UNPKG

haraka-plugin-rspamd

Version:
273 lines (145 loc) 5.69 kB
# haraka-plugin-rspamd [![Test][ci-img]][ci-url] [![Cover][cov-img]][cov-url] [![Qlty][qlty-img]][qlty-url] This plugin facilitates scanning messages with Rspamd. ## Configuration rspamd.ini - host Default: localhost Host to connect to to query Rspamd. - port Default: 11333 Port Rspamd is listening on. - unix_socket Path to a unix socket to connect to. If set, overrides host and port. - scheme Default: http Transport for network connections (`http` or `https`). Ignored when `unix_socket` is set. - path Default: /checkv2 HTTP path for rspamd checks. - add_headers Default: sometimes Possible values are: "always" - always add headers "never" - never add headers (unless provided by rspamd - see rmilter_headers) "sometimes" - add headers when rspamd recommends `add header` action Format of these headers is governed by header.\* settings - tls.reject_unauthorized Default: true TLS certificate verification setting for HTTPS upstream requests. - tls.servername Default: undefined Optional TLS SNI override when connecting via HTTPS. - tls.ca_file / tls.cert_file / tls.key_file Default: undefined Optional PEM files for CA trust, client certificate, and client key when using HTTPS. - auth.basic_user / auth.basic_pass Default: undefined Optional HTTP Basic Auth credentials for protected rspamd endpoints. - auth.header / auth.value / auth.value_env Default: undefined Optional custom auth header. `auth.value_env` reads the header value from an environment variable. - request.settings_id Default: undefined Sends `Settings-ID` header so rspamd can apply a named profile (for example, an URIBL-focused profile in `settings.conf`). - request.settings Default: undefined Sends raw `Settings` header payload for per-request rspamd settings overrides. - request.flags Default: undefined Comma-separated `Flags` header value for rspamd protocol options. - request.body_block / request.ext_urls / request.groups / request.milter / request.no_log / request.profile / request.skip / request.skip_process / request.zstd Default: false Boolean helpers that append protocol flags to `Flags`. - request.pass_all Default: false Sends `Pass: all` to force all rspamd filters for a request. - request.raw Default: false Sends `Raw: yes` for non-MIME/raw body scanning. - request.url_format Default: undefined Sets rspamd `URL-Format` header (for example, `extended`). - request_headers.\* Default: undefined Additional headers to pass to rspamd (for example, `MTA-Tag`). - reject.message Default: Detected as spam Message to send when rejecting mail due to Rspamd policy recommendation. - reject.spam Default: true If set to false, ignore recommended _reject_ action from Rspamd (except for authenticated users). - reject.authenticated Default: false Reject messages from authenticated users if Rspamd recommends _reject_. - check.authenticated Default: false If true, messages from authenticated users will be scanned by Rspamd. - check.relay Default: false If true, messages from relay clients will be scanned by Rspamd. - check.private_ip Default: false If false, messages from private IPs will not be scanned by Rspamd. If true, messages from private IPs will be scanned by Rspamd. - check.local_ip Default: false If false, messages from localhost will not be scanned by Rspamd. If true, messages from localhost will be scanned by Rspamd. - dkim.enabled Default: true If set to true, allow rspamd to add DKIM signatures to messages. - header.bar Default: undefined If set, add a visual spam level in a header with this name. - header.report Default: undefined If set, add information about symbols matched & their scores in a header with this name. - header.score Default: undefined If set, add the numeric spam score in a header with this name. - rewrite_subject.enabled Default: true If set to true, "rewrite subject" action is honored. - rmilter_headers.enabled Default: true If set to true, allow rspamd to add/remove headers to messages via [task:set_milter_reply()](https://rspamd.com/doc/lua/task.html#m70081). - smtp_message.enabled Default: true If set to true, "smtp_message" provided by Rspamd is used in response for "reject" & "soft reject" actions. - soft_reject.enabled Default: true If set to true, allow rspamd to defer messages. - soft_reject.message Default: Deferred by policy Message to send to remote server on rspamd soft rejection. - spambar.positive Default: + Used as character for visual spam-level where score is positive. - spambar.negative Default: - Used as character for visual spam-level where score is negative. - spambar.neutral Default: / Used as character for visual spam-level where score is zero. - subject Default: [SPAM] %s Subject to use for `rewrite subject` action if Rspamd does not provide one. - timeout (in seconds) Default: 29 seconds How long to wait for a response from rspamd. <!-- leave these buried at the bottom of the document --> [ci-img]: https://github.com/haraka/haraka-plugin-rspamd/actions/workflows/ci.yml/badge.svg [ci-url]: https://github.com/haraka/haraka-plugin-rspamd/actions/workflows/ci.yml [cov-img]: https://codecov.io/github/haraka/haraka-plugin-rspamd/coverage.svg [cov-url]: https://codecov.io/github/haraka/haraka-plugin-rspamd [qlty-img]: https://qlty.sh/gh/haraka/projects/haraka-plugin-rspamd/maintainability.svg [qlty-url]: https://qlty.sh/gh/haraka/projects/haraka-plugin-rspamd