/
cpanel_rspamd_integrate.txt
88 lines (65 loc) · 3.03 KB
/
cpanel_rspamd_integrate.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
* go to whm -> exim configuration manager
* choose advanced editor
* search spamd & replace with this:
spamd_address = 127.0.0.1 11333 variant=rspamd
system_filter = /etc/exim_system_filter
system_filter_file_transport = address_file
* find and disable greylisting block
* find section acl_smtp_data:custom_begin_spam_scan
* complete block with this:
warn
# Remove spam headers from outside sources
remove_header = x-spam-subject : x-spam-status : x-spam-score : x-spam-bar : x-spam-report : x-spam-flag : x-ham-report
# do not scan messages from submission port
accept condition = ${if eq{$interface_port}{587}}
# skip scanning for authenticated users
accept authenticated = *
accept condition = ${if match_ip{$sender_host_address}{net-iplsearch;/etc/trustedmailhosts}{1}{0}}
# add spam-score and spam-report header when told by rspamd
warn spam = nobody:true
log_message = "rspam_score: $spam_score ($spam_bar) rspam_report: $spam_report"
add_header = X-Spam-Score: $spam_score ($spam_bar)
add_header = X-Spam-Report: $spam_report
add_header = X-Spam-Action: $spam_action
warn spam = nobody:true
condition = ${if eq{$spam_action}{rewrite subject}}
add_header = X-Spam-Subject: ***SPAM*** $rh_subject
add_header = X-Spam-Status: Yes
defer message = Please try again later
condition = ${if forall{<, $recipients}{match_domain{${domain:$item}}{+local_domains}}{1}{0}}
condition = ${if eq{$spam_action}{greylist}}
! authenticated = *
defer message = Please try again later
condition = ${if forall{<, $recipients}{match_domain{${domain:$item}}{+local_domains}}{1}{0}}
condition = ${if eq{$spam_action}{soft reject}}
! authenticated = *
deny message = Message discarded as high-probability spam
condition = ${if eq{$spam_action}{reject}}
7. disable default_spam_scan, default_spam_scan_check block
8. disable acl_not_smtp:outgoing_spam_scan_over_int, acl_smtp_data:no_forward_outbound_spam_over_int
system_filter:
# Exim filter
if "${if def:header_X-Spam-Subject: {there}}" is there
then
headers remove Subject
headers add "Subject: $rh_X-Spam-Subject:"
headers remove X-Spam-Subject
endif
# should be earlier than central_user_filter, virtual_user_filter
# just search Section: PREFILTER in WHM -> Exim Configuration Manager
begin routers
virtual_user_spam_dir: << here
central_user_filter:
virtual_user_filter:
virtual_aliases_nostar:
virtual_user_spam:
virtual_boxtrapper_user:
virtual_user:
# router which will store Spam messages in INBOX.Spam directory
virtual_user_spam_dir:
driver = redirect
domains = !$primary_hostname
condition = ${if match{$header_X-Spam-Score:}{\N\+\+\+\+\+\N}{yes}{no}}
require_files = "+/etc/valiases/$domain:+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/mail/$domain/$local_part"
data = "$local_part+Spam@$domain"
redirect_router = virtual_user