Rspamd quarantine feature

Thank you for sharing a real use case!

Before sending all the world to quarantine: can you whitelist their server IPs, or the sender domain/addresses?

By their side they should switch to a good-reputation ISP or to someone that knows how to run a mail server… In the end, if someone is blacklisted he has a general problem with ANY mail server on the Earth… :thinking:

With pleasure!
That’s why we’re here! To help each other!

Yes! I do this often!

  1. … or to someone that knows how to run a mail server…
  2. In the end, if someone is blacklisted he has a general problem with ANY mail server on the Earth…

Some examples:

2 Likes

We reached a consensus, we will develop a beta rpm to evaluate the quarantine inside nethserver…thank @robb, @davidep and @GG_jr

6 Likes

yum install http://packages.nethserver.org/nethserver/7.5.1804/autobuild/x86_64/Packages/nethserver-mail-quarantine-2.3.0-1.12.pr83.g5a4f6f5.ns7.noarch.rpm --enablerepo=nethserver-testing

you will upgrade to 1.8.0

You must set a local email account and enable the quarantine, this email is not checked against spam. If you want to send all spam to external account, make sure this email will accept spam

config setprop rspamd QuarantineAccount user@domain.org QuarantineStatus enabled

you could also enable the email notification to postmaster (root alias) when emails are rejected

config setprop rspamd SpamNotificationStatus enabled

then expand and restart the service

signal-event nethserver-mail-quarantine-save

two templates are expanded, please check them, rspamd is restarted/reloaded

/etc/rspamd/local.d/settings.conf
/etc/rspamd/local.d/metadata_exporter.conf

you could review the email moved to quarantine by using a webmail, all notifications are sent to postmaster (root alias)

4 Likes

The first two notifications!

:clap::clap::clap:

4 Likes

Do you have some news on it, bugs , NFR, issues…My spam collection is nice :smiley:

testers needed here

sorry i forgot to answer (well i forget a lot of things…:smirk:) anyway, on my mail server i installed

  • rspamd 1.80 5 days ago and is working fine
  • quarantine installed and enabled 2 days ago,
    not a lot of spam here, but notification and quarantine email seems to work correctly

as always tnx

3 Likes

probably one side effect…I have the feeling that since the spams are accepted and not rejected, I receive more spams…

did you have time to test the implementation @robb ?

Got my first spam mail today, the spam mailbox works and the mail to root works as well. Rspamd history shows the reject and the move to quarantine. :+1:

3 Likes

Not yet, didn’t have time yet to implement it. Hopefully I can install it this weekend. Will report back then…

1 Like

I just installed the update. I created an alias for my own account to send the spam to. In my mailclient I created a rule to move all mails from that alias to a created folder called quarantine. The alias is marked as local only.
Let’s see what will happen…

1 Like

If you want to speed up the test, I could send you some nice spams, coming from my private collection :slight_smile:

Did I configure this wrong or is there something wrong with the package?
After a few days running, I see the following occur:

  • about 25K messages with subject “Spam moved to quarantine” (and that a few 100 times in the subject) delivered to postmaster@domain.tld
    When I delete those messages, they are delivered AGAIN. (and again, and again)
  • Messages that were spam before are now not marked as spam and delivered to my personal mailbox. (all sorts of “girls” that would like things that I am not interested in with them… you know the drill)

Is this normal behavior of the quarantine feature? Did I configure it wrong? Should the module change it’s behavior?

You tried an alias, try a real mailbox instead…I would prefer to have a specific account (let’s call it spam@domain.org) because the quarantine is authorised to receive spam so your real account will receive all the spam of the world.

Maybe my documentation is not enough clear of that…thank to confirm it

Then remains the question why are the notifications being sent over and over again?
After I deleted them from my mailclient, they are sent over again. Looks like these notifications are not removed from the source after they have been sent.

1 Like

let me try to reproduce, I never tested with an alias

Of course it works as expected on my server with an alias, the contrary would be fun :stuck_out_tongue:

this let me think the account was not allowed to receive spam, so when the spam comes, it is rejected, since a spam is rejected then it is sent again and again.

this is normal, the account is allowed to receive spam, so unfortunately you cannot sort wanted and unwanted spam…but…but why the notification above :-?

could you post the command:

config show rspamd
cat /etc/rspamd/local.d/settings.conf
cat /etc/rspamd/local.d/metadata_exporter.conf
show me the account used to receive spam (here spam2, do it for the real user please)
db accounts show spam2@domain.com

what I did to enable the quarantine is

config setprop rspamd QuarantineAccount spam2@domain.com QuarantineStatus enabled SpamNotificationStatus enabled
signal-event nethserver-mail-quarantine-save

spam2@domain.com is an alias of spam@domain.com

also the rpm is now : yum install http://packages.nethserver.org/nethserver/7.5.1804/autobuild/x86_64/Packages/nethserver-mail-quarantine-2.3.0-1.12.pr83.g5a4f6f5.ns7.noarch.rpm