Hi, the rspamd service on our ISPConfig Server (v3.2.9) does not work correctly. I have defined a spam policy with the levels 2.0 (greylist), 3.8 (mark) and 6.31 (reject). Spam marking is set to 'header'. The policy is assigned to both my mail domain and mail account. Still, a mail with a level of 13.09 is prefixed with **SPAM** and put into my inbox. In the rspamd config pane there are values of 4 (greylist), 6 (add header), 7 (rewrite) and 15 (reject). These seem to apply. Any ideas what I might do to fix this? Thanks! Kind regards, Tom
Do you have a policy defined in ISPConfig for the maildomain in question? You can view all policy under Mail -> Spamfilter -> Policy or see which one is selected for a domain under Mail -> E-Mail Accounts -> E-Mail Domain
Sorry I've misread that. Can you check if the corrosponding configuration file is located at /etc/rspamd/local.d/users on the mailserver? There should be a file with the name of the domain, can you post the content?
You're welcome; thank you for helping in the first place. The file exists; here are the contents: Code: ispc_spamfilter_user_4 { priority = 15; rcpt = "@domainname.com"; apply { CLAM_VIRUS = 1010; JUST_EICAR = 1010; actions { "add header" = 6; "rewrite subject" = null; reject = 10; greylist = null; } } } These do not seem to be the desired settings.
Can you please create a new policy for testing, apply that policy to the domain in question and check the file again when the datalog queue is empty.
That seems to have worked; the file now looks like this: Code: ispc_spamfilter_user_4 { priority = 15; rcpt = "@domainname.com"; apply { CLAM_VIRUS = 1006.31; JUST_EICAR = 1006.31; actions { "add header" = 3.8; "rewrite subject" = null; reject = 6.31; greylist = null; } } } Now I'm feeling bad for not having tried such a simple trick... But one last question perhaps: I have only set the new policy in the mail domain (and now the rspamd config domain file is changed). But my mail account is still set to the old policy. How do maildomain and mail account policies depend on each other, or which of them has higher priority? Where would I find configuration files of mail user? They seem to be in /etc/rspamd/local.d/users as well, but I see only a few of them. Could you please enlighten me, or tell me where I find documentation about that? Thank you very much!
Small update: The history tab in the rspamd panel is still showing the score like '1.41 / 15' , so I guess the reject level is still 15.
Thats what the priority setting is for. Where 1 is the lowest possible. That's because you only have a few users that have whitelist/blacklist entries in ISPConfig. If you want to set a different scoring for 1 user of a domain, create a new policy and apply that policy to that specific user within the mail account settings (make sure the priority is higher than the domain setting - allthough i think user setting always has a higher priority automatically). Users can change the policy themself too, either by using Roundcube Webmailer when the neccassary ISPConfig Module is configured or by logging in with the mail account at the ISPConfig panel. The manual has some information about that
Hello, the issue is not solved yet. The config files in /etc/rspamd/local.d/users are written correctly, as far as I can tell. But they do not seem to be used by RSpamd. Can anyone tell me what to do to review/repair the rspamd configuration for ISPConfig? Thanks!
What you can try is to run an ISPConfig update with --force option and let ISPConfig reconfigure services. And you can use the Rspamd GUI to check out which rules get applied to incoming emails. Or you contact @Th0m from ISPConfig business support to check the issue on your system remotely: https://www.ispconfig.org/get-support/?type=ispconfig
