Official NixOS Wiki

Rspamd: Difference between revisions

← Older edit
Ser (talk | contribs)
1 edit
VisualWikitext
imported>Onny
Add tip on spam training
Ser (talk | contribs)
1 edit
configuration of secrets
 
(4 intermediate revisions by 4 users not shown)
Line 7: Line 7:
{{file|/etc/nixos/configuration.nix|nix|<nowiki>
{{file|/etc/nixos/configuration.nix|nix|<nowiki>
services.rspamd.enable = true;
services.rspamd.enable = true;
</nowiki>}}
To use Rspamd with Postfix add
{{file|/etc/nixos/configuration.nix|nix|<nowiki>
services.rspamd.postfix.enable = true;
</nowiki>}}
</nowiki>}}


Line 13: Line 19:
=== Bayesian spam training ===
=== Bayesian spam training ===


To enable bayesian spam training, a [[Redis]] backend needs to get setup and configured in Rspamd
To enable bayesian spam training, enable a Redis instance and configure it in Rspamd as a backend


{{file|/etc/nixos/configuration.nix|nix|<nowiki>
{{file|/etc/nixos/configuration.nix|nix|<nowiki>
Line 30: Line 36:
services.redis.servers.rspamd = {
services.redis.servers.rspamd = {
   enable = true;
   enable = true;
  # 0 disables listening to TCP ports and will only use unix sockets. Default
  # unix socket path is /run/redis-${name}/redis.sock thus
  # /run/redis-rspamd/redis.sock here.
   port = 0;
   port = 0;
  unixSocket = "/run/redis-rspamd/redis.sock";
   user = config.services.rspamd.user;
   user = config.services.rspamd.user;
};
};
Line 66: Line 74:


systemd.services.rspamd.serviceConfig.SupplementaryGroups = [ "maddy" ];
systemd.services.rspamd.serviceConfig.SupplementaryGroups = [ "maddy" ];
</nowiki>}}
=== Secrets ===
Sometimes you need to provide secrets which should not be kept in the public store. In this example we add an API key to GPT module. You need to have the file with a name for example `ai.conf` with content:
{{file|/var/spool/keys/ai.conf|nix|<nowiki>
api_key = "your_secret_key";
</nowiki>}}
and prepare your GPT configuration - in this example it's only part of it, consult the GPT module documentation.
{{file|/etc/nixos/configuration.nix|nix|<nowiki>
services.rspamd = {
  overrides = {
    "gpt.conf".text = ''
      enabled = true;
      #api_key = ""; # API KEY IN SECRETS!!!
      .include(try=true; priority=10,duplicate=merge) "/var/spool/keys/ai.conf"
      autolearn = true;
    '';
  };
};
</nowiki>}}
</nowiki>}}


Line 71: Line 102:


=== Helper script to train rspamd ===
=== Helper script to train rspamd ===
{{note|This approach is not yet stable and will be available in the upcoming NixOS 24.05 release.}}


The following example enables [https://gitlab.com/onlime/rspamd-trainer rspamd-trainer] as a daemon which will run every 10 minutes to check for mails in the inbox of <code>myuser@example.com</code> which should be used for spam/ham training.
The following example enables [https://gitlab.com/onlime/rspamd-trainer rspamd-trainer] as a daemon which will run every 10 minutes to check for mails in the inbox of <code>myuser@example.com</code> which should be used for spam/ham training.
Line 105: Line 134:


[[Category:Mail Server]]
[[Category:Mail Server]]
[[Category:Server]]
Retrieved from "https://wiki.nixos.org/wiki/Rspamd"