[TUTORIAL] Integrate rspamd as custom script

[n3obasher]

So the idea is use rspamd for better scoring and then use Proxmox to do some action on the message like block, quarantine? Etc?

Exactly, rspamd is just one more Spam Engine that adds a spam score to the E-Mail. Your other Mail Rules will then accordingly apply the rules you want. For me: at first, I remove the action to block e-mails higher than spam level 8, because rspamd has average higher spam scores than spam assassin. And then learning by doing and learning by the spam your users receive.

 

[yggdrasil]

Exactly, rspamd is just one more Spam Engine that adds a spam score to the E-Mail. Your other Mail Rules will then accordingly apply the rules you want. For me: at first, I remove the action to block e-mails higher than spam level 8, because rspamd has average higher spam scores than spam assassin. And then learning by doing and learning by the spam your users receive.

This is definitely something I will test it. I love rspamd, and I had better results with it than spamassasin even with defaults. And the spamassasin implementation on Proxmox is more or less useless. You cannot train ham, spam, etc. Set advanced rules. Spamassasin is only really powerful if you can train and customize but its very performance hungry which is why rspamd was created, supports similar scoring and rules but is more efficient.

This seems like the missing piece to actually be able to catch or train on very specific spam. Proxmox as a mail gateway/filtering works great. As a spam filter its average. This might actually make it actually catch those pesky personalized spam some people receive which are impossible to block as they come from Gmail, Outlook, etc.

 

[BastianR]

Would be nice if this could be integrated into PMG without custom hacking things together.

 

[ivenae]

Das Skript hier kommt ohne jq aus und bedient die Kommandozeilen Schnittstelle:

#!/usr/bin/env bash
set -euo pipefail

# PMG custom check API v1: args: APIVERSION QUEUEFILENAME
if [[ $# -ne 2 ]]; then
  echo "usage: $0 APIVERSION QUEUEFILENAME" >&2
  exit 1
fi

apiver="$1"
queue_file="$2"

if [[ "$apiver" != "v1" ]]; then
  echo "wrong APIVERSION: $apiver" >&2
  exit 2
fi

# --- Rspamd scan (anpassen falls remote) ---
# Lokaler worker: meist 127.0.0.1:11333
RSPAMD_HOST="127.0.0.1"
RSPAMD_PORT="11333"

# rspamc output enthält typischerweise: "Score: 3.00 / 15.00"
# Wir parsen die erste Zahl nach "Score:"
rspamc_out="$(
  rspamc -h "${RSPAMD_HOST}:${RSPAMD_PORT}" < "$queue_file" 2>/dev/null || true
)"

score="$(awk -F': ' '/^Score: /{split($2,a," "); print a[1]; exit}' <<<"$rspamc_out")"

# PMG erwartet 2 Zeilen Output:
echo "v1"

if [[ -n "${score:-}" ]]; then
  # optional: Score skalieren/offsetten, wenn du PMG-Schwellen beibehalten willst
  echo "SCORE: ${score}"
else
  # bei Fehlern lieber OK liefern, damit keine Mails hängen bleiben
  echo "OK"
fi

exit 0