Email module transition to Rspamd

Since NethServer 7.5.1804 new Email, POP3 connector and POP3 proxy installations are based on the Rspamd [1] filter engine.

  • Previous NethServer installations are automatically upgraded to Rspamd as described by this section.

  • New configuration features, specific to the Rspamd-based implementation, are documented in Email. Here is a brief list:

    • DKIM signature
    • Rspamd web UI
    • Greylist threshold [3]

Feature changes

Block port 25

The block of port 25 can prevent abuse/misuse by LAN machines. If the system is acting as the LAN network gateway, the administrator can create a firewall rule inside the Rules page.

Additional host name aliases

The following host name aliases were automatically registered in the local DNS service, if the postfix/MxRecordStatus was enabled:

  • smtp.<domain>
  • imap.<domain>
  • pop.<domain>
  • pop3.<domain>

When upgraded from an old Email module based on Amavisd, the postfix/MxRecordStatus is removed and those aliases are pushed as self records in the hosts DB. They can be edited from DNS > Server alias page.

MX record for LAN clients

The new Email module implementation based on Rspamd does not push the MX record override for LAN hosts any more. Ensure the LAN mail user agents are configured to use SMTP/AUTH or are listed in Email > SMTP access > Allow relay from IP addresses before upgrading.

Upgrade procedures

Manual upgrade procedures are no longer needed: upgrade occurs automatically.

After the upgrade the old anti-spam engine services provided by amavisd and spamassassin are stopped and their packages can be removed.

To clean up the old anti-spam rpms type

yum remove amavisd-new spamassassin

References

[1]Rspamd – Fast, free and open-source spam filtering system. https://rspamd.com/
[2]Domain Keys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing – Wikipedia
[3]Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will “temporarily reject” any email from a sender it does not recognize – Wikipedia
[4]alterMIME is a small program which is used to alter your mime-encoded mailpack – https://pldaniels.com/altermime/