Rspamd: Show Extended Spam Headers

Normally Rspamd only inserts “X-Spam: Yes” into the header of a spam mail and the extended spam headers are only visible in the Rspamd log file or in the “History” of the Rspamd GUI. For debugging purposes, it is useful to view them in each mail. There is even an addon for Mozilla Thunderbird: Rspamd-spamness.

vi /etc/rspamd/local.d/milter_headers.conf

#  Enables x-spam, x-spamd-result, x-rspamd-server and x-rspamd-queue-id
extended_spam_headers = true;

# Set false to always add headers for local IPs (default true)
skip_local = false;

# Set false to always add headers for authenticated users (default true)
skip_authenticated = false;

service rspamd restart

Rspamd is now configured to add extended spam headers to each mail.

ISPConfig 3

ISPConfig will overwrite /etc/rspamd/local.d/milter_headers.conf after each update. To make your settings persistent, edit the master template file and do a force update. The ISPConfig Master template files are located in /usr/local/ispconfig/server/conf-custom/install.

Create new file

vi /usr/local/ispconfig/server/conf-custom/install/rspamd_milter_headers.conf.master

# vi /usr/local/ispconfig/server/conf-custom/install/rspamd_milter_headers.conf.master
# ispconfig_update.sh --force

# ISPConfig 3 default settings
use = ["x-spamd-bar", "x-spam-level", "x-spam-status", "authentication-results", "remove-headers"];
authenticated_headers = ["authentication-results"];
routines {
  remove-headers {
    headers {
      "X-Spam" = 0;
      "X-Spamd-Bar" = 0;
      "X-Spam-Level" = 0;
      "X-Spam-Status" = 0;
      "X-Spam-Flag" = 0;
    }
  }
}

# Custom settings
#  Enables x-spam, x-spamd-result, x-rspamd-server and x-rspamd-queue-id
extended_spam_headers = true;

# Set false to always add headers for local IPs (default true)
skip_local = false;

# Set false to always add headers for authenticated users (default true)
skip_authenticated = false;

Apply changes to Rspamd and restart services

ispconfig_update.sh --force
cat /etc/rspamd/local.d/milter_headers.conf

Finished!

From now on, extended spam headers will be added in every email.

Typical Spam Headers

X-Spamd-Bar: ++++++++++++
X-Rspamd-Server: host.domain.xx
X-Spam-Status: Yes, score=12.36
X-Rspamd-Queue-Id: 15CC6806FB
X-Spamd-Result: default: False [12.36 / 15.01];
	BAYES_SPAM(5.10)[99.99%];
	URIBL_RED(3.50)[spamserver.domain.xx:url];
	FORGED_RECIPIENTS(2.00)[m:[email protected],s:[email protected]];
	R_MIXED_CHARSET(1.07)[subject];
	MID_RHS_NOT_FQDN(0.50)[];
	BAD_REP_POLICIES(0.10)[];
	RCVD_NO_TLS_LAST(0.10)[];
	HAS_ANON_DOMAIN(0.10)[];
	MIME_GOOD(-0.10)[multipart/related,multipart/alternative,text/plain];
	MX_GOOD(-0.01)[];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	R_DKIM_NA(0.00)[];
	RCVD_COUNT_TWO(0.00)[2];
	ASN(0.00)[asn:34300, ipnet:XXX.XXX.XXX.0/19, country:XX];
	MIME_TRACE(0.00)[0:+,1:+,2:+,3:~,4:~,5:+];
	FROM_EQ_ENVFROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	GREYLIST(0.00)[pass,body];
	R_SPF_ALLOW(0.00)[+a:c];
	RWL_MAILSPIKE_POSSIBLE(0.00)[XXX.XXX.XXX.36:from];
	TO_DN_NONE(0.00)[];
	CLAM_VIRUS_FAIL(0.00)[failed to scan and retransmits exceed];
	DMARC_NA(0.00)[spamsender.domain.xx];
	ARC_NA(0.00)[]
X-Spam-Level: ************
X-Spam: Yes

See also

• Rspamd: milter_headers.conf
• How to install Rspamd on ISPConfig 3.1