Is it possible to have blacklist files in rspamd on NS8 that survives container updates?

Support
, , ,
1

NethServer Version: NS8
Module: mail 1.7.9

I’ve got a few domains that continue to get past the rspamd filter. Back when I used ClearOS, I had manual blacklist/block lists in postfix which I edited to add domains and IP ranges.

Given that NS8 is containerized, I’ve been looking at how to use the blacklists in rspamd. For that you are supposed to add files to /etc/rspamd/local.d/ which is well and good but I’m guessing that will be overwritten when the next Mail container update happens??

I’ve read through the docs but don’t find anything about this.

So a couple of questions:

  1. If I add blacklists and multimap.conf to /etc/rspamd/local.d/ will it survive a container update?

  2. If it won’t survive, is there a recommended way to enable a local directory for these blacklists?

  3. If that won’t for rspamd, is it possible with postfix? (I’d really like to add customization to postfix like adding blacklists, Barracuda and Spamcop as I had with ClearOS)

Thanks in advance.

2

Hi Nuke,

See this post.

It is working for me.
No as easy from a config menu as in Clear, but it works

2 Likes
3

Thanks @MadPatrick . I searched the forums but didn’t find that post.

Did your modifications/updates survive the container update? Or do you have to do this every time a new mail container is pulled?

4

Mail 1.7.10 introduces blocklists that can be configured in the Rspamd web UI configuration tab, see Mail — NS8 documentation and GitHub - NethServer/ns8-mail: NS8 Mail module with SMTP, IMAP, Spam/Virus filter · GitHub

They also survive updates and are included in backup like the custom ones by @MadPatrick

3 Likes
5

No Problem. Glad to help
Yes. This has survived every update so far

And like MrMarkuz said you can edit the files in Rspamd
I’ve added some extra which can be used in Rspamd

6

Thank you @mrmarkuz and @MadPatrick . I see the new mail module was just released 2 hrs ago. Looks like I’ll be updating soon so I can try this out.
Thanks again both of you!

1 Like
7

MrMarkuz,
Wil this update break my custom rules?

8

No, it shouldn’t break it.
Your multimap.conf is located in /var/lib/rspamd/dynamic/multimap.conf, the new one is in /etc/rspamd/local.d/.
Your maps end with .inc, the new maps are ending with .map so there shouldn’t be conflicts.

2 Likes
9

ok. Thanks.
But then better to move them to /etc/rspamd/local.d/ and rename ro .map after the update ?

10

No, that’s not necessary. I’d leave the custom ones as is to have a better overview.

11

Is it now normal after this update tht you see this message ?

image
image888×114 2.72 KB

1 Like
12

This error is shown when the block_sender_domain_suffix.map (which is a regexp map) is empty.
It seems harmless but I’m going to find a way to avoid it.

13

OMG GAMECHANGER

2 Likes