Hi I have catchall accounts configured for some domains and this works fine, but the spam recognition with rspamd doesn't seem to work as expected. It seems like the spam is not learnt for the "target/catchall" destination address but for every single wildcard-address that the spam is being sent to, so it makes the bayes filter quite useless as the (same) spam mail is sent everytime to another address. It sound like the issue of the user here: https://lists.rspamd.com/pipermail/users/2020-March/001376.html Is that something that others with ISPconfig, postfix and rspamd are experiencing too or does it work for you correctly with wildcard addresses? Thanks KoS
I'm not using wildcard addresses on my mail system, so I can't help you with that topic. Have you set a spamfilter policy for the domain (in mail domain settings)?
@till , yes domain spam policy is set and the "junk" mails are indeed scanned by rspamd (based on the headers added in the mail). @Th0m any way to debug this on your (and my end) to see if rspamd catches the correct "user/mailbox" configuration?
In the default ISPConfig installation rspamds bayes classifier is configured global and not per user. Did you change this? The related config file is /etc/rspamd/local.d/classifier-bayes.conf: Code: backend = "redis"; servers = "127.0.0.1"; autolearn { spam_threshold = 6.0; # When to learn spam (score >= threshold and action is reject) junk_threshold = 4.0; # When to learn spam (score >= threshold and action is rewrite subject or add header, and has two or more positive results) ham_threshold = -0.5; # When to learn ham (score <= threshold and action is no action, and score is negative or has three or more negative results) check_balance = true; # Check spam and ham balance min_balance = 0.9; # Keep diff for spam/ham learns for at least this value } per_user = false; per_language = true; So this would not matter anyways, if you did not change the config to "true".
@pyte yes, i have enabled the per_user bayes filter. Or would you not recommend to use a user-based bayes filter on a server with many domains, users and languages? Where the user can train the filter themselve by moving mails into the junk filter (with a dovecot action script feeding the rspamd bayes filter).
I don't use per_user on any of my rspamd machines, even with 1000+ domain and multiple lanuages. I can only advice you to have a look into rspamd's modules and use the: SURBL, RBL, FUZZY etc. Here is an example spam mail from one of my mailservers: Code: FUZZY_DENIED (12) [XXXXXXX] LEAKED_PASSWORD_SCAM (7) RBL_NIXSPAM (6) [XXXXXXXXX] ONCE_RECEIVED_STRICT (4) VIOLATED_DIRECT_SPF (3.5) HFILTER_HELO_BAREIP (3) [XXXXXXXXXXXXX,1] HFILTER_HOSTNAME_UNKNOWN (2.5) DCC_BULK (2) [fuz2=many] RDNS_NONE (1) MID_RHS_NOT_FQDN (0.5) RCVD_NO_TLS_LAST (0.1) ONCE_RECEIVED (0.1)
