[Rspamd-Users] API Auth
Vsevolod Stakhov
vsevolod at rspamd.com
Mon Nov 26 17:17:13 UTC 2018
On 26/11/2018 16:37, Lothruin Mirwen wrote:
> Hi,
>
> I'm trying to develop a bridge integration between our MTA and Rspamd using
> http API.
> Spam checks go well through /checkv2 endpoint but I cannot find any
> reference to API authentcation in Rspamd documentation.
>
> Is there any authentication or of just will ip-trust be checked?
I have added `encrypted_only` feature in 1.8.3 so only clients who know
the correct public key are allowed to do checks. However, this also
implies that all communications MUST be encrypted. Since Rspamd uses its
own encryption method [1] it might be an issue...
[1] - https://highsecure.ru/httpcrypt.pdf
More information about the Users
mailing list