try again later
         condition  = ${if eq{$spam_action}{soft reject}}

  # use for discarding spam email
  deny   message    = Message discarded as high-probability spam (from $sender_address to $recipients)
         condition  = ${if eq{$spam_action}{reject}}

  # Remove foreign headers
  warn   remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status

  # add spam header
  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
         add_header     = X-Spam-Status: Yes
.endif

(...)

</code>


===== Rspamd interface from vestacp: =====

Add rspamd web interface location to vesta-nginx: /usr/local/vesta/nginx/conf/nginx.conf
<code>
(...)
        location ~ \.php$ {
            include         /usr/local/vesta/nginx/conf/fastcgi_params;
            fastcgi_param   SCRIPT_FILENAME /usr/local/vesta/web/$fastcgi_script_name;
            fastcgi_param   QUERY_STRING    $query_string;
            fastcgi_pass    unix:/var/run/vesta-php.sock;
            fastcgi_intercept_errors        on;
            break;
        }

        location /rspamd/ {
            proxy_pass       http://localhost:11334/;
            proxy_set_header Host      $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
(...)
</code>

Add link to top menu:
/usr/local/vesta/web/templates/admin/panel.html

ADD:
<code>
<div class="l-menu__item <?php if($TAB == 'RSPAMD' ) echo 'l-menu__item--active' ?>"><a target="_blank" href="/rspamd/"><?=__('Rspamd')?></a></div>
</code>
RIGHT AFTER:
<code>
<div class="l-menu__item <?php if($TAB == 'SERVER' ) echo 'l-menu__item--active' ?>"><a href="/list/server/"><?=__('Server')?></a></div>
</code>

Restart vestacp panel
<code>
service vesta restart
</code>