The mail/rspamd port

rspamd-3.2 – event-driven spam filtering system in C/Lua (cvsweb github mirror)


Rspamd is an advanced spam filtering system that allows evaluation of messages
by a number of rules including regular expressions, statistical analysis and
custom services such as URL black lists. Each message is analysed by rspamd and
given a spam score.

According to this spam score and the user's settings rspamd recommends an action
for the MTA to apply to the message- for example to pass, reject or add a
header. Rspamd is designed to process hundreds of messages per second
simultaneously and has a number of features available.

Some flavours are available, depending on the machine architecture:

	no_luajit	Disable luajit, available on all architectures
	(unflavoured)	Enable luajit, available on amd64/i386
	hyperscan	Use Intel's hyperscan library, available on amd64,
			requires certain CPU features.


| Running ${PKGSTEM} on OpenBSD


rspamd is very flexible and as a result configuration can be complex
if you feel like tweaking - you should certainly read the upstream
documentation rather than just trying to figure it out from the provided
configuration files! However the defaults are reasonable and in many
cases can be used as-is.

Unusually for OpenBSD packages, you should not normally edit the existing
files under /etc/rspamd. Instead, as directed by the headings at the
top of each file, files should be created under /etc/rspamd/local.d or
/etc/rspamd/override.d with your local changes. This will avoid the
chance of future package updates failing to update the standard system
configuration files with required changes.

The standard rspamd configuration has a certain spam score threshold
defined in actions.conf above which emails are greylisted. (Non-spammy
messages make it through without greylist; highly spammy messages are
blocked; medium-scoring messages are greylisted).

rspamd's greylisting requires a backend to store information about
attempts in order that senders can be whitelisted and the mail allowed
through. As some users had problems in the past if they didn't configure
rspamd to use redis themselves, this OpenBSD package provides
${SYSCONFDIR}/rspamd/local.d/redis.conf setup to use a redis server on
the local host by default to provide this store (so you will need
to have redis running as well as rspamd: "rcctl enable redis rspamd").
You are free to edit local.d/redis.conf to make changes as necessary
(i.e. the above warning about editing existing files doesn't apply

Integration with MTAs and using sockets
For OpenSMTPd, you can use the opensmtpd-filter-rspamd package which has its
own pkg-readme file.

The default setup uses network sockets on localhost, which can be used by any
local user. The official documentation goes on to explain how to configure ssl
and passwords to fix that problem, but a simpler option is using unix sockets.

This example is for Postfix - where we have to put the proxy socket in Postfix's
chroot - but it shouldn't be hard to adapt to other MTAs:

- in ${SYSCONFDIR}/rspamd/local.d/

    bind_socket = "/var/run/rspamd/controller_socket mode=0600 owner=_rspamd";

- in ${SYSCONFDIR}/rspamd/local.d/

    bind_socket = "/var/run/rspamd/normal_socket mode=0600 owner=_rspamd";

- in ${SYSCONFDIR}/rpsamd/local.d/

    bind_socket = "/var/spool/postfix/var/run/rspamd-milter.sock mode=0600 owner=_postfix";
    upstream "local" {
      default = yes;
      hosts = "/var/run/rspamd/normal_socket";

- and in ${SYSCONFDIR}/postfix/ use the chroot-relative path:

    smtpd_milters = unix:/var/run/rspamd-milter.sock
    non_smtpd_milters = unix:/var/run/rspamd-milter.sock
    milter_default_action = accept

Of course you can also use for standard


Stuart Henderson

Only for arches

aarch64 alpha amd64 arm hppa i386 mips64 mips64el powerpc powerpc64 riscv64 sparc64


lang/python mail

Library dependencies

Build dependencies

Run dependencies

Test dependencies

Reverse dependencies