[Rspamd-Users] rspamd_update module
Gerald Galster
list+rspamd at gcore.biz
Wed Aug 28 20:46:45 UTC 2024
> I am trying to deploy some "Rspamd 3.9 rules" to some servers (rules will be public so I cannot use Puppet/Ansible as usual) and I would like to use a web server to store the rules.
> I've taken a look at rspamd_update module (https://rspamd.com/doc/modules/rspamd_update.html) but I cannot make it work.
> Looking at Github issues it seems it has been disabled and there is no alternative (https://github.com/rspamd/rspamd/issues/3190).
>
> Is there any native way to download rules from a http server or should I script something on my own ?
The bug report mentions rspamd 2.0/2.2 and *signed* ucl maps.
Https provides some form of protection on its own even with
unsigned content, which may or may not offer the level of
security you require with public content.
This is confirmed to work with rspamd 3.9:
-------------------------------------------------------------
# cat /etc/rspamd/local.d/rspamd_update.conf
enabled = true;
rules = https://example.com/tmp/rules_general.ucl
# rules_general.ucl on webserver, overwriting symbol scores
symbols = {
SUBJ_EXCESS_BASE64 = 0.55,
...
}
-------------------------------------------------------------
There are different kinds of "rules". Loading multimap content
and distributing regular expressions in a central way is easy
to accomplish:
https://rspamd.com/doc/modules/multimap.html#map-field-syntax
Besides there is always the option to retrieve any public
resource and transform it into a suitable form, e.g. by using
cron and scripting (bash/perl/php/curl/...) which can then
be deployed on a web-/ansible-server under your management.
Best regards,
Gerald
More information about the Users
mailing list