Adding RSPAMD under Exim4

MisterM · July 22, 2022, 11:25am

Hello
I come back on this subject:

when I add this code I paste it in the Exim4 configuration

# First conditional block 
.ifdef RSPAMD
spamd_address = 127.0.0.1 11333 variant=rspamd
.endif

# Second conditional block in acl_check_receipt
.ifdef RSPAMD
  warn    set acl_m1    = no
  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
          set acl_m1    = yes
.endif

When I restart, it displays an error message

systemctl status exim4.service
● exim4.service - LSB: exim Mail Transport Agent
     Loaded: loaded (/etc/init.d/exim4; generated)
     Active: failed (Result: exit-code) since Fri 2022-07-22 02:16:09 -09; 7s ago
       Docs: man:systemd-sysv-generator(8)
    Process: 248185 ExecStart=/etc/init.d/exim4 start (code=exited, status=1/FAILURE)
        CPU: 87ms

Jul 22 02:16:09 hestiacp.foxstudio.net systemd[1]: Starting LSB: exim Mail Transport Agent...
Jul 22 02:16:09 hestiacp.foxstudio.net exim4[248185]: Starting MTA:
Jul 22 02:16:09 hestiacp.foxstudio.net exim4[248428]: 2022-07-22 02:16:09 Exim configuration error in line 54 of /var/lib/exim4/config.autogenerated.tmp:
Jul 22 02:16:09 hestiacp.foxstudio.net exim4[248428]:   main option "warn" unknown
Jul 22 02:16:09 hestiacp.foxstudio.net exim4[248430]: Invalid new configfile /var/lib/exim4/config.autogenerated.tmp, not installing
Jul 22 02:16:09 hestiacp.foxstudio.net exim4[248430]: /var/lib/exim4/config.autogenerated.tmp to /var/lib/exim4/config.autogenerated
Jul 22 02:16:09 hestiacp.foxstudio.net systemd[1]: exim4.service: Control process exited, code=exited, status=1/FAILURE
Jul 22 02:16:09 hestiacp.foxstudio.net systemd[1]: exim4.service: Failed with result 'exit-code'.
Jul 22 02:16:09 hestiacp.foxstudio.net systemd[1]: Failed to start LSB: exim Mail Transport Agent.
root@hestiacp:/etc/exim4# nano exim4.conf.template

The error : main option “warn” unknown

Mz

pluto · July 23, 2022, 6:07am

Hard to say. The config is still working on my server.
Looks like the error is on line 54. That seems too early for a ‘warn’ line. Can you check that the second block of code isn’t directly under the first, but lower down in the section acl_check_receipt. In my config that’s around line 209, just below the .ifdef SPAMASSASSIN line.

In fact I now see that should be updated, so that its almost identical to the SPAMASSASSIN one, after the recent changes to exim config last month. Try this:

# Second rspamd block in act_check_receipt
.ifdef RSPAMD
  warn    set acl_m1    = no
          set acl_m3    = no
  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
          set acl_m1    = yes
  warn    condition     = ${if exists {/etc/exim4/domains/$domain/reject_spam}{yes}{no}}
          set acl_m3    = yes
.endif

All three RSPAMD blocks are inserted directly after their SPAMASSASSIN counterpart. Hope that helps

MisterM · July 23, 2022, 7:10am

I found, is that the blocks must be stored in specific places in the file?
Because in the tutorial or the person who makes it, it is displayed here:

Is that the problem?
Mz

PS : I confirm, it’s good, when we put the blocks to vas est viens, following the other, it crashes, but if we put them following the blocks added at the beginning by SPAMASSASSIN is that we put them just after is restart Exim4, no more error, understood … finally I think

MisterM · July 23, 2022, 7:37am

However, this does not work:

# Insert stanza into config to allow access to rspamd gui. 
cp /usr/local/hestia/nginx/conf/nginx.conf /usr/local/hestia/nginx/conf/nginx.conf.save
# Manual insert for now
#        location /rspamd/ {
#            proxy_pass       http://localhost:11334/;
#            proxy_set_header Host      $host;
#            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#            auth_basic "Restricted Content";
#            auth_basic_user_file /etc/apache2/admin.passwd;
#       }
#

404 error
Mz

pluto · July 31, 2022, 3:27am

Well perhaps its stating the obvious but you’d have to remove the comments from that. Also, you’d either have to make sure the auth_basic_user_file exists, OR take out the two auth_basic lines. Finally you’d have to put it in the right place in the config file, so that it is syntactically valid. Here’s an example of a working config:

        location / {
            expires off;
            index index.php;
        }

## Rspamd Admin ##
        location /rspamd/ {
            proxy_pass       http://localhost:11334/;
            proxy_set_header Host      $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           # optional two lines if you want to restrict access with htpasswd
            auth_basic "Restricted Content";
            auth_basic_user_file /etc/apache2/admin.passwd;
       }

        location /error/ {
            expires off;
            internal;
        }

These are all reasons why I wasn’t able to successfully automate the change from spamassassin to rspamd.