This guide provides information for those who wants to migrate an existing system from SpamAssassin to Rspamd. You will find information about major differences between the spam filtering engines and how to deal with the transition process.
Rspamd runs significantly faster than SpamAssassin while providing approximately the same quality of filtering. However, if you don’t care about the performance and resource consumption of your spam filtering engine you might still find Rspamd useful because it has a simple but powerful web management system (WebUI).
On the other hand, if you have a lot of custom rules, or you use Pyzor/Razor/DCC, or you have some commercial 3rd party products that depend on SpamAssassin then you may not want to migrate.
In short: Rspamd is for speed!
You could also move from these projects to Rspamd. You should bear in mind, however, that Rspamd and SA are multi-factor spam filtering systems that use three main approaches to filter messages:
DSPAM, SpamOracle and others usually implement the third approach, only providing statistical filtering. This method is quite powerful but it can cause false-positives and is not very suitable for multi-user environments. Rspamd and SA, in contrast, are designed for systems with many users. Rspamd, in particular, was written for a very large system with more than 40 million users and about 10 million emails per hour.
There are a couple of things you need to know before transition:
Lua for plugins and rules, so basic knowledge of this language is more than useful for playing with Rspamd; however, Lua is very simple and can be learned very quicklyHTTP protocol to communicate with the MTA or milter, so SA native milters might not communicate with Rspamd. There is some limited support of the SpamAssassin protocol, though some commands are not supported, in particular those which require copying of data between scanner and milter. More importantly, Length-less messages are not supported by Rspamd as they completely break HTTP semantics and will never be supported. To achieve the same functionality, a dedicated scanner could use, e.g. HTTP chunked encoding.mysql or postgresql will likely not be supportedspam and ham results, Rspamd supports five levels of messages called actions:
no action - ham messagegreylist - turn on adaptive greylisting (which is also used on higher levels)add header - adds Spam header (meaning soft-spam action)rewrite subject - rewrite subject to *** SPAM *** original subjectreject - ultimately reject messageEach action can have its own score limit which could also be modified by a user’s settings. Rspamd assumes the following order of actions: no action <= greylist <= add header <= rewrite subject <= reject.
Actions are NOT performed by Rspamd itself - they are just recommendations for the MTA that performs the necessary actions such as adding headers or rejecting mail.
SA spam is almost equal to the Rspamd add header action in the default setup. With this action, users will be able to check messages in their Junk folder, which is usually a desired behaviour.
To install Rspamd, I recommend using one of the official packages that are available for many popular platforms. If you’d like to have more features then you can consider the experimental branch of packages, while if you would like to have more stability then you can select the stable branch. However, normally even the experimental branch is stable enough for production use, and bugs are fixed more quickly in the experimental branch.
For those who have a lot of custom rules, there is good news: Rspamd supports a certain set of SpamAssassin rules via a special plugin that allows direct loading of SA rules into Rspamd. You just need to specify your SA configuration files in the plugin configuration:
spamassassin {
sa_main = "/etc/spamassassin/conf.d/*";
sa_local = "/etc/spamassassin/local.cf";
}
On the other hand, if you don’t have a lot of custom rules and primarily use the default ruleset then you shouldn’t use this plugin: many SA rules are already implemented natively in Rspamd so you won’t get any benefit from including such rules from SA.
If you have your SA up and running it is usually possible to switch the system to Rspamd using the existing tools. However, please check the integration document for further details.
Rspamd statistics are not compatible with SA as Rspamd uses a more advanced statistics algorithm, described in the following article, so please bear in mind that you need to relearn your statistics. This can be done, for example, by using the rspamc command: assuming that you have your messages in separate files (e.g. maildir format), placed in directories spam and ham:
rspamc learn_spam spam/
rspamc learn_ham ham/
(You will need Rspamd up and running to use these commands.)
You can also setup rspamc to learn via passing messages to a certain email address. I’d recommend using /etc/aliases for this purpose and a mail-redirect command (e.g. provided by Mail Redirect add-on for Thunderbird MUA). The desired aliases could be the following:
learn-spam123: "| rspamc learn_spam"
learn-ham123: "| rspamc learn_ham"
(You would need to use less predictable aliases to avoid the sending of messages to such addresses by an adversary, or just by mistake, to prevent statistics pollution.)