Rspamd Keyword Filter
Version vom 14. Dezember 2025, 11:02 Uhr von Thomas.will (Diskussion | Beiträge)
Installation und Basisdienste
- apt update
- apt install rspamd dovecot-core dovecot-sieve
- systemctl enable --now rspamd
Controller-Passwort setzen
- Hash generieren
- rspamadm pw
- Konfiguration des Worker-Controllers
- vi /etc/rspamd/override.d/worker-controller.inc
password = "$2$DEIN_HASH_HIER";
enable_password = "$2$DEIN_HASH_HIER";
bind_socket = [
"*:11334",
"/run/rspamd/controller.sock"
];
- systemctl restart rspamd
Postfix-Integration
- postconf -e "smtpd_milters=inet:127.0.0.1:11332"
- postconf -e "non_smtpd_milters=inet:127.0.0.1:11332"
- postconf -e "milter_default_action=accept"
- postfix reload
Bayes-Filter aktivieren
- vi /etc/rspamd/local.d/classifier-bayes.conf
backend = "sqlite3"; path = "/var/lib/rspamd/bayes.sqlite"; min_tokens = 11; new_schema = true; autolearn = true;
- systemctl restart rspamd
IMAPSieve / Dovecot-Integration (Training über Mail-Verschieben)
- vi /etc/dovecot/conf.d/90-sieve.conf
plugin {
sieve_global_extensions = +vnd.dovecot.pipe
sieve_pipe_bin_dir = /usr/local/bin
}
- vi /etc/dovecot/conf.d/90-imapsieve.conf
plugin {
imapsieve = yes
sieve_plugins = sieve_imapsieve sieve_extprograms
imapsieve_mailbox1_name = Junk
imapsieve_mailbox1_causes = COPY APPEND
imapsieve_mailbox1_before = file:/var/lib/dovecot/sieve/report-spam.sieve
imapsieve_mailbox2_name = *
imapsieve_mailbox2_from = Junk
imapsieve_mailbox2_causes = COPY APPEND
imapsieve_mailbox2_before = file:/var/lib/dovecot/sieve/report-ham.sieve
}
- vi /etc/dovecot/conf.d/20-imap.conf
mail_plugins = $mail_plugins imap_sieve imap_filter_sieve
Automatisches Verschieben von Spam in den Junk-Ordner
- Globale Sieve-Regel konfigurieren*
- vi /etc/dovecot/conf.d/90-sieve.conf
plugin {
sieve_global_path = /var/lib/dovecot/sieve/spam-to-junk.sieve
sieve_global_extensions = +vnd.dovecot.pipe
sieve_pipe_bin_dir = /usr/local/bin
}
- Sieve-Skript für Spam-Verschiebung erstellen*
- vi /var/lib/dovecot/sieve/spam-to-junk.sieve
require ["fileinto"];
if header :contains "X-Spam" "Yes" {
fileinto "Junk";
stop;
}
- Sicherstellen, dass der Junk-Ordner existiert*
- Hinweis: Der "Junk"-Ordner muss in allen Postfächern vorhanden sein*
Sieve-Skripte bereitstellen
- mkdir -p /var/lib/dovecot/sieve
- chown -R dovecot:dovecot /var/lib/dovecot/sieve
- vi /var/lib/dovecot/sieve/report-spam.sieve
require ["vnd.dovecot.pipe", "copy", "imapsieve"]; pipe "rspamd-learn-spam";
- vi /var/lib/dovecot/sieve/report-ham.sieve
require ["vnd.dovecot.pipe", "copy", "imapsieve"]; pipe "rspamd-learn-ham";
Ausführbare Lernskripte für Rspamd
- vi /usr/local/bin/rspamd-learn-spam
#!/bin/sh exec /usr/bin/rspamc -h /run/rspamd/controller.sock learn_spam
- vi /usr/local/bin/rspamd-learn-ham
#!/bin/sh exec /usr/bin/rspamc -h /run/rspamd/controller.sock learn_ham
- chmod +x /usr/local/bin/rspamd-learn-*
Dovecot final neu starten
- rm -f /var/lib/dovecot/sieve/*.svbin
- systemctl restart dovecot
Rspamd-Funktionstest
- rspamc sollte Bayes anzeigen
- rspamc -h /run/rspamd/controller.sock stat
Manueller Test
- Einzelscan
- rspamc symbols < testmail.eml
- Manuelles Lernen
- rspamc -h /run/rspamd/controller.sock learn_spam < spam.eml
- rspamc -h /run/rspamd/controller.sock learn_ham < ham.eml