From 7f8b13434dff6c636e6312ee98d98edffe149243 Mon Sep 17 00:00:00 2001 From: andryyy Date: Thu, 31 Oct 2019 20:43:07 +0100 Subject: [PATCH] [Rspamd, Dovecot] Do not use Schaal rules - probably too much for Rspamd 2.x to handle, mem leak? --- data/Dockerfiles/dovecot/sa-rules.sh | 14 ++++++------- data/conf/rspamd/local.d/neural.conf | 24 ++++++++++++++++++++++ data/conf/rspamd/local.d/neural_group.conf | 18 ++++++++++++++++ data/conf/rspamd/local.d/options.inc | 2 -- docker-compose.yml | 4 ++-- 5 files changed, 51 insertions(+), 11 deletions(-) create mode 100644 data/conf/rspamd/local.d/neural.conf create mode 100644 data/conf/rspamd/local.d/neural_group.conf diff --git a/data/Dockerfiles/dovecot/sa-rules.sh b/data/Dockerfiles/dovecot/sa-rules.sh index 54b0d4ab..eaa15127 100755 --- a/data/Dockerfiles/dovecot/sa-rules.sh +++ b/data/Dockerfiles/dovecot/sa-rules.sh @@ -1,7 +1,7 @@ #!/bin/bash # Create temp directories -[[ ! -d /tmp/sa-rules-schaal ]] && mkdir -p /tmp/sa-rules-schaal +#[[ ! -d /tmp/sa-rules-schaal ]] && mkdir -p /tmp/sa-rules-schaal [[ ! -d /tmp/sa-rules-heinlein ]] && mkdir -p /tmp/sa-rules-heinlein # Hash current SA rules @@ -19,12 +19,12 @@ if gzip -t /tmp/sa-rules-heinlein.tar.gz; then cat /tmp/sa-rules-heinlein/*cf > /etc/rspamd/custom/sa-rules fi ## Schaal -curl --connect-timeout 15 --max-time 30 http://sa.schaal-it.net/$(dig txt 1.4.3.sa.schaal-it.net +short | tr -d '"').tar.gz --output /tmp/sa-rules-schaal.tar.gz -if gzip -t /tmp/sa-rules-schaal.tar.gz; then - tar xfvz /tmp/sa-rules-schaal.tar.gz -C /tmp/sa-rules-schaal - # Append, do not overwrite - cat /tmp/sa-rules-schaal/*cf >> /etc/rspamd/custom/sa-rules -fi +#curl --connect-timeout 15 --max-time 30 http://sa.schaal-it.net/$(dig txt 1.4.3.sa.schaal-it.net +short | tr -d '"').tar.gz --output /tmp/sa-rules-schaal.tar.gz +#if gzip -t /tmp/sa-rules-schaal.tar.gz; then +# tar xfvz /tmp/sa-rules-schaal.tar.gz -C /tmp/sa-rules-schaal +# # Append, do not overwrite +# cat /tmp/sa-rules-schaal/*cf >> /etc/rspamd/custom/sa-rules +#fi sed -i -e 's/\([^\\]\)\$\([^\/]\)/\1\\$\2/g' /etc/rspamd/custom/sa-rules diff --git a/data/conf/rspamd/local.d/neural.conf b/data/conf/rspamd/local.d/neural.conf new file mode 100644 index 00000000..f4658db3 --- /dev/null +++ b/data/conf/rspamd/local.d/neural.conf @@ -0,0 +1,24 @@ +rules { + "LONG" { + train { + max_trains = 200; + max_usages = 20; + max_iterations = 25; + learning_rate = 0.01, + } + symbol_spam = "NEURAL_SPAM_LONG"; + symbol_ham = "NEURAL_HAM_LONG"; + ann_expire = 45d; + } + "SHORT" { + train { + max_trains = 100; + max_usages = 10; + max_iterations = 15; + learning_rate = 0.01, + } + symbol_spam = "NEURAL_SPAM_SHORT"; + symbol_ham = "NEURAL_HAM_SHORT"; + ann_expire = 7d; + } +} diff --git a/data/conf/rspamd/local.d/neural_group.conf b/data/conf/rspamd/local.d/neural_group.conf new file mode 100644 index 00000000..fca5cec9 --- /dev/null +++ b/data/conf/rspamd/local.d/neural_group.conf @@ -0,0 +1,18 @@ +symbols = { + "NEURAL_SPAM_LONG" { + weight = 3.7; # sample weight + description = "Neural network spam (long)"; + } + "NEURAL_HAM_LONG" { + weight = -4.0; # sample weight + description = "Neural network ham (long)"; + } + "NEURAL_SPAM_SHORT" { + weight = 2.5; # sample weight + description = "Neural network spam (short)"; + } + "NEURAL_HAM_SHORT" { + weight = -2.0; # sample weight + description = "Neural network ham (short)"; + } +} diff --git a/data/conf/rspamd/local.d/options.inc b/data/conf/rspamd/local.d/options.inc index b1e95340..54613fe4 100644 --- a/data/conf/rspamd/local.d/options.inc +++ b/data/conf/rspamd/local.d/options.inc @@ -7,5 +7,3 @@ dns { retransmits = 2; } disable_monitoring = true; -lua_gc_step = 10; -lua_gc_pause = 10; diff --git a/docker-compose.yml b/docker-compose.yml index eafaa1ed..60e2eb30 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -68,7 +68,7 @@ services: - clamd rspamd-mailcow: - image: mailcow/rspamd:1.54 + image: mailcow/rspamd:1.55 build: ./data/Dockerfiles/rspamd stop_grace_period: 30s depends_on: @@ -174,7 +174,7 @@ services: - sogo dovecot-mailcow: - image: mailcow/dovecot:1.94 + image: mailcow/dovecot:1.95 build: ./data/Dockerfiles/dovecot dns: - ${IPV4_NETWORK:-172.22.1}.254