[Rspamd-Users] Multimaps seem to not work
Simon Hoffmann
rspamd at list.simonhoffmann.net
Wed Aug 10 14:30:41 UTC 2022
Hey fellow spam fighters! :)
I currently have the following multimap.conf in /etc/rspamd/local.d
WHITELIST_IP {
type = "ip";
map = "$CONFDIR/local.d/whitelist_ip.map";
description = "Local ip whitelist";
action = "accept";
}
WHITELIST_FROM {
type = "from";
map = "$CONFDIR/local.d/whitelist_from.map";
description = "Local from whitelist";
action = "accept";
}
WHITELIST_HEADER_FROM {
type = "header";
header = "from";
map = "$CONFDIR/local.d/whitelist_from_header.map";
description = "Local from (header) whitelist";
action = "accept";
}
BLACKLIST_IP {
type = "ip";
map = "$CONFDIR/local.d/blacklist_ip.map";
description = "Local ip blacklist";
action = "reject";
}
BLACKLIST_FROM {
type = "from";
map = "$CONFDIR/local.d/blacklist_from.map";
description = "Local from blacklist";
action = "reject";
}
BLACKLIST_HEADER_FROM {
type = "header";
header = "from";
map = "$CONFDIR/local.d/blacklist_from_header.map";
description = "Local from (header) blacklist";
action = "reject";
}
WHITELIST_TO_HEADER {
type = "header";
header = "to";
map = "$CONFDIR/local.d/whitelist_to_header.map";
description = "Local to (header) whitelist";
acction = "accept";
}
The IP based maps are not yet in use, I cannot say anything about that.
In the whitelist_to_header.map I have two entries,
spam at filter.xyz.net
ham at filter.xyz.net
which seems to work fine. When submitting a ham the message got flagged as spam
first, but after adding this map mails now pass to my filter learning script.
However, the blacklist_from and blacklist_header_from seem to not work at all.
I have added michaels at emdeals.michaels.com into both maps, yet rspamd does not reject
incoming mails from this address.
Rspamd log:
Aug 10 11:23:55 mailin rspamd[788]: <1ab58e>; task; rspamd_task_write_log: id: <1fb16a2b-7af0-4213-b60d-49a5b3df2380 at dfw1s10mta411.xt.local>, qid: <858107cd>, ip: 85.13.155.197, from: <bounce-26_HTML-345041960-190051-100010552-23689 at bounce.emdeals.michaels.com>, (default: T (add header): [9.54/15.00] [BAYES_SPAM(8.00){100.00%;},FORGED_RECIPIENTS(2.00){m:@.NET;s:simon at .net;},DMARC_POLICY_ALLOW_WITH_FAILURES(-0.50){},FORGED_SENDER(0.30){michaels at emdeals.michaels.com;bounce-26_HTML-345041960-190051-100010552-23689 at bounce.emdeals.michaels.com;},R_DKIM_ALLOW(-0.20){emdeals.michaels.com:s=10dkim1;},MIME_GOOD(-0.10){multipart/alternative;text/plain;},MANY_INVISIBLE_PARTS(0.05){1;},HAS_LIST_UNSUB(-0.01){},ARC_NA(0.00){},ASN(0.00){asn:34788, ipnet:85.13.155.0/24, country:DE;},DKIM_TRACE(0.00){emdeals.michaels.com:+;},DMARC_POLICY_ALLOW(0.00){michaels.com;none;},FROM_HAS_DN(0.00){},FROM_NEQ_ENVFROM(0.00){michaels at emdeals.michaels.com;bounce-26_HTML-345041960-190051-100010552-23689 at bounce.emdeals.michaels.com;},GREYLIST(0.00){pass;body;},MIME_TRACE(0.00){0:+;1:+;2:~;},NEURAL_HAM(-0.00){-1.000;},RCPT_COUNT_ONE(0.00){1;},RCVD_COUNT_THREE(0.00){3;},RCVD_TLS_LAST(0.00){},R_SPF_FAIL(0.00){-all;},SUBJECT_ENDS_EXCLAIM(0.00){},TO_DN_NONE(0.00){}]), len: 100485, time: 622.634ms, dns req: 67, digest: <70be4cff13e3465a683cee0b3cdc1c8b>, rcpts: <simon at .net>, mime_rcpts: <J at .NET>
Since all files are rolled out via configmanagement, everyone has the same owner and
permissions. Do you have any idea why it is not working?
Also, I am not yet entirely convinced that the whitelist_from maps are working as
intended as well.
Thanks!
Cheers,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.rspamd.com/pipermail/users/attachments/20220810/21a10f99/attachment.bin>
More information about the Users
mailing list