Anyone using Rspamd with SmarterMail?
Question asked by Colin M - 3/25/2020 at 8:47 AM
Unanswered
Is anyone using Rspamd with SmarterMail? If so, what were your integration steps and overall experiences?

Thanks!
Colin

5 Replies

Reply to Thread
1
Sébastien Riccio Replied
Hi,

We do not use (yet) rspamd as front filter for SmarterMail but we do use E.F.A. (https://efa-project.org/) and the implementation should be the same.

Short summary of what we did:
- Configure E.F.A as a front-end filter box for (could be rspamd).
- Set the MX of all domains to use this box, not SmarterMail
- Configure the filter to forward scanned mails to SmarterMail box
- Made E.F.A add custom headers to the mail that include spam score/severity
- Disabled all antispam/antivirus check on SmarterMail
- Added custom spam filters on SmarterMail to check the custom header added by E.F.A and set a SmarterMail spam weight based on this, so the users can still apply low/med/high actions preferences .

There is more details to it, but that's the idea and it works very well (way more efficient than SM built-in spam stuff) and also drastically lowered a lot the resources usage on SmarterMail as it does only a check on a specific header for classification.

We run this setup since 2-3 years and we have very low spam complaints from our customers.

Here is some statistics for 24hour volume:


0
Colin M Replied
Awesome, thanks for the info, I'll check that out!
0
Webio Replied
I'm wondering about those headers you use on primary mail server. Do you use:

X-SmarterMail-SmartHostSpamWeight:

header? I'm just curious how do you pass score to primary server and how do you parse it on mail server (I don't think that there is some kind of regex which will allow to parse header for having certain mail score on pirmary server).

Currently I have 3 Free SmarterMail incoming gateways which perform some simple RBL tests and all of them connect to one SpamAssassin dedicated system for more complicated spam checks. It works but probably in future I would like to make gateways to perform their checks without any external connections.
0
Sébastien Riccio Replied
It depends the headers added by your filtering gateway/appliance.

On EFA (probably rspamd too) you can customize the spam score header.
On our setup the EFA the gateway we add:

X-SwissCenter-MailGuard-SpamScore: ssssss 
(Where the amount of 's' is the severity)

ss = EFA spam score 2
ssssss = EFA spam core 6

Then in SmarterMail all SpamChecks are disabled and we add custom ones to set a weight depending the amount of 's'

Here is an extract of our spam config, showing the settings for these custom spam rules.

SR




0
Webio Replied
Thanks. I will check it out when I will have some free time. One thing makes me curious. How do you verify if user exists during message delivery? On gateway level or maybe after message is being passed to primary SmarterMail server?

Now I'm using WebService between primary SM and SM which is used as a gateway with enabled gateway mode (there is also SMTP verification but I had some issues where user existed on primary server but for some reason there was some No such user here bounces) and I'm wondering how it does work on EFA.

Do you use also outgoing gateways?

Reply to Thread