Implementing Spamhaus DQS
Spamhaus DQS is service which solves public/open resolvers problems. DQS has better quality dataset than public service.
Registration
If you are not already regitered you can freely sign up to trial with limited usage - https://www.spamhaus.com/free-trial/sign-up-for-a-free-data-query-service-account/
Download and configuration
Next step is cloning default configuration for RSPAMd which will already work with DQS service:
$ cd ~
$ git clone https://github.com/spamhaus/rspamd-dqs
Files need to be edited to change all keys which is available in Spamhaus portal:
$ cd rspamd-dqs/3.x
$ $ grep key *
rbl.conf: rbl = "your_DQS_key.zen.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.zen.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.authbl.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.dbl.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.dbl.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.zrd.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.zen.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.dbl.dq.spamhaus.net"
rbl.conf: rbl = "your_DQS_key.zrd.dq.spamhaus.net"
rbl.conf: rbl = "your_DQS_key.dbl.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.zrd.dq.spamhaus.net";
rbl.conf: rbl = "your_DQS_key.sbl.dq.spamhaus.net";
rspamd.local.lua:local check_cw_dns = '._cw.your_DQS_key.hbl.dq.spamhaus.net.'
sh_rbl_hbl.conf: rbl = "_email.your_DQS_key.hbl.dq.spamhaus.net";
sh_rbl_hbl.conf: rbl = "_file.your_DQS_key.hbl.dq.spamhaus.net.";
Keys can be edited by hand but having command line and sed
we can change all keys programaticaly:
$ sed -i 's/your\_DQS\_key/abcdefghijklmnopq123456789/g' *.conf rspamd.local.lua
Implementing to poste.io
To add configuration to Poste.io we need to use mechanisms described at "mailserver customization page"
$ mkdir -p /data/mailserver/_override/etc/rspamd/local.d
mkdir -p /your-data-dir/data/_override/etc/rspamd/local.d
// If you have HBL enabled
# cp *.conf /data/mailserver/_override/etc/rspamd/local.d
# cp rspamd.local.lua /data/mailserver/_override/etc/rspamd
// if you are using FREE version
$ cp rbl.conf rbl_group.conf /data/mailserver/_override/etc/rspamd/local.d
Restart and test
Restart container, you should see notice about overriding defaults immidietely after start:
...
[cont-init.d] 01-override-defaults.sh: executing...
* overwriting defaults with /data/_override directory
...
Now it is best time to test changes - go to https://blt.spamhaus.com/ and run tests against your email address. All "invalid" emails should end up either in quarantine, marked as spam or blocked before actual delivery (Poste due good reasons rarely block emails at time of SMTP communication)