I use rspamd on a couple of hestia servers instead of spamassassin. I’ve set it up with a bunch of custom allow / deny lists which can be edited from a web interface. I’ve blocked a few troublesome TLDs such as .icu with great success. Worth looking into if you want to do a lot of this sort of thing.
Rspamd is supposedly faster than Spamassassin. How difficult/easy was the integration and what would you say about performance? Can you now use global and (in combination with) domain-specific lists?
Its honestly not hard, apart from several fiddly exim conf inserts. I was trying to write a script to do it and post in in these forums or submit to the devs, but the exim config alterations probably have to be done manually.
Performance seems good, but where it really shines is the gui interface, where you can monitor what mails are blocked, and change rules on the fly.
I think all rules are globally applied however. i.e. they are applied to all mail entering the server regardless of its destination.
Sounds good, it’s great to have UI to track delivery. Global blocking for a single domain and some .tld’s is fine. For managing multiple domains custom rules are rather important.
I’m pretty handy with sed, but I couldn’t really see an easy way to do this. If hestia admins would consider putting some placeholder text in there, that would make it considerably easier.
Basically, if you look at the exim config, you’ll see that the spamassassin config is held in several conditional blocks. For each of those, you have to introduce another conditional block for rspamd eg.
.ifdef SPAMASSASSIN
spamd_address = 127.0.0.1 783
.endif
## add one for rspamd
.ifdef RSPAMD
spamd_address = 127.0.0.1 11333 variant=rspamd
.endif
There are 4 or 5 of these blocks, and some are quite complex. So for the moment, I’ve just been adding them in manually, which takes a couple of minutes once you’ve done it a few times.
As to the other part of your question, as all the config is held in conditional blocks, all you’d have to to do revert is to change the variables at the top of the file. ie.
OK, final post to detail exim config changes. Only three I notice, as one of them in my config was mirroring a non-standard addition to spamassassin. So:
# Top of file
#SPAMASSASSIN = yes
RSPAMD=yes
# First conditional block
.ifdef RSPAMD
spamd_address = 127.0.0.1 11333 variant=rspamd
.endif
# Second conditional block in acl_check_receipt
.ifdef RSPAMD
warn set acl_m1 = no
warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes
.endif
# Third conditional block in acl_check_data
.ifdef RSPAMD
accept hosts = +relay_from_hosts
accept condition = ${if eq{$interface_port}{587}}
accept authenticated = *
# If message size is less than 500k and the domain has antispam enabled, scan the message with rspamd
# This will set variables as follows: $spam_action, $spam_score, $spam_score_int (spam score x10), $spam_report, $spam_bar
# So we add these as headers, first removing any existing ones
warn condition = ${if < {$message_size}{1M}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = nobody:true
remove_header = x-spam-bar : x-spam-score : x-spam-report : x-spam-status
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Report: $spam_report
add_header = X-Spam-Action: $spam_action
set acl_m2 = $spam_score_int
# add x-spam-bar header if score is positive
warn condition = ${if >{$spam_score_int}{0}}
add_header = X-Spam-Bar: $spam_bar
# use greylisting if action is soft reject
defer message = Please try again later
condition = ${if eq{$spam_action}{soft reject}}
# Hard reject if spam action is reject
deny message = Message discarded as high-probability spam
condition = ${if eq{$spam_action}{reject}}
# add spam-score and spam-report header when "add header" action is recommended by rspamd
warn
condition = ${if eq{$spam_action}{add header}}
add_header = X-Spam-Status: Yes
# Subject Re-write
add_header = X-Spam-Subject: [*SPAMINESS=$spam_score_int*] $h_Subject
message = Detected spam (from $sender_address to $recipients).
# add x-spam-status header if message action is 'rewrite subject'
warn
#! condition = ${if match{$spam_action}{^no action\$|^greylist\$}}
condition = ${if eq{$spam_action}{rewrite subject}}
add_header = X-Spam-Status: Yes
# Subject Re-write
add_header = X-Spam-Subject: [*SPAMINESS=$spam_score_int*] $h_Subject
message = Detected spam (from $sender_address to $recipients).
.endif
Please open an issue about it at Github (or create a new thread with rspamd in the subject).
I’ve also been using Rspamd for the past 3-4 years (but not on HestiaCP) and it is very powerful, even though it is significantly harder to configure than SA, also because it offers many more features.