0

I'd like to use an RBL in rspamd without using all the preconfigured RBLs, but it seems that the configuration in /etc/rspamd/local.d/rbl.conf can only add new lists, not remove the default ones.

The documentation also describes a way to disable rules (I am not even sure if this disables the checking itself or just assigning points for a match), but it looks like you have to do this for each default rule, and future updates may add new RBLs that are active by default.

How can I disable all default RBLs with a configuration file in /etc/rspamd/local.d without changing the configurations installed by the rspamd package, which will be overwritten by future updates?

2 Answers 2

1

Collection items defined in local.d get merged with the default config. If you want to remove something that is defined by default in the list or the collection, you have to use override.d.

Create a file /etc/rspamd/override.d/rbl.conf:

url_whitelist = [];

rbls {
}

You take the module configuration /etc/rspamd/modules.d/rbl.conf and look for its top level collection, in this case rbl { ... }. At the bottom of the file, inside the top level collection, sitting directives that include local, dynamic and override files. Since they are loaded from inside of a top level collection, contents of override files should not contain this top level collection. So, you see items of the collection, url_whitelist = [];, rbls {... }, and a few variables. You just define those in your file.

To copy a configuration from default and tweak, you copy the file from modules.d, remove rbl { and final } and remove three .include lines at the bottom. This is what you put into override.d. Now your override is the copy of the original, but won't be replaced with updates, and you can edit it freely to shape as you like.

The order of processing of those files is as follows. The contents of collections in local.d is merged with the collections in the default; simple values get overridden. Then, dynamic configuration applies, which could override even local.d settings; this dynamic configuration could be updated from the rspamd web interface. Then, override.d is applied with highest priority, so you can put things there to be sure they can't be edited via web interface, because anything defined in override.d files will override things that you can put via web interface.

3
  • I still get results with FUZZY_DENIED from bl.rspam.com. The RBL RSPAMD_URIBL should be disabled by your answer, but where does the FUZZY_DENIED rule get its RBLs from?
    – allo
    Commented Feb 13, 2023 at 9:51
  • This is entirely different module that has nothing to do with RBLs, fuzzy_check. You can easily find that using Google. I never used it. If you want to know more about it, please, don't spam in this (unrelated) question and ask new one. Commented Feb 13, 2023 at 15:06
  • The webinterface shows that it reacted to a RBL, so it is not unrelated. And it is a bit strange when you say I would spam the thread, which belongs to my own question.
    – allo
    Commented Feb 13, 2023 at 20:25
0

To remove all RBLs, one needs to create a file /etc/rspamd/override.d/rbl.conf in the override.d directory instead of the local.d directory, which is not merged like the local.d files, but replaces the original config.

The content needs to have an empty RBL section like this:

url_whitelist = [];

rbls {
}

See the answer by Nikita Kipriyanov for more details.

In addition, the fuzzy check module also uses a RBL and needs to be disabled using local.d/options.inc (only overriding a single option)

filters = "chartable,dkim,regexp";

In the default config, the last item in the list is fuzzy_check, which uses an own RBL by rspamd, which also comes with an own usage policy which forbids commercial use and has a (high) query limit.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .