bunny wrote:Hello Sir,
Now Sir, with the above result which is clear, as our server has around 500 mailboxes, I still have some questions…………
1. I am unable to check the mail headers as it is not publically made available. Can I take it into production mode.?
2. Does Rspamd gets updated periodically for new rules or is it static? In present server, we have stopped updated of spamassassin and customised spamassassin rules that are working fine with our environment. Should I carry forward them to this new server.
Thanks & Regards,
1. you should not use it in production the way you have it configured yet.
however you can use the testing flag in the config (it will run but do nothing with consequence)
2. rspamd is many things, its core principal will not get rules its kinda autodetection based on what you feed.
and here is your issue. first you cannot use sqlite for this even its standard config, it wont work, never will, is deprecated for a decade now (cause this is dspam regardless how they are rebranded it). use the hashdb, this will work most of the time but you should backit up frequently, it tends to be selfdestructive from time to time.
use a sophisticated tokenizer (sbhph)
train much much much much more
you need to group user into similar mail behaviour.
if your elucky and all your user are more or less the same then you dont need that
the same means the types of HAM email they get.
if youre a hoster and for example have a medical company in your customers you may want to exclude them or all the good old bluepill ads will be marked ham over time.
the way this works is it autolearns which phrases and combos are good and which are bad. that needs a lot of data to begin with but when it works it works pretty good
however the more diverse your userbase is the more complciated it gets to a point where you hashdb is crashing
also making groups is critical
you can form exclusive groups (trains have only an effect within that group) or have a base group (affect everyone) plus exatras for certain group.
however this was designed for plain postfix servers and has no integration into zimbra
so it wont group you domain based that easy and there will be a lot of manual thinkering involved.
my advise for 500 mboxes, get to know that system better, how it really works and its consequences before oyu go into production
also make a long learning phase then a testhing phase or you end up wiht a lot of false classifications.
on the other hand if you get it to run it is possible to have an outstanding performance ,.. but yea,.. well
the truth is they rebranded dspam without proper forking announcment and its core devs are inactive for year so i doubt they will ever update that part
ofc that doesnt affect all the other modules and plugins, but they are a bit redundant (no point for DKIM for example)