kopano antispam and antivirus
-
Hi @ckruijntjens
Have a look at Rspamd. Very versatile solution for filtering spam based on many different factors (DNSBL, IP reputation, SPF, DKIM, DMARC, Bayes, Fuzzy hashes, phishing checks, …). Can be used together with several anti virus engines (Sophos, Clam AV, …). Mails containing attachments with blacklisted extentions can be rejected (with multimap module). Can easily be integrated with kopano-spamd. Works great for me.
-
hi @ashceryth
thanks for the information. i will definitly loop into this!
-
Is there anything special we need to configure to let kopano-spamd work with rspamd?
-
@ckruijntjens
You can use it together with inotify-spamlearn.py script (https://github.com/bkram/inotify-spamlearn). Do you want to run Rspamd on the same host as Kopano or on a different machine? Assuming Rspamd is running on the same host the following settings for
spamcmdandhamcmdshould work (untested):spamcmd = /usr/bin/rspamc learn_spam
hamcmd = /usr/bin/rspamc learn_hamEdit:
If Rspamd runs on a different host than the Kopano installation my modified version of inotify-spamlearn (https://github.com/ashceryth/inotify-spamlearn/blob/master/inotify-spamlearn.py) can be used with curl for learning (tested):spamcmd = /usr/bin/curl --data-binary @- https://rspamd.host/learnspam?password=pass
hamcmd = /usr/bin/curl --data-binary @- https://rspamd.host/learnham?password=pass -
slightly unrelated question: is rspamd better than spamassassin (which is the one I use)?
-
There is a comparison on their website: https://rspamd.com/comparison.html
I was using AMaViS with SpamAssassin and switched to Rspamd a while ago. I prefer the latter because it is more modern, performant and versatile . I like that it can be integrated with Postfix via Milter (so that mails can be rejected before queuing them) by default (well, can also be done with amavisd-milter). If you utilize DKIM and DMARC you don’t need additional tools like opendkim and opendmarc anymore. There are already modules for Rspamd which can be used for signing, checking and reporting. Filtering works better (for me) as there are more factors that contribute to the spam score of a mail. There are official repos with frequent updates. Personally, I would always prefer Rspamd over SA.
-
Hi,
now i run efa project and think i want to run this a little longer. can I let kopano-spamd learn efa. So that if i drag a mesage to the spam folder that my efa appliance detects this?
My second question is that i can not get inotify-spamlearn working. i think i have an older pyton version? i am on centos 7. anyone has experiense with this?
-
If you drag a mail from your inbox to the junk folder kopano-spamd saves the raw mail to the spam directory specified in
spamd.cfg. When a mail is moved from junk folder to inbox (ham) the mail is stored in the configured ham directory. The mails can then be picked up and used for learning spam/ham. One way to pickup these mails and hand them to your spam filter for learning is inotify-spamlearn script. Inotify-spamlearn simply monitores the directories for new mails and executes the learning command for each of them.You need python3 for inotify-spamlearn. You also need to install python3 version of inotify module with pip.
-
Hi thanks for your reply. The only thing i am missing now is how can i tell that spamassasin, efa is on a different machine?
-
I’m not familiar with efa. Is it just using SpamAssassin and can you simply use the sa-learn command? If yes, you could use ssh and pipe the mail over ssh to the sa-learn command on the efa host. Maybe there are also other and better possibilities…
-
You could try to use something like
/usr/bin/ssh amavis@your.spamassassin.host /usr/bin/sa-learn --spamas spamcmd (haven’t tested it this way, but used something similiar a while ago) with my version of the script. Authentication can be done with ssh pub-key.This version of inotify-spamlearn pipes the content of the mail to the specified spamcmd/hamcmd in the config file: https://github.com/ashceryth/inotify-spamlearn/blob/master/inotify-spamlearn.py
-
im thinking of installing rspamd for a try. i am now installing this. however how i we install python 3 on centos 7 for the other package with the modules? (Inotify-spamlearn)
i also have a question about rspamd. i cant get the webui working. i followed the quick tutorial but can not connect to my internal ip port 11334
also i install python 3.6 and with pip i installed inotify. however the module still can not be found?
any tips on this one?
-
Sorry, without digging into it I don’t have a clue why the webui isn’t working. If you face any truoubles the best place to ask for support would be one of their channels: https://rspamd.com/support.html
You need to use
pip3for installing python3 modules. Did you do it that way? -
Hi i think if i dig in some deeper i will get the ui to work. However i install python3.6 and pip3.6. then i installed with pip3.6 the notify module. however when i want to start the service it keeps saying that the module is missing?
-
Does it work when you run it manually:
python3 /path/to/inotify-spamlearn.py? -
i do not know. i will try this this evening when im done from work. I will let you know. Thank you for the support.
-
nope
i Installed the module
pip3 install inotify
Requirement already satisfied: inotify in /usr/local/lib/python3.6/site-packages (0.2.10)
Requirement already satisfied: nose in /usr/local/lib/python3.6/site-packages (from inotify) (1.3.7)[root@kopano inotify-spamlearn]# python3 inotify-spamlearn.py
Traceback (most recent call last):
File “inotify-spamlearn.py”, line 11, in <module>
import inotify.adapters
ImportError: No module named ‘inotify’if i do a normal python run it tels me its missing an other module.
[root@kopano inotify-spamlearn]# python inotify-spamlearn.py
Traceback (most recent call last):
File “inotify-spamlearn.py”, line 5, in <module>
import configparser
ImportError: No module named configparser -
@ckruijntjens
i am a little bit further. now i can get no module error.
python3.6 inontify-spamlearn.py
however now i get this error:
the path folders exist.
-
@ckruijntjens
As I can see from your prompt it seems you are in a directory named inotify-spamlearn and the config is also placed there. However, the script is always looking for the config file in
/etc/kopano/. Make sure that the file is placed there (as described in the readme). -
that is indeed the problem. tonight i willl reinstall rspamd and see i f it works. thank you!
