nickslowinski/mailcow-dockerized-docs
1
0
Fork 0
Code Issues Pull-Requests Projekte Releases Pakete Wiki Aktivität

Merge pull request #180 from ThomDietrich/patch-1

Quellcode durchsuchen 
Fix syntax highlighting in docs
Dieser Commit ist enthalten in:
André Peters 2019-11-11 14:01:08 +01:00 committet von GitHub
Commit 6ed8365687
Es konnte kein GPG-SchlĂĽssel zu dieser Signatur gefunden werden
GPG-SchlĂĽssel-ID: 4AEE18F83AFDEB23
1 geänderte Dateien mit 26 neuen und 11 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Diff-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

37
docs/u_e-rspamd.md
Datei anzeigen

@ -14,7 +14,8 @@ You can also use Rspamd's web UI to learn ham and / or spam or to adjust certain
### Learn Spam or Ham from existing directory ### Learn Spam or Ham from existing directory
You can use a one-liner to learn mail in plain-text (uncompressed) format: You can use a one-liner to learn mail in plain-text (uncompressed) format:
```
```bash
# Ham # Ham
for file in /my/folder/cur/*; do docker exec -i $(docker-compose ps -q rspamd-mailcow) rspamc learn_ham < $file; done for file in /my/folder/cur/*; do docker exec -i $(docker-compose ps -q rspamd-mailcow) rspamc learn_ham < $file; done
# Spam # Spam
@ -23,7 +24,7 @@ for file in /my/folder/.Junk/cur/*; do docker exec -i $(docker-compose ps -q rsp
Consider attaching a local folder as new volume to `rspamd-mailcow` in `docker-compose.yml` and learn given files inside the container. This can be used as workaround to parse compressed data with zcat. Example: Consider attaching a local folder as new volume to `rspamd-mailcow` in `docker-compose.yml` and learn given files inside the container. This can be used as workaround to parse compressed data with zcat. Example:
``` ```bash
for file in /data/old_mail/.Junk/cur/*; do rspamc learn_spam < zcat $file; done for file in /data/old_mail/.Junk/cur/*; do rspamc learn_spam < zcat $file; done
``` ```
@ -32,27 +33,31 @@ for file in /data/old_mail/.Junk/cur/*; do rspamc learn_spam < zcat $file; done
You need to delete keys in Redis to reset learned mail, so create a copy of your Redis database now: You need to delete keys in Redis to reset learned mail, so create a copy of your Redis database now:
**Backup database** **Backup database**
```
```bash
# It is better to stop Redis before you copy the file. # It is better to stop Redis before you copy the file.
cp /var/lib/docker/volumes/mailcowdockerized_redis-vol-1/_data/dump.rdb /root/ cp /var/lib/docker/volumes/mailcowdockerized_redis-vol-1/_data/dump.rdb /root/
``` ```
**Reset Bayes data** **Reset Bayes data**
```
```bash
docker-compose exec redis-mailcow sh -c 'redis-cli --scan --pattern BAYES_* | xargs redis-cli del' docker-compose exec redis-mailcow sh -c 'redis-cli --scan --pattern BAYES_* | xargs redis-cli del'
docker-compose exec redis-mailcow sh -c 'redis-cli --scan --pattern RS* | xargs redis-cli del' docker-compose exec redis-mailcow sh -c 'redis-cli --scan --pattern RS* | xargs redis-cli del'
``` ```
If it complains about... If it complains about...
```
```text
(error) ERR wrong number of arguments for 'del' command (error) ERR wrong number of arguments for 'del' command
``` ```
...the key pattern was not found and thus no data is available to delete. ...the key pattern was not found and thus no data is available to delete.
## CLI tools ## CLI tools
``` ```bash
docker-compose exec rspamd-mailcow rspamc --help docker-compose exec rspamd-mailcow rspamc --help
docker-compose exec rspamd-mailcow rspamadm --help docker-compose exec rspamd-mailcow rspamadm --help
``` ```
@ -65,7 +70,9 @@ You can disable rspamd's greylisting server-wide by editing:
Simply add the line: Simply add the line:
`enabled = false;` ```cpp
enabled = false;
```
Save the file and then restart the rspamd container. Save the file and then restart the rspamd container.
@ -75,17 +82,25 @@ See [Rspamd documentation](https://rspamd.com/doc/index.html)
You may find that legitimate (clean) mail is being blocked by ClamAV (Rspamd will flag the mail with `VIRUS_FOUND`). For instance, interactive PDF form attachments are blocked by default because the embedded Javascript code may be used for nefarious purposes. Confirm by looking at the clamd logs, e.g.: You may find that legitimate (clean) mail is being blocked by ClamAV (Rspamd will flag the mail with `VIRUS_FOUND`). For instance, interactive PDF form attachments are blocked by default because the embedded Javascript code may be used for nefarious purposes. Confirm by looking at the clamd logs, e.g.:
`docker-compose logs clamd-mailcow | grep FOUND` ```bash
docker-compose logs clamd-mailcow | grep "FOUND"
```
This line confirms that such was identified: This line confirms that such was identified:
`clamd-mailcow_1 | Sat Sep 28 07:43:24 2019 -> instream(local): PUA.Pdf.Trojan.EmbeddedJavaScript-1(e887d2ac324ce90750768b86b63d0749:363325) FOUND` ```text
clamd-mailcow_1 | Sat Sep 28 07:43:24 2019 -> instream(local): PUA.Pdf.Trojan.EmbeddedJavaScript-1(e887d2ac324ce90750768b86b63d0749:363325) FOUND
```
To whitelist this particular signature (and enable sending this type of file attached), add it to the ClamAV signature whitelist file: To whitelist this particular signature (and enable sending this type of file attached), add it to the ClamAV signature whitelist file:
`echo 'PUA.Pdf.Trojan.EmbeddedJavaScript-1' >> data/conf/clamav/whitelist.ign2` ```bash
echo 'PUA.Pdf.Trojan.EmbeddedJavaScript-1' >> data/conf/clamav/whitelist.ign2
```
Then restart the clamd-mailcow service container in the mailcow UI, or using docker-compose: Then restart the clamd-mailcow service container in the mailcow UI, or using docker-compose:
`docker-compose restart clamd-mailcow` ```bash
docker-compose restart clamd-mailcow
```