The new stable versions of Rspamd and Rmilter have been released:
1.9.2 accordingly. There are a couple of improvements and some important bugfixes. Please note that in the unlikely case you have used regexp rules in Rmilter then you SHOULD NOT upgrade Rmilter and file a bug report (however, I’m pretty sure that it’s not used by anybody since it hasn’t ever been documented). Here is a list of notable changes in Rmilter and Rspamd.
Rspamd reload command has been fixed
It is now possible to gracefully reload Rspamd configuration by sending
HUP signal or by using
reload subcommand for the init scripts. Graceful reload is useful when it’s required to update configuration without stopping email processing. During this process, Rspamd starts a new worker processes with the new configuration whilst the existing ones process the pending messages.
Better ASN/country support
ASN/country detection module has been split from the
ip_score module allowing use of this data in other modules, for example, in the
multimap module to match maps based on country or ASN.
Variable maps in the multimap module
It’s now possible to create maps based on the results of other Lua or internal Rspamd modules. This is particularly useful to link different modules with mulitmap.
DNNSEC stub resolver support
It’s now possible to enable DNSSEC checks in Rspamd through use of a DNSSEC compatible recursive resolver (e.g. Unbound) and check for DNSSEC authentication results in Lua DNS module.
DMARC and DKIM module fixes
There are some important fixes for DMARC and DKIM modules in this version of Rspamd that are related to canonicalization in DKIM and subdomains policies in DMARC.
Redis backend configuration
Now Redis backend in the statistical module can use the global redis settings similar to other modules.
Each task and each MIME part now has its own checksum that could be used to detect the same message or the same attachment.
DKIM signature header is now folded by Rspamd
Since DKIM signature header might be quite long, Rspamd now folds it to fit 80 characters wide common for MIME messages.
Ratelimit module fixed
This release of Rspamd fixes a regression introduced in 1.3.3 which prevented the ratelimit module from working properly.
Fixed X-Forwarded-For header processing
Processing of X-Forwarded-For header in the controller has been fixed.
Rmilter configuration improvements
It is now possible to use
+= operator to append elements to Rmilter lists (e.g. whitelists) and
= to redefine the parameter completely. Hosts lists now can contain hostnames along with IP addresses. List parameters can now be empty to clear lists that are non-empty by default. DKIM signing can be completely disabled in the configuration.
Rmilter regexp rules are removed
Support for regexp rules has been removed from Rmilter. This is an old feature which has never been documented nor used by any users. It was likely broken so I have decided to remove it from Rmilter completely to simplify configuration parser and the overall processing logic. If you are using it then do not update Rmilter and please file a bug report in the github issue tracker.
Unconditional greylisting support is now restored in Rmilter. Headers added or removed by Rspamd are now treated by Rmilter correctly.