[Rspamd-Users] How to deliver spam anyway?

David Reagan me at davidreagan.net
Sat Sep 19 16:47:13 UTC 2020 

Hey all,

I'd like to configure rspamd to deliver spam after it detects it. I have 
sieve configured to move spam into the Spam folder. That way users can 
check for any messages that got sent to spam when they shouldn't have.

I think I've configured /etc/rspamd/override.d/actions.conf to make 
rspamd work that way, but I'm stuck on how to test..

My actions.conf:

```
     add_header = 6; # Add header when reaching this score
     greylist = 4; # Apply greylisting when reaching this score (will 
emit `soft reject action`)
     subject = "[SPAM] %s"
```

I'm hoping that making `reject = 15` not set will give me the behavior I 
want.

To test in my dev environment, I've set `enable_test_patterns = true;`, 
and then I've been sending the GTUBE pattern. But as far as I can tell, 
rspamd just always rejects it. The only thing my override file did was 
let Thunderbird finishing sending the message. But the message never got 
past rspamd.

I see the logs in rspamd, but no logs show up in dovecot or postfix.

```
example_spamfilter     | 2020-09-19 16:21:39 #8(normal) <160c86>; task; 
rspamd_check_gtube: gtube reject pattern has been found in part of length 72
example_spamfilter     | 2020-09-19 16:21:39 #8(normal) <160c86>; task; 
rspamd_add_passthrough_result: 
<db990a2a-67a8-b60d-1227-a60d593c5dce at redteam-example.org>: set 
pre-result to 'reject' (15.00): 'Gtube pattern' from GTUBE(3)
example_spamfilter     | 2020-09-19 16:21:39 #8(normal) <160c86>; task; 
rspamd_task_write_log: id: 
<db990a2a-67a8-b60d-1227-a60d593c5dce at redteam-example.org>, qid: 
<2C93E160737>, ip: 192.168.113.1, user: kirk at redteam-example.org, from: 
<kirk at redteam-example.org>, (default: S (reject): [15.00/15.00] 
[GTUBE(0.00){}]), len: 492, time: 69.768ms, dns req: 0, digest: 
<3ae5f215290df6e9185b5c41574d0302>, rcpts: <postmaster at example.org>, 
mime_rcpts: <postmaster at example.org>, forced: reject "Gtube pattern"; 
score=15.00 (set by GTUBE)

```

Sending the add header and rewrite subject patterns does seem to work. 
But their spam score is zero. So sieve will not detect them as spam.

So I'm left scratching my head...

Am I configuring rspamd in a way that will deliver spam messages?

How can I test that?

Just in case it's useful, here is how I've configured postfix to work 
with rspamd.

/etc/postfix/main.cf

```
# rspamd
smtpd_milters = inet:spamfilter:11332
milter_default_action = accept
non_smtpd_milters = $smtpd_milters
```


Thanks in advance!

- David

More information about the Users mailing list