Add rspamd config files

usr/local/bin/razorfy.pl

@@ -0,0 +1,131 @@
+#!/usr/bin/perl
+
+# Copyright (c) 2020, Mirko Ludeke <m.ludeke@heinlein-support.de>
+# Copyright (c) 2020, Carsten Rosenberg <c.rosenberg@heinlein-support.de>
+# Copyright (c) 2020, Andreas Boesen <boesen@belwue.de>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+use strict;
+use warnings;
+use IO::Socket::IP;
+use IO::Select;
+use threads;
+use Data::Dumper;
+use POSIX qw(setlocale strftime);
+use Razor2::Client::Agent;
+
+# set to 1 to enable debug logging
+my $debug = defined($ENV{'RAZORFY_DEBUG'}) ? $ENV{'RAZORFY_DEBUG'} : 0;
+# max number of threa to use
+my $maxthreads = defined($ENV{'RAZORFY_MAXTHREADS'}) ? $ENV{'RAZORFY_MAXTHREADS'} : 200;
+# bind razorfy to default to local ip address
+# use :: for all (dual stack), 0.0.0.0 (all ipv4), ::1 localhost v6only, 127.0.0.1 localhost ipv4
+my $bindaddress = defined($ENV{'RAZORFY_BINDADDRESS'}) ? $ENV{'RAZORFY_BINDADDRESS'} : '127.0.0.1';
+# tcp port to use
+my $bindport 	= defined($ENV{'RAZORFY_BINDPORT'}) ? $ENV{'RAZORFY_BINDPORT'} : '11342';
+
+my $agent = new Razor2::Client::Agent('razor-check') or die ;
+	$agent->read_options() 	or die $agent->errstr ."\n";
+	$agent->do_conf() 	or die $agent->errstr ."\n";
+
+my %logret = ( 0 => 'spam', 1 => 'ham');
+
+sub Main
+{
+	# flush after every write
+	$| = 1;
+
+	my ( $socket, $client_socket );
+
+	# Bind to listening address and port
+	$socket = new IO::Socket::IP (
+		LocalHost => $bindaddress,
+		LocalPort => $bindport,
+		Proto     => 'tcp',
+		Listen    => 10,
+		ReuseAddr => 1
+	) or die "Could not open socket: ".$!."\n";
+
+	ErrorLog( "RAZORFY started, PID: $$ Waiting for client connections...");
+
+	my @clients = ();
+
+	# start infinity loop
+	while(1)
+	{
+
+		# Limit threads
+		my @threads = threads->list(threads::running);
+
+		if( $#threads < $maxthreads ) {
+
+			# Waiting for new client connection.
+			$client_socket = $socket->accept();
+
+			# Push new client connection to it's own thread
+			push ( @clients, threads->create( \&clientHandler, $client_socket ) );
+
+			ErrorLog(  "active threads: $#threads") if $debug ;
+			ErrorLog(  "client array length: " . scalar @clients) if $debug ;
+
+			my $counter = 0;
+			foreach ( @clients )
+			{
+				if( $_->is_joinable() ) {
+		    	$_->join();
+		    }
+				if( not $_->is_running() ) {
+					splice(@clients,$counter,1);
+				}
+				$counter++;
+			}
+		}
+	}
+	$socket->close();
+	return 1;
+}
+
+sub clientHandler
+{
+	# Socket is passed to thread as first (and only) argument.
+	my ($client_socket) = @_;
+
+	# Create hash for user connection/session information and set initial connection information.
+	my %user = ();
+    	$user{peer_address} = $client_socket->peerhost();
+	$user{peer_port} = $client_socket->peerport();
+
+	ErrorLog( "Accepted New Client Connection From:".$user{peer_address}.":".$user{peer_port}) if $debug;
+
+	my %hashr;
+	$hashr{'fh'} = $client_socket;
+
+	my $ret = $agent->checkit(\%hashr);
+	print $client_socket ( $ret == 0) ? "spam" : "ham";
+
+	ErrorLog( "return value: ". $logret{$ret} ) if $debug;
+
+	$client_socket->shutdown(2);
+	threads->exit();
+}
+
+sub ErrorLog {
+setlocale(&POSIX::LC_ALL, "en_US");
+  my $msg = shift;
+  my $datestring = strftime "%b %e %H:%M:%S", localtime;
+  print STDERR $msg."\n";
+}
+
+# Start the Main loop
+Main();

usr/local/etc/rspamd/local.d/actions.conf

@@ -0,0 +1,3 @@
+reject = 15;
+add_header = 8;
+greylist = 7;

usr/local/etc/rspamd/local.d/antivirus.conf

@@ -0,0 +1,11 @@
+clamav {
+  # Scan whole message
+  scan_mime_parts = false;
+  #scan_text_mime = true;
+  #scan_image_mime = true;
+  symbol = "CLAM_VIRUS";
+  type = "clamav";
+  log_clean = true;
+  servers = "/var/run/clamav/clamd.ctl";
+  max_size = 20971520;
+}

usr/local/etc/rspamd/local.d/arc.conf

@@ -0,0 +1,16 @@
+sign_authenticated = true;
+sign_local = true;
+domain {
+  hosting.danwin1210.me {
+    selectors [
+     {
+       path: "/usr/local/etc/rspamd/hosting.danwin1210.me-rsa4096";
+       selector: "mail";
+     },
+     {
+       path: "/usr/local/etc/rspamd/hosting.danwin1210.me-ed25519";
+       selector: "ed25519";
+     }
+   ]
+ }
+}

usr/local/etc/rspamd/local.d/classifier-bayes.conf

@@ -0,0 +1 @@
+autolearn = true;

usr/local/etc/rspamd/local.d/dkim_signing.conf

@@ -0,0 +1,14 @@
+domain {
+  hosting.danwin1210.me {
+    selectors [
+     {
+       path: "/usr/local/etc/rspamd/hosting.danwin1210.me-rsa4096";
+       selector: "mail";
+     },
+     {
+       path: "/usr/local/etc/rspamd/hosting.danwin1210.me-ed25519";
+       selector: "ed25519";
+     }
+   ]
+ }
+}

usr/local/etc/rspamd/local.d/external_services.conf

@@ -0,0 +1,3 @@
+razor {
+  servers = "127.0.0.1:11342"
+}

usr/local/etc/rspamd/local.d/greylist.conf

@@ -0,0 +1 @@
+enabled = false;

usr/local/etc/rspamd/local.d/groups.conf

@@ -0,0 +1,11 @@
+symbols {
+  "CLAM_VIRUS" {
+    "weight": 10.0
+  }
+  "CLAM_VIRUS_ENCRYPTED" {
+    "weight": 1.0
+  }
+  "CLAM_VIRUS_MACRO" {
+    "weight": 1.0
+  }
+}

usr/local/etc/rspamd/local.d/logging.inc

@@ -0,0 +1,4 @@
+type = console
+systemd = true
+color = true
+level = notice

usr/local/etc/rspamd/local.d/neural.conf

@@ -0,0 +1,24 @@
+rules {
+  "LONG" {
+    train {
+      max_trains = 200;
+      max_usages = 20;
+      max_iterations = 25;
+      learning_rate = 0.01,
+    }
+    symbol_spam = "NEURAL_SPAM_LONG";
+    symbol_ham = "NEURAL_HAM_LONG";
+    ann_expire = 45d;
+  }
+  "SHORT" {
+    train {
+      max_trains = 100;
+      max_usages = 10;
+      max_iterations = 15;
+      learning_rate = 0.01,
+    }
+    symbol_spam = "NEURAL_SPAM_SHORT";
+    symbol_ham = "NEURAL_HAM_SHORT";
+    ann_expire = 7d;
+  }
+}

usr/local/etc/rspamd/local.d/neural_group.conf

@@ -0,0 +1,18 @@
+symbols = {
+  "NEURAL_SPAM_LONG" {
+    weight = 3.7; # sample weight
+    description = "Neural network spam (long)";
+  }
+  "NEURAL_HAM_LONG" {
+    weight = -4.0; # sample weight
+    description = "Neural network ham (long)";
+  }
+  "NEURAL_SPAM_SHORT" {
+    weight = 2.5; # sample weight
+    description = "Neural network spam (short)";
+  }
+  "NEURAL_HAM_SHORT" {
+    weight = -2.0; # sample weight
+    description = "Neural network ham (short)";
+  }
+}

usr/local/etc/rspamd/local.d/options.inc

@@ -0,0 +1,3 @@
+dns {
+  enable_dnssec = true;
+}

usr/local/etc/rspamd/local.d/phishing.conf

@@ -0,0 +1 @@
+phishtank_enabled = false;

usr/local/etc/rspamd/local.d/ratelimit.conf

@@ -0,0 +1,22 @@
+rates {
+  to = {
+    bucket = {
+      burst = 20;
+      rate =  1 / 1m;
+    }
+  }
+  sending_limit_2_per_min {
+    selector = 'user.lower.append("sending_limit_2_per_min")';
+    bucket = {
+      burst = 20;
+      rate = 2 / 1m;
+    }
+  }
+  sending_limit_500_per_day {
+    selector = 'user.lower.append("sending_limit_500_per_day")';
+    bucket = {
+      burst = 400;
+      rate = 50 / 3h;
+    }
+  }
+}

usr/local/etc/rspamd/local.d/redis.conf

@@ -0,0 +1 @@
+servers = "127.0.0.1";

usr/local/etc/rspamd/local.d/worker-fuzzy.inc

@@ -0,0 +1,10 @@
+count = 1;
+keypair {
+    privkey = "aojniuyfysb7i6zs47phwafd9wefdockzd4qwe3qu15nc4g1kq6y";
+    type = "kex";
+    algorithm = "curve25519";
+    id = "f1rw8w3cp88zt1y8wfrtrpu9xoy6zrr6bau6ieeq1qeh3jy14ezq835jboyugba86scgaqqmsqtoqmaoo7tt6gynyg9fnc51agu1try";
+    pubkey = "rsk86fw7w5x4dhkjhcomsyaqwiapp56ykq7woj8f7g9m7z8akfpy";
+    encoding = "base32";
+}
+encrypted_only = true;

usr/local/etc/rspamd/override.d/fuzzy_check.conf

@@ -0,0 +1,26 @@
+rule "localhost" {
+  algorithm = "mumhash";
+  servers = "localhost:11335";
+  encryption_key = "rsk86fw7w5x4dhkjhcomsyaqwiapp56ykq7woj8f7g9m7z8akfpy";
+  symbol = "FUZZY_UNKNOWN";
+  mime_types = ["*"];
+  max_score = 20.0;
+  read_only = no;
+  skip_unknown = yes;
+  short_text_direct_hash = true; # If less than min_length then use direct hash
+  min_length = 64; # Minimum words count to consider shingles
+  fuzzy_map = {
+    FUZZY_DENIED {
+      max_score = 20.0;
+      flag = 1;
+    }
+    FUZZY_PROB {
+      max_score = 10.0;
+      flag = 2;
+    }
+    FUZZY_WHITE {
+      max_score = 2.0;
+      flag = 3;
+    }
+  }
+}

usr/local/etc/rspamd/override.d/worker-controller.inc

@@ -0,0 +1,3 @@
+password = "$2$p8hk8x6i44t1azn3wnogqqd9quxqsc1t$34wr9o97cw6ho15tx9d3pjrjy3ccqrasjfgiu3w15f5urzqmfb3b";
+enable_password = "$2$p8hk8x6i44t1azn3wnogqqd9quxqsc1t$34wr9o97cw6ho15tx9d3pjrjy3ccqrasjfgiu3w15f5urzqmfb3b";
+secure_ip = "";