Ok but how about situation where I can see rspamd in header but still I'm not sure about HAM/SPAM learning? Troubleshooting section from mentioned KB article is related to SPAM classification (which works fine) but there is no mentioning how to troubleshoot learning SPAM/HAM (at least from SmarterMail side - no log entries related to success or failed operation).
Maybe I will add some clarification about environment on my end. I use incoming gateways for spam checking where rspamd is configured to perform spam checks (so /checkv2 command from rspamd) BUT I also have configured rspamd on main SmarterMail instance where no spam checks are enabled BUT rspamd is added and Antispam -> Send user spam feedback to antispam providers is enabled (so we have only usage of /learnspam and /learnham rspamd endpoints from main SmarterMail instance). Looking into reports and rspamd processing on incoming gateway we can see:
where on main SmarterMail instance:
(0 for each day). I'm even not sure if connecting to /learnham and /learnspam enpoints is also being counted for Rspamd processing report and thats why I think there should be some kind of place for troubleshooting /learnspam and /learnham connectivity.
I've reopened ticket 0FF-2C54BEB7-0B4F which was related to HAM checks for rspamd with my additional comment about it. Basically using command:
tail -f -n 30 /var/log/rspamd/rspamd.log | grep trusted
you can see all connections from secure_ip addresses which are not using any form of authentication since they are whitelisted and I see only IPs from my incoming gateway. Only scenario where I can find there IP of main SmarterMail instance is when I open RSPAMDURL:11334/learnham URL in browser where marking as SPAM using webmail didn't ended with main SmarterMail IP appeared in filtered logs.