#rspamd
Block email forwarding spam with Rspamd
At Onlime GmbH we have a mail infrastructure that consists of 3 mail servers: mx1
acts as primary MX server and provides SMTP as outgoing mail gateway for our customers. mx2
acts as secondary MX and fallback incoming mailserver. Incoming email from mx2
is forwarded to mx1
which does spam/antivirus filtering with Rspamd. Finally, the 3rd mailserver which is simply called mail
acts as IMAP server and outgoing mailserver.
We allow customers to set up email forwardings on their domains. A forwarding address could have another customer email address as destination, but could also directly or indirectly (through another forwarding) point to an external email address. Spam filtering is done on mx1
, but Rspamd actually just flags the email as ham/spam with a spam score and adds the X-Spamd-Result
header with all symbols. The actual action is done on the final mailserver mail
in the recipients mailbox via Sieve rule. The reason for this is that we want to let the customer define his own spam score (going from "minimal" to "radical" which maps to a spam score treshold) and what should happen with an email that got classified as spam (store it in Spam
box or discard it directly).
Automated Bayesian Spam/Ham Training with Rspamd
At Onlime GmbH we have migrated the mail infrastructure in Dec 2019 from good old Spamassassin to Rspamd which greatly improved spam filtering. Rspamd offers a nice way of Bayesian learning in Rspamd statistical module. You can feed emails through rspamc learn_spam
or rspamc learn_ham
for manual spam/ham training to improve Bayes hit rate.
In the past, we have only internally used Bayesian training. Wouldn't it be nice to let all customers help us improve the Bayes filter / hit rate? Without even asking them to do so?