### Install and Enable Redis Server Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/quickstart.md Install the Redis server package and ensure it starts on boot. ```bash sudo apt install redis-server sudo systemctl start redis-server sudo systemctl enable redis-server ``` -------------------------------- ### Install and Start Backend Source: https://github.com/rspamd/docs.rspamd.com/blob/master/search-backend/README.md These bash commands are used to install dependencies and start the Rspamd Search Backend locally for development. ```bash cd search-backend npm install npm start ``` -------------------------------- ### Secure Controller Setup Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/administration/rspamadm/cryptography.md Demonstrates generating a keypair for controller authentication, extracting the public key, and configuring it in `rspamd.conf`. This is used for encrypting controller passwords. ```bash # Generate keypair for controller rspamadm keypair -o controller.key # Extract public key for workers grep 'pubkey' controller.key # Configure in rspamd.conf # controller { # password = "$2$"; # } ``` -------------------------------- ### Start p0f daemon Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/p0f.md Example command to start the p0f daemon listening on a specified network interface and Unix socket. ```bash p0f -i eth0 -s /var/run/p0f.sock ``` -------------------------------- ### Interactive Security Setup Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/administration/rspamadm/cryptography.md Initiates an interactive setup process for Rspamd security. This script serves as a starting point for guiding users through security configurations. ```bash #!/bin/bash # Interactive setup for Rspamd security echo "=== Rspamd Security Setup ===" ``` -------------------------------- ### Install Rspamd on FreeBSD Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/getting-started/installation.md Installs Rspamd and Redis using pkg. Enables and starts the services. ```bash # Install from ports sudo pkg install rspamd redis # Enable services sudo sysrc rspamd_enable="YES" sudo sysrc redis_enable="YES" # Start services sudo service rspamd start sudo service redis start ``` -------------------------------- ### Run Rspamd interactive setup wizard Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/administration/rspamadm/configuration.md Initiates the `rspamadm configwizard` command, which guides the user through an interactive setup process for Rspamd, covering essential configurations like Redis, controller password, DKIM, logging, and workers. ```bash # Start interactive wizard rspamadm configwizard ``` -------------------------------- ### Docker Quick Start for Rspamd Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/getting-started/index.md Run Rspamd in a Docker container for quick setup and testing. Mount local directories for persistent configuration and data. ```bash docker run -d --name rspamd \ -p 11334:11334 -p 11332:11332 \ -v $(pwd)/config:/etc/rspamd/local.d \ -v $(pwd)/data:/var/lib/rspamd \ rspamd/rspamd:latest ``` -------------------------------- ### Robot Framework Keywords for Rspamd Setup and Teardown Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/writing_tests.md Implements the setup and teardown procedures for Rspamd tests. 'Rbl Setup' starts Rspamd with a specific configuration, while 'Rbl Teardown' ensures all processes are terminated. ```robotframework *** Keywords *** Rbl Setup ${PLUGIN_CONFIG} = Get File ${TESTDIR}/configs/rbl.conf Set Suite Variable ${PLUGIN_CONFIG} Generic Setup PLUGIN_CONFIG Rbl Teardown Normal Teardown Terminate All Processes kill=True ``` -------------------------------- ### Map File Examples Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/multimap_guide.md Example content for domain and recipient map files used by multimap configurations. ```bash # /etc/rspamd/maps/trusted_domains.map example.com partner-company.org bank.com # /etc/rspamd/maps/blocked_domains.map spam-domain.com phishing-site.net malware-host.org # /etc/rspamd/maps/blocked_recipients.map spam-trap@yourdomain.com honeypot@yourdomain.com ``` -------------------------------- ### Install stunnel package Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/stunnel_setup.md Install the stunnel package on FreeBSD using pkg. ```sh # pkg install stunnel ``` -------------------------------- ### Install Redis package Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/redis_replication.md Installs the Redis package on FreeBSD. This is the initial step for setting up Redis instances. ```sh # pkg install redis ``` -------------------------------- ### Start and Enable Grafana Service Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/clickhouse_analytics.md Starts the Grafana server and configures it to start automatically on boot. ```bash sudo systemctl start grafana-server sudo systemctl enable grafana-server ``` -------------------------------- ### Local Multimap Configuration Setup Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/multimap.md Example configuration for setting up local blacklists and whitelists for IP, sender, and recipient addresses in Rspamd. ```hcl # local.d/multimap.conf # Blacklists local_bl_ip { type = "ip"; map = "$LOCAL_CONFDIR/local.d/local_bl_ip.map.inc"; symbol = "LOCAL_BL_IP"; description = "Local ip blacklist";score = 3;} local_bl_from { type = "from"; map = "$LOCAL_CONFDIR/local.d/local_bl_from.map.inc"; symbol = "LOCAL_BL_FROM"; description = "Local from blacklist";score = 3;} local_bl_rcpt { type = "rcpt"; map = "$LOCAL_CONFDIR/local.d/local_bl_rcpt.map.inc"; symbol = "LOCAL_BL_RCPT"; description = "Local rcpt blacklist";score = 3;} # Whitelists local_wl_ip { type = "ip"; map = "$LOCAL_CONFDIR/local.d/local_wl_ip.map.inc"; symbol = "LOCAL_WL_IP"; description = "Local ip whitelist";score = -5;} local_wl_from { type = "from"; map = "$LOCAL_CONFDIR/local.d/local_wl_from.map.inc"; symbol = "LOCAL_WL_FROM"; description = "Local from whitelist";score = -5;} local_wl_rcpt { type = "rcpt"; map = "$LOCAL_CONFDIR/local.d/local_wl_rcpt.map.inc"; symbol = "LOCAL_WL_RCPT"; description = "Local rcpt whitelist";score = -5;} ``` -------------------------------- ### Start and Enable Rspamd Service Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/quickstart.md Start the Rspamd service, enable it to run on boot, and check its status. ```bash sudo systemctl start rspamd sudo systemctl enable rspamd sudo systemctl status rspamd ``` -------------------------------- ### Install ClickHouse Server and Client Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/clickhouse_analytics.md Installs the ClickHouse server and client on Ubuntu/Debian systems by adding the official repository and using apt-get. ```bash sudo apt-get install -y apt-transport-https ca-certificates dirmngr sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 8919F6BD2B48D754 echo "deb https://packages.clickhouse.com/deb stable main" | sudo tee \ /etc/apt/sources.list.d/clickhouse.list sudo apt-get update sudo apt-get install -y clickhouse-server clickhouse-client sudo systemctl start clickhouse-server sudo systemctl enable clickhouse-server ``` -------------------------------- ### Setup and Test Rspamd Settings Server Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/settings.md Provides commands to install necessary Python dependencies, run a local settings server, and test its functionality using curl with different JSON payloads for user and domain lookups. ```bash # Install dependencies pip install flask msgpack # Run the server python3 settings_server.py # Test with curl curl -X POST http://localhost:8080/settings \ -H "Content-Type: application/json" \ -d '{"user": "user@example.com", "domain": "example.com"}' # Test domain-only lookup curl -X POST http://localhost:8080/settings \ -H "Content-Type: application/json" \ -d '{"domain": "spam.domain.com"}' ``` -------------------------------- ### Complete Dynamic User Settings Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/settings.md A full configuration example for dynamic user settings using an HTTP external map. It defines a rule with a specific ID and priority. ```hcl # local.d/settings.conf dynamic_user_settings { id = "dynamic_user_settings"; priority = medium; authenticated = yes; external_map = { map = { external = true; backend = "http://settings-api.example.com/user-settings"; method = "body"; encode = "json"; timeout = 2.0; } # Creates key-value pairs: {user: "username", ip: "client_ip"} selector = "id('user');user;id('ip');ip"; } } ``` -------------------------------- ### Install Rspamd on NetBSD Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Install Rspamd on NetBSD using pkgsrc by navigating to the directory and running make install. ```bash cd /usr/pkgsrc/mail/rspamd && make install ``` -------------------------------- ### Example ASN Configuration Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/asn.md An example configuration file for the ASN module, demonstrating how to set the provider type, DNS servers, symbol name, and local IP checking behavior. ```hcl # local.d/asn.conf # Provider type (only "rspamd" currently supported) provider_type = "rspamd"; # DNS servers for lookups provider_info { ip4 = "asn.rspamd.com"; ip6 = "asn6.rspamd.com"; } # Symbol name for results symbol = "ASN"; # Skip lookups for local IPs (default) check_local = false; ``` -------------------------------- ### Client Sends Request (Complete Example) Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/encryption.md An example of a complete client request, showing the HTTP method, headers, and the structure of the encrypted payload. ```http POST /checkv2 HTTP/1.1 Host: rspamd.example.com Content-Type: application/octet-stream Content-Length: 1540 Key: kbr3m=k4nz984k36xmcynm1hr9kdbn6jhcxf4ggbrb1quay7f88rpm9kay <24-byte nonce><16-byte tag><1500 bytes encrypted inner request> ``` -------------------------------- ### Install and Prepare HashiCorp Vault Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/dkim_signing_guide.md This section covers downloading, installing, and setting up the necessary directories and user for HashiCorp Vault. Adjust the Vault version in the `curl` command as needed. ```bash # Download and install Vault (adjust version as needed) curl -O https://releases.hashicorp.com/vault/1.15.0/vault_1.15.0_linux_amd64.zip unzip vault_1.15.0_linux_amd64.zip sudo mv vault /usr/local/bin/ # Create vault user and directories sudo useradd --system --home /etc/vault --shell /bin/false vault sudo mkdir -p /etc/vault /opt/vault/data sudo chown vault:vault /etc/vault /opt/vault/data ``` -------------------------------- ### Complete Domain Specific Settings Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/settings.md A full configuration example for domain-specific settings using a CDB external map. It defines a rule with low priority. ```hcl # Settings based on sender domain and recipient count domain_specific_settings { priority = low; external_map = { map = { external = true; cdb = "/etc/rspamd/domain_settings.cdb"; } # Creates key-value pairs: {domain: "example.com", rcpt_count: "2"} selector = "id('domain');from('smtp'):domain;id('rcpt_count');rcpts:addr.len"; } } ``` -------------------------------- ### Install Rspamd Experimental Packages on Debian/Ubuntu Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Installs Rspamd using the experimental APT repository. Replace `apt-stable` with `apt` in the repository URL. Ensure prerequisites are installed and the GPG key and repository are added correctly. ```bash # Install prerequisites sudo apt-get update sudo apt-get install -y lsb-release wget gpg # Add GPG key sudo mkdir -p /etc/apt/keyrings wget -O- https://rspamd.com/apt-stable/gpg.key | gpg --dearmor | sudo tee /etc/apt/keyrings/rspamd.gpg > /dev/null # Add experimental repository CODENAME=$(lsb_release -c -s) echo "deb [signed-by=/etc/apt/keyrings/rspamd.gpg] http://rspamd.com/apt/ $CODENAME main" | sudo tee /etc/apt/sources.list.d/rspamd.list echo "deb-src [signed-by=/etc/apt/keyrings/rspamd.gpg] http://rspamd.com/apt/ $CODENAME main" | sudo tee -a /etc/apt/sources.list.d/rspamd.list # Install sudo apt-get update sudo apt-get --no-install-recommends install rspamd ``` -------------------------------- ### Install Rspamd on Gentoo Linux Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Installs Rspamd from the main Portage repository on Gentoo Linux using the `emerge` command. ```bash emerge mail-filter/rspamd ``` -------------------------------- ### Install Rspamd on FreeBSD Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Use pkg install for Rspamd on FreeBSD. For experimental versions, use rspamd-devel. ```bash pkg install rspamd ``` -------------------------------- ### Plugin Configuration Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/guides/configuration/tool-selection.md Example configuration for a custom Rspamd plugin, enabling it and setting a threshold. This configuration is typically placed in `/etc/rspamd/local.d/.conf`. ```hcl # /etc/rspamd/local.d/my_plugin.conf enabled = true; threshold = 5; ``` -------------------------------- ### Server Responds (Complete Example) Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/encryption.md An example of a complete server response, detailing the HTTP status, headers, and the encrypted response payload. ```http HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 556 <24-byte nonce><16-byte tag><500 bytes encrypted JSON response> ``` -------------------------------- ### Install Rspamd on macOS Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Install Rspamd on macOS using MacPorts, followed by loading the service. ```bash sudo port install rspamd sudo port load rspamd ``` -------------------------------- ### Response Format Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/settings.md Example of the expected UCL data format for settings returned by an external map. ```json { "symbols": { "CUSTOM_SYMBOL": 10.0 }, "actions": { "reject": 15.0 }, "subject": "SPAM: %s" } ``` -------------------------------- ### Install Grafana Server Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/clickhouse_analytics.md Installs the Grafana server package on Debian/Ubuntu systems. Ensure you have necessary permissions. ```bash sudo apt-get install -y software-properties-common sudo add-apt-repository "deb https://packages.grafana.com/oss/deb stable main" wget -q -O - https://packages.grafana.com/gpg.key | sudo apt-key add - sudo apt-get update sudo apt-get install grafana ``` -------------------------------- ### Start Redis service on master Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/redis_replication.md Starts the Redis service on the master host. This command should be run after all master configurations are complete. ```sh # service redis start ``` -------------------------------- ### Corporate Email Processing Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/administration/rspamadm/email-manipulation.md Example demonstrating adding custom headers and both text/HTML footers for corporate email processing. Uses command substitution for the date. ```bash # Add compliance headers and footers rspamadm mime modify \ -a "X-Scanned-By: Rspamd" \ -a "X-Scan-Date: $(date -u +%Y-%m-%d)" \ -t corporate-footer.txt \ -H corporate-footer.html \ message.eml > processed.eml ``` -------------------------------- ### Complete Rspamd Milter Configuration Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/protocol.md An example Rspamd configuration demonstrating the use of `add_headers` with JSON-encoded values and `remove_headers` with a negative order. ```json { "milter": { "add_headers": { "ArcMessageSignature": { "value": "some_value with JSON\nencoded values", "order": 0 }, }, "remove_headers": { "DKIM-Signature": -1 } } } ``` -------------------------------- ### Start Development Server Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/site_contributing.md Run the local development server to preview documentation changes. The site will auto-reload. ```bash npm start ``` -------------------------------- ### Add Rspamd Repository on CentOS/RHEL Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/getting-started/installation.md Installs the Rspamd YUM/DNF repository and then installs Rspamd and Redis. Starts and enables the services. ```bash # Add Rspamd repository curl -sSL https://rspamd.com/rpm-stable/centos-8/rspamd.repo | \ sudo tee /etc/yum.repos.d/rspamd.repo # Install Rspamd and Redis sudo dnf install rspamd redis # Start and enable services sudo systemctl start rspamd redis sudo systemctl enable rspamd redis ``` -------------------------------- ### Build and Serve Production Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/site_contributing.md Build the static site for production and serve it locally to test the final output. ```bash npm run build npm run serve ``` -------------------------------- ### Nginx-like vs JSON Configuration Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/ucl.md Demonstrates equivalent configurations in Nginx-like syntax and JSON format. ```hcl param = value; section { param = value; param1 = value1; flag = true; number = 10k; time = 0.2s; string = "something"; subsection { host = { host = "hostname"; port = 900; } host = { host = "hostname"; port = 901; } } } ``` ```json { "param": "value", "param1": "value1", "flag": true, "subsection": { "host": [ { "host": "hostname", "port": 900 }, { "host": "hostname", "port": 901 } ] } } ``` -------------------------------- ### Manual Testing with curl Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/controller_endpoints.md Examples of how to test Rspamd controller endpoints using curl for simple GET, authenticated GET, and POST requests with JSON data. ```bash # Test simple endpoint curl "http://localhost:11334/plugins/example/hello?param=value" ``` ```bash # Test with authentication curl -H "Password: your-password" \ "http://localhost:11334/plugins/example/data" ``` ```bash # Test POST with JSON curl -X POST \ -H "Content-Type: application/json" \ -H "Password: your-password" \ -d '{"key": "value"}' \ "http://localhost:11334/plugins/example/process" ``` -------------------------------- ### HCL Configuration Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/faq.md Demonstrates how `local.d` merges with default configuration, while `override.d` replaces it. Shows the resulting configuration after applying changes from `local.d/example.conf`. ```hcl example { option1 = "value"; option2 = true; } ``` ```hcl option2 = false; option3 = 1.0; ``` ```hcl example { option1 = "value"; # From default option2 = false; # From local.d option3 = 1.0; # From local.d } ``` ```hcl example { option2 = false; # Only override.d content option3 = 1.0; } ``` -------------------------------- ### Length Filter Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/templates.md Use the `length` filter to get the number of elements in a string or table. Example: `{= items|length =}`. ```rspamd-template {= items|length =} ``` -------------------------------- ### Absolute Value Filter Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/templates.md Use the `abs` filter to get the absolute value of a number. Example: `{= -5|abs =}` results in `5`. ```rspamd-template {= -5|abs =} ``` -------------------------------- ### String Representation Filter Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/templates.md Use the `string` filter to get the string representation of a value. Example: `{= {1,2}|string =}` results in `{1, 2}`. ```rspamd-template {= {1,2}|string =} ``` -------------------------------- ### Example Configuration for Custom SA Rules Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/multimap.md This example shows a complete configuration for the multimap module using 'regexp_rules' and provides a sample 'sa_rules.cf' file with various rule types including header, body, URI, selector, meta, description, and score rules. ```ucl multimap { # Main SA rules CUSTOM_SA_CHECKS { type = "regexp_rules"; map = "file:///etc/rspamd/custom_sa.cf"; description = "Custom SpamAssassin rules"; } } ``` ```regexp # Header checks header SUSPICIOUS_SUBJECT Subject =~ /urgent|winner|lottery/i header FROM_SUSPICIOUS From =~ /noreply@.+\.tk$/i # Body checks body BODY_SUSPICIOUS /click.*here.*now/i body BODY_MONEY /\$\d+,?\d*\s*(million|thousand)/i # URI checks uri URI_SUSPICIOUS /bit\.ly|tinyurl|goo\.gl/i # Selector checks selector FROM_CORP from:domain =~ /corp\.example$/i # Meta combinations meta SPAM_LIKELY SUSPICIOUS_SUBJECT & BODY_SUSPICIOUS meta PHISH_LIKELY FROM_SUSPICIOUS & URI_SUSPICIOUS meta MONEY_SCAM BODY_MONEY & URI_SUSPICIOUS # Descriptions describe SUSPICIOUS_SUBJECT Detects urgent/lottery type subjects describe BODY_SUSPICIOUS Detects click-here type body content describe SPAM_LIKELY Combination of suspicious subject and body describe PHISH_LIKELY Suspicious sender with URL shorteners describe MONEY_SCAM Money-related content with suspicious URLs # Scores score SUSPICIOUS_SUBJECT 1.5 score BODY_SUSPICIOUS 2.0 score SPAM_LIKELY 5.0 score PHISH_LIKELY 7.0 score MONEY_SCAM 8.5 ``` -------------------------------- ### Redis Cache Get Endpoint Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/controller_endpoints.md An example endpoint that retrieves data from Redis using a specified cache key. Requires Redis to be configured. ```APIDOC ## POST /cache/get ### Description Retrieves data from a Redis cache using a provided cache key. This endpoint requires Redis to be configured in `controller_redis`. ### Method POST ### Endpoint /cache/get ### Parameters #### Query Parameters - **cache_key** (string) - Required - The key to retrieve from the Redis cache. ### Request Example ```json { "example": "POST /cache/get?cache_key=user_data:123" } ``` ### Response #### Success Response (200) - **success** (boolean) - Indicates if the request was successful. - **data** (any) - The data retrieved from Redis. #### Error Response (503) - **error** (string) - Message indicating that Redis is not available. #### Error Response (500) - **error** (string) - Message indicating a Redis error occurred. #### Response Example ```json { "example": { "success": true, "data": { "field1": "value1", "field2": 100 } } } ``` ``` -------------------------------- ### Trie Configuration Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/trie.md This example demonstrates how to configure the Trie plugin with different rule definitions. It shows how to specify patterns from a file or inline, and set search modes like raw message or decoded body. ```hcl trie { # Each subsection defines a single rule with associated symbol SYMBOL1 { # Define rules in the file (it is *NOT* a map) file = "/some/path"; # Raw rules search within the whole undecoded messages raw = true; # If we have multiple occurrences of strings from this rule # then we insert a symbol multiple times multi = true; } SYMBOL2 { patterns = [ "pattern1", "pattern2", "pattern3" ] } SYMBOL3 { # Search within decoded message body parts body = true; patterns = [ "pattern4" ] } } ``` -------------------------------- ### GET /status Response Body Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/search-backend/README.md This JSON response provides information about the Elasticsearch index status, including the index name, document count, and size. ```json { "index": "rspamd-docs", "documentCount": 150, "indexSize": 2048576, "status": "available" } ``` -------------------------------- ### Basic Deployment Pattern Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/about/features.md Illustrates a single-server deployment for low message volumes, combining proxy, normal, and controller workers with Redis. ```text MTA → Rspamd (proxy + normal + controller) → Redis ``` -------------------------------- ### GET /health Response Body Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/search-backend/README.md This JSON response indicates the health status of the Rspamd Search Backend service. It includes a status, timestamp, and the service name. ```json { "status": "ok", "timestamp": "2024-01-01T12:00:00.000Z", "service": "rspamd-search-backend" } ``` -------------------------------- ### Functional Testing with Lua Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/controller_endpoints.md Demonstrates how to write functional tests for Rspamd controller endpoints using the `rspamd_http` Lua module. Includes examples for GET and POST requests with assertions on the response. ```lua -- test/functional/lua/controller_test.lua local rspamd_http = require "rspamd_http" local function test_custom_endpoint() local function http_callback(err, response) if err then error("HTTP request failed: " .. err) end -- Assert expected response assert(response.code == 200) assert(response.content:match("success")) end rspamd_http.request({ url = "http://127.0.0.1:11334/plugins/example/hello", method = "GET", headers = { ["Content-Type"] = "application/json", ["Password"] = "test_password" -- Add authentication if needed }, callback = http_callback, task = task, -- Pass task if available timeout = 5.0, }) end -- Example with POST data local function test_custom_post_endpoint() local function http_callback(err, response) if err then error("HTTP POST failed: " .. err) end local ucl = require "ucl" local parser = ucl.parser() parser:parse_string(response.content) local data = parser:get_object() assert(data.success == true) assert(data.processed_count > 0) end rspamd_http.request({ url = "http://127.0.0.1:11334/plugins/example/process", method = "POST", headers = { ["Content-Type"] = "application/json", ["Password"] = "enable_password" -- Privileged endpoint }, body = require("ucl").to_format({ items = {"item1", "item2", "item3"}, operation = "batch_process" }, "json"), callback = http_callback, task = task, timeout = 10.0, }) end ``` -------------------------------- ### MID Module Configuration Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/mid.md This snippet shows the basic configuration for the MID module, specifying the path to the source map file. ```hcl mid = { source = "${CONFDIR}/mid.inc"; } ``` -------------------------------- ### Configure Redis for Controller Endpoints Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/controller_endpoints.md Initialize and use Redis within controller endpoints by requiring `lua_redis` and configuring connection parameters at the module level. This example demonstrates fetching data from Redis using a GET request. ```lua -- local.d/controller.lua local lua_redis = require "lua_redis" -- Redis configuration initialization local redis_params = nil local function init_redis() local opts = rspamd_config:get_all_opt('controller_redis') if opts then redis_params = lua_redis.parse_redis_server('controller_redis') end end -- Initialize Redis when module loads init_redis() local function handle_redis_data(task, conn, req_params) if not redis_params then conn:send_error(503, "Redis not available") return end local attrs = { task = task, callback = function(err, data) if err then conn:send_error(500, "Redis error: " .. err) else conn:send_ucl({ success = true, data = data }) end end, is_write = false, key = req_params.cache_key } lua_redis.request(redis_params, attrs, {'GET', req_params.cache_key}) end return { cache = { get = { handler = handle_redis_data, enable = false, need_task = false, } } } ``` -------------------------------- ### Validated Docker Configuration Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/templates.md This HCL snippet demonstrates using Rspamd's template filters for validating environment variables in a Dockerized setup, including mandatory checks, numeric and duration parsing, and JSON parsing for configuration. ```hcl # Crash at startup if critical vars are missing password = "{= env.PASSWORD | mandatory("Set RSPAMD_PASSWORD") | pbkdf =}"; # Validate and use numeric input {%- set spam_threshold = env.SPAM_THRESHOLD | default "15" | require_number("SPAM_THRESHOLD must be a number") %} actions { reject = {= spam_threshold =}; } # Parse JSON array from env and iterate {%- set disabled = env.DISABLED_MODULES | default '[]' | fromjson %} {%- for mod in disabled %} {= mod =} { enabled = false; } {%- endfor %} # Duration parsing {%- set greylist_time = env.GREYLIST_EXPIRE | default "10min" | require_duration %} greylist { expire = {= greylist_time =}; } ``` -------------------------------- ### Install Rspamd on Ubuntu/Debian Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/quickstart.md Add the Rspamd repository and install the package. Ensure you have curl installed. ```bash curl https://rspamd.com/apt-stable/gpg.key | sudo apt-key add - echo "deb https://rspamd.com/apt-stable/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/rspamd.list sudo apt update sudo apt install rspamd ``` -------------------------------- ### Configure DCC Daemon Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/external_services.md Steps to configure and start the DCC daemon. Ensure DCCIFD_ENABLE is set to 'on' and adjust DCCM_REJECT_AT and DCCM_LOG_AT as needed. Optionally, configure DCC to listen on a TCP socket. ```bash DCCIFD_ENABLE=on DCCM_LOG_AT=NEVER DCCM_REJECT_AT=MANY DCCIFD_ARGS="-SHELO -Smail_host -SSender -SList-ID -p *,10045,127.0.0.0/8" /var/dcc/libexec/rcDCC start ``` -------------------------------- ### Install Rspamd Prerequisites on Ubuntu/Debian Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/index.md These commands install the necessary prerequisites for Rspamd package installation on Ubuntu/Debian-based systems. ```bash sudo apt install -y apt-transport-https ca-certificates curl gnupg ``` -------------------------------- ### Example Rspamd Settings Configuration Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/configuration/settings.md Demonstrates a complex settings configuration with multiple rules including 'some_users', 'whitelist', and 'authenticated'. Shows usage of priority, matching conditions like 'from', 'rcpt', 'ip', 'authenticated', and 'request_header', as well as 'apply' actions for symbols, actions, and disabled groups. ```hcl # local.d/settings.conf some_users { id = "some_users"; priority = high; from = "@example.com"; rcpt = "admin"; rcpt = "/user.*/"; ip = "172.16.0.0/16"; user = "@example.net"; request_header = { "MTA-Tag" = "\.example\.net$"; } apply { symbol1 = 10.0; symbol2 = 0.0; actions { reject = 100.0; greylist = null; # Disable greylisting (from 1.8.1) "add header" = 5.0; # Please note the space, NOT an underscore } } # Always add these symbols when settings rule has matched symbols [ "symbol2", "symbol4" ] } whitelist { priority = low; rcpt = "postmaster@example.com"; want_spam = yes; } # Disable some checks for authenticated users authenticated { priority = high; authenticated = yes; apply { groups_disabled = ["rbl", "spf"]; } } ``` -------------------------------- ### Verify Rspamd Installation Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/index.md Checks the status of the Rspamd service and its installed version. Use this after installation to confirm it's running correctly. ```bash sudo systemctl status rspamd rspamd --version ``` -------------------------------- ### Install EPEL Repository on RHEL-based Systems Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Installs the Extra Packages for Enterprise Linux (EPEL) repository, which is a prerequisite for installing Rspamd on RHEL-compatible distributions. ```bash sudo dnf install epel-release ``` -------------------------------- ### URL Composition Map Examples Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/rbl.md Provides examples of entries for a URL composition map, demonstrating wildcard, exclusion, and specific component matching. Used to define custom hostname composition rules. ```text *.dirty.sanchez.com !not.dirty.sanchez.com 41.black.sanchez.com ``` -------------------------------- ### Install Rspamd Stable Packages on Debian/Ubuntu Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Installs Rspamd using the stable APT repository. Ensure prerequisites are installed and the GPG key and repository are added correctly. ```bash # Install prerequisites sudo apt-get update sudo apt-get install -y lsb-release wget gpg # Add GPG key sudo mkdir -p /etc/apt/keyrings wget -O- https://rspamd.com/apt-stable/gpg.key | gpg --dearmor | sudo tee /etc/apt/keyrings/rspamd.gpg > /dev/null # Add repository CODENAME=$(lsb_release -c -s) echo "deb [signed-by=/etc/apt/keyrings/rspamd.gpg] http://rspamd.com/apt-stable/ $CODENAME main" | sudo tee /etc/apt/sources.list.d/rspamd.list echo "deb-src [signed-by=/etc/apt/keyrings/rspamd.gpg] http://rspamd.com/apt-stable/ $CODENAME main" | sudo tee -a /etc/apt/sources.list.d/rspamd.list # Install sudo apt-get update sudo apt-get --no-install-recommends install rspamd ``` -------------------------------- ### Install Rspamd Debug Symbols on RHEL-based Systems Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Installs debug symbols for Rspamd, useful for crash debugging. Install `rspamd-debuginfo` for the standard package or `rspamd-asan-debuginfo` for the ASAN version. ```bash sudo dnf install rspamd-debuginfo # or for ASAN sudo dnf install rspamd-asan-debuginfo ``` -------------------------------- ### Async DNS Lookup Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/developers/architecture.md Demonstrates how to perform an asynchronous DNS lookup using Rspamd's session management. It involves registering an event, initiating the query, and handling the response in a callback. ```c // Register async event session_event = rspamd_session_add_event(task->s, dns_callback, task, "dns"); // Start DNS query rdns_make_request_full(resolver, dns_callback, task, timeout, max_retries, query, type); // When DNS response arrives, dns_callback is invoked void dns_callback(struct rdns_reply *reply, void *arg) { struct rspamd_task *task = arg; // Process DNS reply process_dns_result(task, reply); // Remove event from session (may trigger finalization) rspamd_session_remove_event(task->s, session_event); } ``` -------------------------------- ### Install Rspamd Experimental Packages on RHEL/CentOS/AlmaLinux/Rocky Linux Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Installs Rspamd using the experimental RPM repository. The repository URL is determined by the EL version. Ensure EPEL is installed first. ```bash # Determine EL version and add experimental repository source /etc/os-release EL_VERSION=$(echo -n $PLATFORM_ID | sed "s/.*el//") sudo curl -o /etc/yum.repos.d/rspamd.repo https://rspamd.com/rpm/centos-${EL_VERSION}/rspamd-experimental.repo # Install sudo dnf install rspamd ``` -------------------------------- ### Install Rspamd Stable Packages on RHEL/CentOS/AlmaLinux/Rocky Linux Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Installs Rspamd using the stable RPM repository. The repository URL is determined by the EL version. Ensure EPEL is installed first. ```bash # Determine EL version and add repository source /etc/os-release EL_VERSION=$(echo -n $PLATFORM_ID | sed "s/.*el//") sudo curl -o /etc/yum.repos.d/rspamd.repo https://rspamd.com/rpm-stable/centos-${EL_VERSION}/rspamd.repo # Install sudo dnf install rspamd ``` -------------------------------- ### Complete DKIM Setup for New Domain Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/administration/rspamadm/dkim-management.md Generates a new DKIM key for a domain, sets permissions, and displays the DNS record. Includes an optional step to test signing with a sample message. ```bash #!/bin/bash DOMAIN="newdomain.com" SELECTOR="mail" KEY_DIR="/etc/rspamd/dkim" mkdir -p "$KEY_DIR" # Generate key echo "Generating DKIM key for $DOMAIN..." rspamadm dkim_keygen -d "$DOMAIN" -s "$SELECTOR" -b 2048 \ -k "$KEY_DIR/$DOMAIN.key" > "$KEY_DIR/$DOMAIN.dns" # Set permissions chmod 600 "$KEY_DIR/$DOMAIN.key" chown rspamd:rspamd "$KEY_DIR/$DOMAIN.key" # Show DNS record echo -e "\n=== Add this DNS record ===" cat "$KEY_DIR/$DOMAIN.dns" # Test signing (requires message.eml) if [ -f "test-message.eml" ]; then rspamadm mime sign -d "$DOMAIN" -s "$SELECTOR" \ -k "$KEY_DIR/$DOMAIN.key" test-message.eml > signed.eml echo -e "\nTest message signed successfully" fi ``` -------------------------------- ### From Address Multimap Configuration (File Backend) Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/modules/multimap.md Sets up a 'from' address multimap using a file backend for prefiltering actions like accepting emails. ```hcl SENDER_FROM_WHITELIST_USER { type = "from"; filter = "email:user"; extract_from = "smtp"; map = "file:///tmp/from.map"; action = "accept"; # Prefilter mode } ``` -------------------------------- ### Start and Initialize HashiCorp Vault Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/dkim_signing_guide.md These commands enable and start the Vault systemd service, set the Vault address environment variable, initialize the Vault, and unseal it using the generated keys. Remember to store the initialization keys securely. ```bash # Start Vault sudo systemctl enable vault sudo systemctl start vault # Set environment variables export VAULT_ADDR='http://127.0.0.1:8200' # Initialize Vault (save these keys securely!) vault operator init -key-shares=5 -key-threshold=3 # Unseal Vault with 3 of the 5 keys vault operator unseal vault operator unseal vault operator unseal # Authenticate with root token vault auth ``` -------------------------------- ### Install Node.js Dependencies Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/site_contributing.md Install the necessary Node.js packages for the Docusaurus project. ```bash npm install ``` -------------------------------- ### Configure Core Dump Directory and Pattern (FreeBSD) Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/faq.md Set up the core dump directory and pattern for FreeBSD systems to capture crash information. Requires root privileges. ```bash sysctl kern.corefile=/coreland/%N-%P.core sysctl kern.sugid_coredump=1 ``` -------------------------------- ### Install Rspamd on OpenBSD Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/downloads.mdx Install Rspamd on OpenBSD using the pkg_add command. ```bash pkg_add rspamd ``` -------------------------------- ### Lua Code Example Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/site_contributing.md Example of Lua code highlighting within a Markdown document. ```lua -- Lua example local function example() return "Hello, Rspamd!" end ``` -------------------------------- ### Run Rspamd Configuration Wizard Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/quickstart.md Command to launch the interactive Rspamd configuration wizard. ```bash sudo rspamadm configwizard ``` -------------------------------- ### Get Help on Rspamd Configuration Options Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/administration/rspamadm/configuration.md Use `rspamadm confighelp` to display documentation for configuration options, including available settings for specific modules or individual options. This is useful for discovering configurable parameters and understanding their usage. ```bash # Show all configuration options rspamadm confighelp | less ``` ```bash # Show options for specific module rspamadm confighelp dkim_signing ``` ```bash # Show worker options rspamadm confighelp worker ``` ```bash # Show classifier options rspamadm confighelp classifier ``` ```bash # Show details about specific option rspamadm confighelp dkim_signing.selector ``` ```bash # Show nested option rspamadm confighelp surbl.rule ``` ```bash # Show worker-specific option rspamadm confighelp worker-controller.password ``` ```bash # What can I configure in this module? rspamadm confighelp multimap | grep "^\s*[a-z]" ``` ```bash # Show all Redis options rspamadm confighelp redis ``` -------------------------------- ### Configuration Hierarchy Overview Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/getting-started/understanding-rspamd.md Illustrates the layered configuration system in Rspamd, emphasizing the use of `local.d/` for customizations to merge settings with defaults. ```text /etc/rspamd/rspamd.conf (main config, rarely edited) ├── /etc/rspamd/modules.d/ (module defaults) │ ├── local.d/ (merge with defaults) ← Your changes here │ └── override.d/ (replace defaults) ← Advanced only └── /etc/rspamd/local.d/ (global overrides) └── actions.conf (action thresholds) ``` -------------------------------- ### Start stunnel service Source: https://github.com/rspamd/docs.rspamd.com/blob/master/docs/tutorials/stunnel_setup.md Start the stunnel service on both client and server machines to establish the encrypted tunnels. ```sh # service stunnel start ```