I'm using Rspamd as part of my MTA setup. For signing the outgoing mails, I decided to use OpenDKIM instead of Rspamd so I disabled the Rspamd's dkim_signing module. To accomplish this, I simply renamed

-shell
/etc/rspamd/modules.d/dkim_signing.conf to /etc/rspamd/modules.d/dkim_signing.conf.STOP

Now everything works as expected, the messages are signed by OpenDKIM, but where a message enters the system, I can see the following within the Rspamd logs:

; task; dkim_module_load_key_format: cannot load dkim key /var/lib/rspamd/dkim/example.com.dkim.key: cannot stat key file: '/var/lib/rspamd/dkim/example.com.dkim.key' No such file or directory

What is the problem here? Tried nothing more, I expected the DKIM signing functionality of Rspamd to be disabled.

I’ve inherited some systems that runs on the FreeBSD operating system and inside jails. Basically the services running are old versions of qmail, spamd, Dovecot, etc. None of the versions are up to date or even maintainable any more. At present we can’t move from these systems but I would at least like to be able to troubleshoot them. My question: Normally I would be able to run for example service qmail status and get some info about the top level process. How do I do this inside a jail? In the case of the qmail process I can use qmailctl but what would be the equivalent for spamd or Dovecot? Also how do you go about troubleshooting these types of services? The logs don’t really give a very good steer on what could be going wrong.

I get messages like this, but there is most likely no DNS spoofing and I use the DNS servers from the provider: monitored; rspamd_monitored_dns_cb: DNS reply returned 'no error' for list.dnswl.org while 'no records with this name' was expected when querying for '1.0.0.127.list.dnswl.org'(likely DNS spoofing or BL internal issues) I'm not sure if this is due a misconfiguration, if this is a real problem or if I can ignore it. What should I do?

I have configured Pyzor for rspamd following these instructions: https://www.rspamd.com/doc/modules/external_services.html#pyzor-specific-details The instructions also have some systemd configs for the socket and the service. Pyzor is now a socket activated service which is started at every connection. The problem is that systemd then creates a new directory for every run:

drw-------     (…) 08:30 pyzor@164673-127.0.0.1:5953-127.0.0.1:60656.service
drw-------     (…) 08:30 pyzor@164674-127.0.0.1:5953-127.0.0.1:60662.service
drw-------     (…) 08:30 pyzor@164675-127.0.0.1:5953-127.0.0.1:60676.service
drw-------     (…) 08:30 pyzor@164676-127.0.0.1:5953-127.0.0.1:60684.service
drw-------     (…) 08:30 pyzor@164677-127.0.0.1:5953-127.0.0.1:60694.service
drw-------     (…) 08:30 pyzor@164678-127.0.0.1:5953-127.0.0.1:60706.service

These directories are never deleted, and after a few days, /run runs out of inodes, preventing the creation of new Pyzor processes or any other process with an isolated namespace. How can I prevent this situation or reconfigure the unit to delete these directories after a certain period of time? The socket unit:

# /usr/lib/systemd/system/pyzor.socket

[Unit]
Description=Pyzor socket

[Socket]
ListenStream=127.0.0.1:5953
Accept=yes

[Install]
WantedBy=sockets.target

The service unit:

# /usr/lib/systemd/system/pyzor@.service

[Unit]
Description=Pyzor Socket Service
Requires=pyzor.socket

[Service]
Type=simple
ExecStart=-/usr/bin/pyzor check
StandardInput=socket
StandardError=journal
TimeoutStopSec=10

User=_rspamd
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
PrivateUsers=true
ProtectControlGroups=true
ProtectHome=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict

[Install]
WantedBy=multi-user.target

I am setting up rspamd. It seems to work quite effectively, however one thing I've noticed is this log entry in my rspamd.log every time I receive a message: > 2019-05-03 11:36:24 #13015(normal) ; task; bayes_classify: skip classification as ham class has not enough learns: 0, 200 required However, the number of learns (currently zero) does not appear to be going up. Is there something I should have done or configured to make it start learning?

I'm not sure if something similar has already been asked. I'm currently trying to push emails to our spam filter when they are moved to or out of the Junk folder so it can learn them as spam/ham. To do that I followed this guide: https://workaround.org/ispmail/stretch/filtering-out-spam-with-rspamd in the section "Learning from user actions". The sieve scripts are created following the instructions, they have been processed by sievec and permissions have been granted following the guide. The two shell scripts have also been created accordingly. The only real difference is that we don't have the user or group "vmail". I set it to dovecot:root which should be the counterpart of our system. So the folder looks like this: drwxr-xr-x 2 dovecot root 4,0K Mai 7 10:52 . drwxr-xr-x 3 root root 4,0K Jul 29 2019 .. -rw-r--r-- 1 dovecot root 85 Mai 7 10:47 learn-ham.sieve -rw-r--r-- 1 root root 246 Mai 7 10:47 learn-ham.svbin -rw-r--r-- 1 dovecot root 86 Mai 7 10:47 learn-spam.sieve -rw-r--r-- 1 root root 250 Mai 7 10:47 learn-spam.svbin -rw-r--r-- 1 dovecot root 509 Mär 16 13:57 mailfilter.sieve -rw-r--r-- 1 root root 398 Mai 6 18:02 mailfilter.svbin -rwx------ 1 dovecot root 41 Mai 7 10:52 rspamd-learn-ham.sh -rwx------ 1 dovecot root 42 Dez 14 10:42 rspamd-learn-spam.sh When the sieve script executes and is supposed to call the shell scripts, I get the following errors: Mai 12 17:16:28 mail dovecot: imap(user): Fatal: execvp(/etc/dovecot/sieve/global/rspamd-learn-spam.sh) failed: Permission denied Mai 12 17:16:28 mail dovecot: imap(user): Error: write(program stdin) failed: Broken pipe Mai 12 17:16:28 mail dovecot: imap(user): program `/etc/dovecot/sieve/global/rspamd-learn-spam.sh' terminated with non-zero exit code 84 Mai 12 17:16:28 mail dovecot: imap(user): Error: sieve: pipe action: failed to pipe message to program `rspamd-learn-spam.sh': refer to server log for more information. [2020-05-12 17:16:28] Mai 12 17:16:28 mail dovecot: imap(user): sieve: left message in mailbox 'Junk' Mai 12 17:16:28 mail dovecot: imap(user): Error: sieve: Execution of script /etc/dovecot/sieve/global/learn-spam.sieve failed Besides the fact that I have no clue what the "server log" refers to, I just can't figure out what exactly the problem is. Sure it seems like a permission error, but how could it be fixed? About our system: Debian 10.4 with dovecot 2.3.4.1 and pigeonhole 0.5.4 **EDIT:** I found one mistake: I had set the sieve_pipe_bin_dir to the wrong folder. It now points to the folder containing the two .sh files, but still I get those errors: Mai 22 15:40:06 mail dovecot: imap(user): Fatal: execvp(/etc/dovecot/sieve/global/rspamd-learn-spam.sh) failed: Permission denied Mai 22 15:40:06 mail dovecot: imap(user): Error: write(program stdin) failed: Broken pipe Mai 22 15:40:06 mail dovecot: imap(user): program `/etc/dovecot/sieve/global/rspamd-learn-spam.sh' terminated with non-zero exit code 84 Mai 22 15:40:06 mail dovecot: imap(user): Error: sieve: pipe action: failed to pipe message to program `rspamd-learn-spam.sh': refer to server log for more information. [2020-05-22 15:40:06] Mai 22 15:40:06 mail dovecot: imap(user): sieve: left message in mailbox 'Junk' Mai 22 15:40:06 mail dovecot: imap(user): Error: sieve: Execution of script /etc/dovecot/sieve/global/learn-spam.sieve failed No matter which owner I set (root:root or dovecot:root, the only other users that are not "human-users" would be something like _apt, bin, nslcd, daemon, dovenull or www-data) Any idea what could cause that? **EDIT2:** I now changed my approach by trying to pipe directly to rspamc. Here my learn-spam.sieve script: require ["vnd.dovecot.pipe", "copy", "imapsieve"]; pipe :copy "rspamc" ["learn_spam"]; Accordingly I changed the 90-plugin.conf to contain sieve_pipe_bin_dir = /usr/bin/rspamc where rspamc resides. Now I'm getting the error Jun 03 09:48:34 mail dovecot: imap(user): Error: sieve: pipe action: failed to pipe message to program: program `rspamc' not found Jun 03 09:48:34 mail dovecot: imap(user): sieve: left message in mailbox 'Junk' Jun 03 09:48:34 mail dovecot: imap(user): Error: sieve: Execution of script /etc/dovecot/sieve/global/learn-spam.sieve failed What went wrong? Or is the pidgeonhole pipe command only able to call shell scripts?

I have set up my rspamd and redis server but the ratelimit doesn't work. The Rspamd speaks to Postfix and my log file doesnt show anything unusual. Even GTUBE works --> So, the spam protection works because rspamd won't accept e-mails with the following content: XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X The ratelimit file is stored in /etc/rspamd/local.d/ratelimit.conf and its actually the configuration, which rspamd provides --> https://rspamd.com/doc/modules/ratelimit.html # local.d/ratelimit.conf servers="127.0.0.1"; rates { # Selector based ratelimit some_limit = { selector = 'user.lower'; # You can define more than one bucket, however, you need to use array syntax only bucket = [ { burst = 1; rate = "1 / 1min"; } ] } } The rspamd-log shows the following lines: 2022-01-02 11:04:26 #64526(main) ; lua; ratelimit.lua:767: enabled ratelimit: some_limit [1 msgs burst, 0.016666666666667 msgs/sec rate] 2022-01-02 11:04:26 #64526(main) ; cfg; rspamd_init_lua_filters: init lua module ratelimit The command "rspamadm configtest" says --> syntax OK I've added the following lines into the main.cf: milter_protocol = 6 milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} milter_default_action = accept smtpd_milters = inet:127.0.0.1:11332 non_smtpd_milters = inet:127.0.0.1:11332 However, if i open the redis-cli and search for keys, no keys are stored regarding the redis chache. I've set up the redis configuration as well and i used the following tutorial: https://linuxize.com/post/install-and-integrate-rspamd/ Thank you for your help in advance

On OpenBSD 6.6 I'm sending mail with mutt and it isn't being DKIM signed. I am new to OpenBSD, mutt, and rspamd, so any help much appreciated. $ cat ~/.muttrc set editor = nano set pager = lynx set visual = lynx auto_view text/html alternative_order text/plain text/enriched text/html set mbox_type = Maildir set folder = "~/Maildir" set mbox = "~/Maildir" set spoolfile ="~/Maildir" set record = "+sent" set trash = "+trash" set postponed = "+drafts" set realname = "User Name" set from = "username@example.com" set mailcap_path = ~/.mailcap -- $ cat /etc/rspamd/local.d/dkim_signing.conf allow_username_mismatch = true; domain { example.com { path = "/etc/mail/dkim/example.com.key"; selector = "20200226"; } } -- $ cat /etc/mail/smtpd.conf pki example.com cert "/etc/ssl/example.com.fullchain.pem" pki example.com key "/etc/ssl/private/example.com.key" filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } junk filter check_rdns phase connect match !rdns junk filter check_fcrdns phase connect match !fcrdns junk filter senderscore proc-exec "filter-senderscore -junkBelow 70 -slowFactor 5000" filter rspamd proc-exec "filter-rspamd" table aliases file:/etc/mail/aliases listen on all tls pki example.com \ filter { check_dyndns, check_rdns, check_fcrdns, senderscore, rspamd } listen on all port submission tls-require pki example.com auth filter rspamd action "local_mail" maildir junk alias action "outbound" relay helo example.com match from any for domain "example.com" action "local_mail" match for local action "local_mail" match from any auth for any action "outbound" match for any action "outbound"