Rspamd Keyword Filter
Zur Navigation springen
Zur Suche springen
Mailstack from scratch: Postfix + Rspamd + Dovecot (LMTP + Sieve)
Schaubild
→ Internet
→ Postfix (nimmt an)
→ rspamd (bewertet, markiert)
→ Postfix (entscheidet accept/reject)
→ LMTP
→ Dovecot (kennt User & Maildir)
→ Sieve (sortiert)
→ INBOX / INBOX.Junk
Voraussetzungen
- Debian-System
- Systemuser mit Homeverzeichnis (Maildir im Home)
- KEIN Bayes
- KEIN IMAPSieve
- KEINE Lernskripte
Pakete installieren
- apt update
- apt install postfix rspamd dovecot-core dovecot-sieve
(Postfix-Dialog: "Internet Site", Hostname z.B. mail.example.de)
Postfix: Minimal und eindeutig
- alles geht zu Dovecot per LMTP
- postconf -e "mailbox_transport = lmtp:unix:private/dovecot-lmtp"
- postconf -e "virtual_transport = lmtp:unix:private/dovecot-lmtp"
- rspamd als milter
- postconf -e "smtpd_milters = inet:127.0.0.1:11332"
- postconf -e "non_smtpd_milters = inet:127.0.0.1:11332"
- postconf -e "milter_default_action = accept"
- systemctl restart postfix
Rspamd: Minimal + feste Keyword-Policy
- systemctl enable --now rspamd
- mkdir -p /etc/rspamd/local.d/lists
- vi /etc/rspamd/local.d/multimap.conf
CUSTOM_KEYWORDS {
type = "content";
map = "/etc/rspamd/local.d/lists/junk_keywords.map";
regexp = true;
icase = true;
symbol = "CUSTOM_KEYWORD";
score = 8.0;
}
- vi /etc/rspamd/local.d/lists/junk_keywords.map
\bviagra\b \bcialis\b \btadalafil\b \bpenis enlargement\b \bxxx\b \bporn\b
- systemctl restart rspamd
Dovecot: Maildir + Auth
- vi /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir
namespace inbox {
inbox = yes
}
- vi /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = no auth_mechanisms = plain auth_username_format = %n !include auth-system.conf.ext
- vi /etc/dovecot/conf.d/auth-system.conf.ext
passdb {
driver = passwd
}
userdb {
driver = passwd
}
Dovecot: LMTP
- vi /etc/dovecot/conf.d/20-lmtp.conf
protocol lmtp {
mail_plugins = sieve
}
- vi /etc/dovecot/conf.d/10-master.conf
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
}
Dovecot: Sieve (serverseitig, immer aktiv)
- mkdir -p /var/lib/dovecot/sieve
- vi /var/lib/dovecot/sieve/spam-to-junk.sieve
require ["fileinto"];
if header :contains "X-Spam-Status" "Yes" {
fileinto "INBOX.Junk";
stop;
}
- vi /etc/dovecot/conf.d/90-sieve.conf
plugin {
sieve = ~/.dovecot.sieve
sieve_before = /var/lib/dovecot/sieve/spam-to-junk.sieve
}
- sievec /var/lib/dovecot/sieve/spam-to-junk.sieve
Maildir für User
- maildirmake.dovecot /home/USERNAME/Maildir
- chown -R USERNAME:USERNAME /home/USERNAME/Maildir
Neustart
- systemctl restart dovecot
- systemctl restart postfix
Test
- echo -e "From: a@b\nTo: USERNAME@example.de\nSubject: test\n\nviagra" | sendmail USERNAME@example.de
- Ergebnis
- rspamd markiert Spam
- Postfix akzeptiert
- Dovecot LMTP stellt zu
- Sieve legt Mail nach INBOX.Junk