Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[solved] trying to setup rspamd
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1029

PostPosted: Sat Nov 09, 2019 10:33 pm    Post subject: [solved] trying to setup rspamd Reply with quote

I am replacing my mailserver which was setup some years ago by following the Mailfitering gateway gentoo wiki. Now I became aware of rspamd which could replace amavisd spamassassin dkim and apparently, so I thought, I'll give it a try, but the only gentoo specific tutorial I found was this one

Trying to follow it, for my new server, I got an error when issuing
Code:
sievec FILE.sieve

Code:
doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/90-sieve.conf line 210: Unknown setting: imapsieve_mailbox1_name


Is postfix/dovecot/amavisd-new/spamassassin/clamAV still the recommended way for a Mailfiltering Gateway on gentoo? The Mailfiltering gateway wiki leads me into that thinking, as it is based on above components, so maybe I should stick with it, as it worked for years without problems, and wait a bit as rspamd is quite new and not much gentoo oriented installation and configuration documentation is available?


Last edited by Elleni on Sat Nov 23, 2019 10:38 pm; edited 1 time in total
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1029

PostPosted: Fri Nov 15, 2019 11:57 pm    Post subject: Reply with quote

Found out, that those settings probably have to be within plugin {} so I corrected that.
Code:
#Spam learning
#From elsewhere to Spam folder
imapsieve_mailbox1_name = Spam
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_before = file:/var/mail/sieve/global/learn-spam.sieve

#From Spam folder to elsewhere
imapsieve_mailbox2_name = *
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_before = file:/var/mail/sieve/global/learn-ham.sieve

sieve_pipe_bin_dir = /usr/bin
sieve_global_extensions = +vnd.dovecot.pipe

According to the howto I have to run sievec on the files created in /var/mail/sieve/global namely on
Code:
-rw-r--r-- 1 root mail  86 15. Nov 18:46 learn-ham.sieve
-rw-r--r-- 1 root mail  87 15. Nov 18:46 learn-spam.sieve
-rw-r--r-- 1 root mail 141 15. Nov 18:45 spam-global.sieve


But then I get other errors:

sievec spam-global.sieve
Code:
sievec(root): Warning: sieve: ignored unknown extension 'vnd.dovecot.pipe' while configuring available extensions


sievec learn-ham.sieve
Code:
sievec(root): Warning: sieve: ignored unknown extension 'vnd.dovecot.pipe' while configuring available extensions
learn-ham: line 1: error: require command: unknown Sieve capability vnd.dovecot.pipe'. learn-ham: line 1: error: require command: unknown Sieve capability imapsieve'.
learn-ham: line 2: error: unknown command 'pipe' (only reported once at first occurrence).
learn-ham: error: validation failed.
sievec(root): Fatal: failed to compile sieve script 'learn-ham.sieve'


sievec learn-spam.sieve
Code:
sievec(root): Warning: sieve: ignored unknown extension 'vnd.dovecot.pipe' while configuring available extensions
learn-spam: line 1: error: require command: unknown Sieve capability vnd.dovecot.pipe'. learn-spam: line 1: error: require command: unknown Sieve capability imapsieve'.
learn-spam: line 2: error: unknown command 'pipe' (only reported once at first occurrence).
learn-spam: error: validation failed.
sievec(root): Fatal: failed to compile sieve script 'learn-spam.sieve'


Anyone knows how to enable those extensions, capabilities and commands in dovecot?

Dovecot is setup with managesieve and sieve useflags.
hostname ~ # emerge dovecot -pv
Code:

These are the packages that would be merged, in order:

Calculating dependencies ... done!
[ebuild R ] net-mail/dovecot-2.3.7.2::gentoo USE="bzip2 caps managesieve mysql pam sieve sqlite tcpd zlib -argon2 -doc -ipv6 -kerberos -ldap -libressl -lua -lucene -lz4 -lzma -postgres (-selinux) -solr -static-libs -suid -textcat -vpopmail" 0 KiB

Total: 1 package (1 reinstall), Size of downloads: 0 KiB


locate pigeonhole
Code:
/usr/include/dovecot/sieve/pigeonhole-config.h
/usr/include/dovecot/sieve/pigeonhole-version.h
/usr/lib64/dovecot/settings/libpigeonhole_settings.so
/usr/share/aclocal/dovecot-pigeonhole.m4
/usr/share/man/man7/pigeonhole.7.bz2


emerge --info
Code:
Portage 2.3.76 (python 3.6.9-final-0, default/linux/amd64/17.1/no-multilib, gcc-9.2.0, glibc-2.29-r2, 4.19.82-gentoo x86_64)
System uname: Linux-4.19.82-gentoo-x86_64-AMD_EPYC_Processor_-with_IBPB-with-gentoo-2.6
KiB Mem: 6103940 total, 3041472 free
KiB Swap: 6291452 total, 6286332 free
Timestamp of repository gentoo: Fri, 15 Nov 2019 16:30:01 +0000
Head commit of repository gentoo: eb8dbe94cae643c4db4fe1842ec03c6b5b607dee
sh bash 4.4_p23-r1
ld GNU ld (Gentoo 2.32 p2) 2.32.0
app-shells/bash: 4.4_p23-r1::gentoo
dev-lang/perl: 5.28.2-r1::gentoo
dev-lang/python: 2.7.16::gentoo, 3.6.9::gentoo
dev-util/cmake: 3.14.6::gentoo
sys-apps/baselayout: 2.6-r1::gentoo
sys-apps/openrc: 0.41.2::gentoo
sys-apps/sandbox: 2.13::gentoo
sys-devel/autoconf: 2.69-r4::gentoo
sys-devel/automake: 1.16.1-r1::gentoo
sys-devel/binutils: 2.32-r1::gentoo
sys-devel/gcc: 9.2.0-r2::gentoo
sys-devel/gcc-config: 2.1::gentoo
sys-devel/libtool: 2.4.6-r3::gentoo
sys-devel/make: 4.2.1-r4::gentoo
sys-kernel/linux-headers: 4.19::gentoo (virtual/os-headers)
sys-libs/glibc: 2.29-r2::gentoo
Repositories:

gentoo
location: /var/db/repos/gentoo
sync-type: rsync
sync-uri: rsync://rsync.gentoo.org/gentoo-portage
priority: -1000
sync-rsync-verify-jobs: 1
sync-rsync-extra-opts:
sync-rsync-verify-max-age: 24
sync-rsync-verify-metamanifest: yes

local_overlay
location: /usr/local/portage
masters: gentoo
priority: 0

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="@free"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/easy-rsa /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php7.3/ext-active/ /etc/php/cgi-php7.3/ext-active/ /etc/php/cli-php7.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=native -O2 -pipe"
DISTDIR="/var/cache/distfiles"
ENV_UNSET="DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR"
FCFLAGS="-march=native -O2 -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs candy config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-march=native -O2 -pipe"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LANG="de_CH.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="de de_DE el en fr fr_FR it tr"
MAKEOPTS="-j5"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="3dnow 3dnowext acl amd64 apache2 authdaemond berkdb bzip2 caps cgi clamav clamdtop cli crypt cryptsetup curl cxx device-mapper dkim dovecot-sasl dri exif fam fontconfig fortran fpm gd gdbm geoip iconv imap jpeg libmysqlclient libtirpc maildir managesieve mmx mmxext mysql mysqli ncurses nls nptl openmp pam pcntl pcre pdo png popcnt readline seccomp sieve sockets spamassassin spell split-usr sqlite sse sse2 sse3 sse4_1 sse4a ssl symlink tcpd truetype unicode vhosts xattr xmlwriter xslt zip zlib" ABI_X86="64" ADA_TARGET="gnat_2018" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_core authn_dbm authn_file authz_core authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation proxy proxy_http proxy_wstunnel rewrite setenvif socache_shmcb speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt sha sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput keyboard mouse" KERNEL="linux" L10N="de el en fr it tr" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" NETBEANS_MODULES="apisupport cnd groovy gsf harness ide identity j2ee java mobility nb php profiler soa visualweb webcommon websvccommon xml" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-3" POSTGRES_TARGETS="postgres10 postgres11" PYTHON_SINGLE_TARGET="python3_6" PYTHON_TARGETS="python2_7 python3_6" RUBY_TARGETS="ruby24 ruby25" USERLAND="GNU" VIDEO_CARDS="amdgpu fbdev intel nouveau radeon radeonsi vesa dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset: CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1029

PostPosted: Sat Nov 16, 2019 4:42 am    Post subject: Reply with quote

I found the problem, following was missing 90-sieve.conf (in the initially linked tutorial and thus in my config) .
Code:
sieve_plugins = sieve_imapsieve sieve_extprograms
sieve_before = /var/mail/sieve/global/spam-global.sieve
sieve = file:/var/mail/sieve/%d/%n/scripts;active=/var/mail/sieve/%d/%n/active-script.sieve
After adding those sievec successfully creates the corresponding .svbin files

Last edited by Elleni on Sat Nov 23, 2019 11:32 pm; edited 1 time in total
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1029

PostPosted: Sat Nov 23, 2019 10:37 pm    Post subject: Reply with quote

As I successfully have setup rspamd I'd like to share some links besides the one linked on the first post of this thread which were very helpful for me:
english version
german version

This one was very usefull too. Especially in the comments at the end, there is an intersting info linked on how to prevent that a mail is re-learned as ham, when a mail is deleted from spam folder thus moved to trash folder.

A small addition is sufficient in the learn-ham.sieve file:

Code:
require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];

if environment :matches "imap.mailbox" "*" {
  set "mailbox" "${1}";
}

if string "${mailbox}" "Trash" {
  stop;
}

pipe :copy "rspamc" ["learn_ham"];


Solution came from here

Thanks to Freke, as he gave me the solution when having setup unbound and suddenly resolv.conf was overwritten with standard configuration of redis depending on net.lo.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum