rspmad 安装配置参考

[root@umail ~]# wget -O /etc/yum.repos.d/rspamd.repo http://rspamd.com/CentOS/6/os/x86_64/rspamd.repo[root@umail ~]# rpm --import http://rspamd.com/vsevolod.pubkey[root@umail ~]# yum install rspamd[root@umail ~]# service rspamd start

rspamd集成到postfix 需要安装rmilter,yum安装的是1.64，测试出来速度比较慢，所以这边rmilter直接编译安装新版本1.65。 rmilter用cmake安装,先安装环境 rmilter 主页

[root@umail libmilter]# yum install -y bison flex cmake libopendkim-devel

直接cmake 编译rmilter会提示找不到libmilter,查看日志,应该是没有libmilter 库文件

-- checking for one of the modules 'libpcre;libpcre3;pcre;pcre3' CMake Error at CMakeLists.txt:206 (MESSAGE): libmilter is required for building rmilter 这要下载sendmail先安装limilter

[root@umail sendmail-8.15.1]# cd libmilter[root@umail libmilter]# sh Build[root@umail libmilter]# sh Build install

然后再安装rmilter

[root@umail rmilter-master]# cmake -DMANDIR=/usr/share/man .[root@umail rmilter-master]# make[root@umail rmilter-master]# make install[100%] Built target rmilterInstall the project...-- Install configuration: "Debug"-- Installing: /usr/local/sbin/rmilter-- Installing: /usr/share/man/man8/rmilter.8-- Installing: /usr/local/lib/systemd/system/rmilter.service

启动rmilter,会提示错误,根据错误修改/etc/rmilter/rmilter.conf

[root@umail rmilter-master]# cp rmilter.conf.sample /etc/rmilter/rmilter.conf[root@umail rmilter-master]# /usr/local/sbin/rmilter -c /etc/rmilter/rmilter.conf

如果用rmilter.sock 要有postfix权限,这里面我直接把 rmilter.sock改成777测试的，也可以直接在rmilter.conf里面用bind_socket 端口的方式 rmilter.conf 里面要修改部分参数

clamav {servers = 127.0.0.1:3310;}spamd {servers = r:127.0.0.1:11333;}

集成到postfix 在main.cf里面添加或者修改

smtpd_milters = unix:/var/run/rmilter/rmilter.sock# or for TCP socket# smtpd_milters = inet:localhost:9900milter_protocol = 6milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}# skip mail without checks if milter will diemilter_default_action = accept

重启服务测试吧.

常见错误:提示rmilter连接clamavr失败

2015-06-25 17:46:01 rmilter[1677]:  mlfi_eom: 2B36D10079A: tempfile=/var/lib/rmilter/msg.XXplTZ9H, size=16232015-06-25 17:46:01 rmilter[1677]:  clamav: connect umail.test.cn, 111: Connection refused2015-06-25 17:46:01 rmilter[1677]:  clamscan: failed to scan, retry, umail.test.cn, /var/lib/rmilter/msg.XXplTZ9H2015-06-25 17:46:02 rmilter[1677]:  clamav: connect umail.test.cn, 111: Connection refused2015-06-25 17:46:02 rmilter[1677]:  clamscan: failed to scan, retry, umail.test.cn, /var/lib/rmilter/msg.XXplTZ9H2015-06-25 17:46:03 rmilter[1677]:  clamav: connect umail.westhost.cn, 111: Connection refused2015-06-25 17:46:03 rmilter[1677]:  clamscan: failed to scan, retry, umail.test.cn, /var/lib/rmilter/msg.XXplTZ9H

处理方法,修改rmilter.conf里面 clamav配置项里面server=127.0.0.1:3310

垃圾邮件规则定义在 /etc/rspamd/metrics.conf 里面

2015-06-26 10:19:34 postfix/smtpd[23481]:  warning: hostname mail.domain.com does not resolve to address 219.234.4.1922015-06-26 10:19:34 postfix/smtpd[23481]:  connect from unknown[219.214.41.192]2015-06-26 10:19:34 postfix/smtpd[23481]:  F2D611007BE: client=unknown[219.214.41.192]2015-06-26 10:19:35 postfix/cleanup[23491]:  F2D611007BE: message-id=<201506261019004489699@domain.com>2015-06-26 10:19:35 rmilter[23088]:  mlfi_eom: F2D611007BE: tempfile=/var/lib/rmilter/msg.XXsDC1zX, size=18172015-06-26 10:19:36 rmilter[23088]:  spamdscan: scan qid: 
    
     , mid: <201506261019004489699@domain.com>, 1.657511, localhost, metric: default: [5.900000 / 15.000000], symbols: HFILTER_HELO_IP_A(1.00), HFILTER_HOSTNAME_UNKNOWN(4.00), R_SPF_ALLOW(-1.10), MISSING_SUBJECT(2.00)2015-06-26 10:19:36 rmilter[23088]:  clamscan: scan 0.011201, (null), /var/lib/rmilter/msg.XXsDC1zX2015-06-26 10:19:36 postfix/qmgr[1389]:  F2D611007BE: from=
     
      , size=1868, nrcpt=1 (queue active)2015-06-26 10:19:36 postfix/smtpd[23481]:  disconnect from unknown[219.214.41.192] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=52015-06-26 10:19:36 postfix/pipe[23503]:  F2D611007BE: to=
      
       , relay=dovecot, delay=2, delays=1.9/0/0/0.08, dsn=2.0.0, status=sent (delivered via dovecot service)2015-06-26 10:19:36 postfix/qmgr[1389]:  F2D611007BE: removed
      
     
    

从日志里面看扫描一封垃圾邮件只用了2秒,比前面spamassassin明显快多了