Christian Rößner croessner

layout	doc_modules
title	Spamtrap module

Spamtrap module

With the spamtrap module you can catch spam trapped emails or even a catch-all domain. It is intended for learning bayes spam and, if you run your own fuzzy storage, for learning a fuzzy flag with a fuzzy weight. You can also add a score for this symbol in the metrics, if you only want to tag such emails. You can use this later in other modules like

	#!/usr/bin/python3

	import os
	import sys
	import io


	try:
	LOG = sys.argv[3]
	NEW_REJECT = float(sys.argv[1])

	log_format =<<EOD
	id: <$mid>,$if_qid{ qid: <$>,}$if_ip{ ip: $,}
	$lua{
	return function(task)
	local settings_id = task:get_request_header('settings-id')
	if settings_id then
	return 'settings_id: ' .. tostring(settings_id) .. ','
	else
	return 'settings_id: N/A,'
	end

	rspamadm confighelp -P /usr/share/rspamd/lua/ spamtrap
	2017-10-27 13:02:12 #25983(rspamadm) cfg; lua_config_add_doc: cannot get parameters list: bad type for key: required: 'string', 'bool' is expected
	2017-10-27 13:02:12 #25983(rspamadm) cfg; lua_config_add_doc: invalid type: spamtrap
	2017-10-27 13:02:12 #25983(rspamadm) cfg; lua_config_add_doc: cannot get parameters list: bad type for key: required: 'string', 'bool' is expected
	2017-10-27 13:02:12 #25983(rspamadm) cfg; lua_config_add_doc: invalid type: spamtrap
	2017-10-27 13:02:12 #25983(rspamadm) cfg; lua_config_add_doc: cannot get parameters list: bad type for key: required: 'string', 'bool' is expected
	2017-10-27 13:02:12 #25983(rspamadm) cfg; lua_config_add_doc: invalid type: spamtrap
	2017-10-27 13:02:12 #25983(rspamadm) cfg; lua_config_add_doc: cannot get parameters list: bad type for key: required: 'string', 'bool' is expected
	2017-10-27 13:02:12 #25983(rspamadm) cfg; lua_config_add_doc: invalid type: spamtrap
	2017-10-27 13:02:12 #25983(rspamadm) cfg;

	24
	25 if confighelp then
	26 rspamd_config:add_example(nil, 'spamtrap',
	27 "Honeypot spamtrap module to learn spam emails",
	28 [[
	29 spamtrap {
	30 # Optionally set an action
	31 #action = "no action";
	32 # A map file containing regexp entries for spamtrap emails and domains
	33 #map = file://$LOCAL_CONFDIR/maps.d/spamtrap.map

	rspamadm confighelp -P /usr/share/rspamd/lua/ spamtrap
	Showing help for spamtrap:
	Configuration element: spamtrap
	Description: Honeypot spamtrap module to learn spam emails
	Type: object
	Required: false
	Example:
	spamtrap {
	# Optionally set an action
	#action = "no action";

	neighbours {
	mx.roessner-net.de {
	url="https://roessner-net.de/rspamd";
	}
	mx02.roessner-net.de {
	url="https://roessner-net.de/rspamd1";
	}
	mx03.roessner-net.de {
	url="https://roessner-net.de/rspamd2";
	}

	2017-05-05 11:55:43 #12238(normal) <befdae>; antivirus; antivirus.lua:551: savapi: number of virus names found 1
	2017-05-05 11:55:43 #12238(normal) <befdae>; lua; antivirus.lua:54: savapi: virus found: "TR/Dldr.TComBill.C"
	2017-05-05 11:55:43 #12238(normal) <befdae>; antivirus; antivirus.lua:287: saved cached result for rs_savapi_df35bb945acec8b1587d2afc4796aa27: TR/Dldr.TComBill.C
	2017-05-05 11:55:43 #12238(normal) <befdae>; lua; antivirus.lua:45: clamav: virus found: "Win.Downloader.Vidlo-8"
	2017-05-05 11:55:43 #12238(normal) <befdae>; antivirus; antivirus.lua:287: saved cached result for rs_clamav_df35bb945acec8b1587d2afc4796aa27: Win.Downloader.Vidlo-8
	2017-05-05 11:55:43 #12238(normal) <befdae>; task; bayes_classify: skip classification as spam class has not enough learns: 152, 200 required
	2017-05-05 11:55:43 #12238(normal) <befdae>; task; rspamd_stat_check_autolearn: <undef>: autolearn ham for classifier 'bayes' as message's score is negative: -0.15
	2017-05-05 11:55:43 #12238(normal) lua; [string "r...

	worker {
	bind_socket = "127.0.0.1:11335";
	.include "$CONFDIR/worker-fuzzy.inc"
	.include(try=true; priority=1, duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-fuzzy.inc"
	.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-fuzzy.inc"
	}

	# worker-fuzzy

	type = "fuzzy";
	expire = 90d;
	allow_update = ["localhost"];
	backend = "redis";