Does Rspamd learn from Mark as Spam?

Hey,

if i mark a mail as spam in like gmail app or Rainloop or Roundcube, does Rspamd learn from that?

Or if i put a mail from the junk/spam folder to inbox (marked as no spam) does it learn from that?

 

Ok, is There a solution?

 

Please note I am not an expert. I am just sharing what I have tried. Not sure if it is the right thing to do.
It is possible in rspamd with regards to moving the emails to spam folder and out of spam folder. It does require some dovecot config additions for that to work. Not sure if it will break ispconfig settings. It does require bayes module to be set to per user stats.
https://rspamd.com/doc/configuration/statistic.html#statistics-configuration

This config is for rspamd version 1.9.4
cat statistic.conf

Code:

classifier "bayes" {
    tokenizer {
    name = "osb";
    }

    backend = "redis";
    servers = "127.0.0.1:6379";
    min_tokens = 11;
    min_learns = 200;
    autolearn = [2, 10];
    new_schema = true;
    expire = 8640000; # 100days

    per_user = <<EOD
return function(task)
    local rcpt = task:get_recipients(1)

if rcpt then
    one_rcpt = rcpt[1]
    if one_rcpt['domain'] then
        return one_rcpt['domain']
    end
end

return nil
end
EOD

    statfile {
        symbol = "BAYES_HAM";
        spam = false;
    }
    statfile {
        symbol = "BAYES_SPAM";
        spam = true;
    }
    learn_condition =<<EOD
return function(task, is_spam, is_unlearn)
    local prob = task:get_mempool():get_variable('bayes_prob', 'double')

    if prob then
        local in_class = false
        local cl
        if is_spam then
            cl = 'spam'
            in_class = prob >= 0.95
        else
            cl = 'ham'
            in_class = prob <= 0.05
        end

        if in_class then
            return false,string.format('already in class %s; probability %.2f%%',
            cl, math.abs((prob - 0.5) * 200.0))
        end
    end

    return true
end
EOD
}

 

Here is the dovecot config. Please note I am not an expert. I took most of the config from the internet searches. If there is a better and more secure way, please share.

Code:

plugin {
  quota = dict:user::file:/var/vmail/%d/%n/.quotausage

  # Scripts executed before the user's script.
  #   E.g. handling messages marked as dangerous
  sieve_before = /usr/local/lib64/dovecot/sieve/move_spam.sieve

  sieve=/var/vmail/%d/%n/.sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms

  # From elsewhere to Junk folder
  imapsieve_mailbox1_name = Junk
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_before = file:/usr/local/lib64/dovecot/sieve/report-spam.sieve

  # From Junk folder to elsewhere
  imapsieve_mailbox2_name = *
  imapsieve_mailbox2_from = Junk
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_before = file:/usr/local/lib64/dovecot/sieve/report-ham.sieve

  sieve_pipe_bin_dir = /usr/local/lib64/dovecot/sieve

  #sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.debug
  sieve_global_extensions = +vnd.dovecot.pipe

  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size

}

-------------------------------------------------------------------------------------------
cat /usr/local/lib64/dovecot/sieve/move_spam.sieve

Code:

require ["fileinto"];

if header :is "X-Spam" "Yes" {
        fileinto "Junk";
}

------------------------------------------------------------------------------------------------
cat /usr/local/lib64/dovecot/sieve/report-spam.sieve

Code:

require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];

if environment :matches "imap.user" "*" {
  set "username" "${1}";
}

pipe :copy "sa-learn-spam.sh" [ "${username}" ];

--------------------------------------------------------------------------------------------------
cat /usr/local/lib64/dovecot/sieve/report-ham.sieve

Code:

require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];

if environment :matches "imap.mailbox" "*" {
  set "mailbox" "${1}";
}

if string "${mailbox}" "Trash" {
  stop;
}

if string "${mailbox}" "Deleted Messages" {
  stop;
}

if environment :matches "imap.user" "*" {
  set "username" "${1}";
}

pipe :copy "sa-learn-ham.sh" [ "${username}" ];

-------------------------------------------------------------------------------------------
cat /usr/local/lib64/dovecot/sieve/sa-learn-spam.sh

Code:

#test="this is the username ${1}"
#echo -e "$test" | logger -s
#exec /usr/bin/rspamc -c users -d ${1} -h localhost:11334 -P somepassword learn_spam
exec /usr/bin/rspamc -d ${1} -h localhost:11334 -P somepassword learn_spam

-------------------------------------------------------------------------------------------
cat /usr/local/lib64/dovecot/sieve/sa-learn-ham.sh

Code:

#exec /usr/bin/rspamc -c users -d ${1} -h localhost:11334 -P somepassword learn_ham
exec /usr/bin/rspamc -d ${1} -h localhost:11334 -P somepassword learn_ham

 

@pvanthony thanks for that.

Please share this with the Insert Code BBCode, its easier to copy and read then.

 

You are correct. It is so much easier to read and copy. Thank you for the tip.

 

Hey,

with your solution, does rspamd displays the learned spam in the webpanel?

So if i mark a mails as spam does it marked in the webpanel?

 

If webpanel meaning the rspamd webpanel, I have not checked. I just look at the logs. In the logs it does say learned.

 

Hey,

i tried now to setup this, but i dont have this folder

Code:

/usr/local/lib64

So where should i save it, that dovecot or rspamd can read it?

And what permissions and groups need the files?


I am on Debian 10.3

 

Is your system 32-bit or 64-bit?

 

x86_64 so 64-bit