rigacci.org

User Tools

Site Tools

Trace: Fill-in Flash MediaWiki - Problema con thumbnail PDF
doc:appunti:linux:sa:rspamd_spamassassin

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
doc:appunti:linux:sa:rspamd_spamassassin [2023/11/20 12:37] – [SPF check] niccolodoc:appunti:linux:sa:rspamd_spamassassin [2024/07/17 18:23] (current) – [Whitelist-From using the multimap module] niccolo
Line 500: Line 500:
 ===== Custom regexp rule with multimap ===== ===== Custom regexp rule with multimap =====
  
-To add a custom rule using some regular expressions, we will use the **[[https://rspamd.com/doc/modules/multimap.html|multimap]]** module, which is enabled per default in Debian. We can reate a file called **/etc/rspamd/local.d/multimap.conf** and write a **symbol** (rule name) in it:+To add a custom rule using some regular expressions, we will use the **[[https://rspamd.com/doc/modules/multimap.html|multimap]]** module, which is enabled per default in Debian. We can create a file called **/etc/rspamd/local.d/multimap.conf** and write a **symbol** (rule name) in it:
  
 <file> <file>
Line 532: Line 532:
 /second example string/gi /second example string/gi
 </file> </file>
 +
 +If the map file is updated, it will be reloaded automatically.
  
 If **prefilter** is true, we have to define the //action//. In case of match the action is executed and no filters will be applied. If **prefilter** is true, we have to define the //action//. In case of match the action is executed and no filters will be applied.
Line 540: Line 542:
 ^ add_header        | Add a header ''X-Spam: Yes'' to the message, but the message is eccepted for delivery.  | ^ add_header        | Add a header ''X-Spam: Yes'' to the message, but the message is eccepted for delivery.  |
 ^ rewrite_subject   | The message is accepted, but the ''Subject:'' header is modified according to the global //actions// => //subject// setting.  | ^ rewrite_subject   | The message is accepted, but the ''Subject:'' header is modified according to the global //actions// => //subject// setting.  |
-^ soft reject       | The message is rejected with a 451 SMTP status code, meaning a temporary problem. The sender MTA is notified with a temporary failure message and it should retry later. Notice that this action **is not a greylisting**when the message is retried the same rule applies again.  |+^ soft reject       | The message is rejected with a 451 SMTP status code, meaning a temporary problem. The sender MTA is notified with a temporary failure message and it should retry later. Notice that this action **is not a greylisting**when the message is retried the same rule applies again.  |
 ^ reject            | The message is reject witha 554 SMTP status code. The default message generated by the Postfix MTA is ''554 5.7.1 Matched map: TEST_SPAM_STRING''. The sender MTA should create a //sender non-delivery notification// | ^ reject            | The message is reject witha 554 SMTP status code. The default message generated by the Postfix MTA is ''554 5.7.1 Matched map: TEST_SPAM_STRING''. The sender MTA should create a //sender non-delivery notification// |
  
Line 553: Line 555:
  
 The **message** is eventually used if the mail matches this rule and the action is set to //reject// or //soft reject//. In this case the sender MTA will be notified with this message in reply to end of DATA command. The SMTP message code will be 554 for reject or 451 for soft reject. The **message** is eventually used if the mail matches this rule and the action is set to //reject// or //soft reject//. In this case the sender MTA will be notified with this message in reply to end of DATA command. The SMTP message code will be 554 for reject or 451 for soft reject.
 +
 +===== Whitelist-From using the multimap module =====
 +
 +It is possibile replicate the **whitelist_from** option found in **SpamAssassin** using the multimap module of **rspamd**. In the **/etc/rspamd/local.d/multimap.conf** we create a symbol called e.g. **WHITELIST_FROM**:
 +
 +<file>
 +WHITELIST_FROM {
 +    description = "Whitelist From regex";
 +    type = "from";
 +    regexp = true;
 +    map = "${LOCAL_CONFDIR}/maps.d/whitelist_from.map";
 +    prefilter = true;
 +    action = "accept";
 +    score = -100;
 +}
 +</file>
 +
 +In the file **/etc/rspamd/maps.d/whitelist_from.map** it is possibile to add one regex per line to mach the **From** header. The header content is cleaned of extra data, e.g. **''%%Niccolo Rigacci <niccolo@rigacci.org>%%''** will be pruned to **''%%niccolo@rigacci.org%%''**.
 +
 +Standard regex **meta-characters** can be used, e.g. (see ''man grep'' for a full list):
 +
 +^ %%^%%   | Matches the start of the line.  |
 +^ %%$%%   | Matches the end of the line.  |
 +^ %%.%%   | Matches a single character.  |
 +^ %%\.%%  | Matches a single dot.  |
 +^ %%\b%%  | Matches the empty string at the edge of a word.  |
 +
 +The regex must be enclosed into a pair of **%%/%%** chars and the standard **flags** can be used:
 +
 +^ %%i%%   | Case insensitive match.  |
 +
 +Here are an example to whitelist a single email address and an entire mail domain (NOTICE: if the map is updated, it will be reloaded automatically):
 +
 +<file>
 +/^niccolo@texnet\.it$/i
 +/@domain\.org$/i
 +</file>
 +
  
 ===== Customizing the headers ===== ===== Customizing the headers =====
Line 674: Line 714:
 <code> <code>
 systemctl daemon-reload systemctl daemon-reload
 +systemctl restart clamav-daemon.socket
 systemctl restart clamav-daemon.service systemctl restart clamav-daemon.service
 </code> </code>
doc/appunti/linux/sa/rspamd_spamassassin.1700480220.txt.gz · Last modified: 2023/11/20 12:37 by niccolo