Rspamd vs Spamassassin performance comparison

2016-03-03 00:00:00 +0100

Just before 1.2 release, I have measured performance of rspamd comparing to SA. In this experiment, I’ve taken rspamd master branch with default rules. Then I’ve added all rules from SA using spamassassin plugin. Hence, two scanners run with almost exact set of rules.

This set is quite large and it includes about 3k of custom regexp rules. Rspamd runs without hyperscan and pcre2, so it performs literally the same job as SA does. And here are results for about 100k messages being scanned:

Total False Positives: 517
Total False Negatives: 348
Total messages: 101349

Total SA time: 423942 seconds, total rspamd time: 33149 seconds
Average SA time: 4182ms/msg, average rspamd time: 327ms/msg seconds

So the difference in checks is less than 1% and in many cases rspamd does better job than SA because, for example, multiple hits of URIBL rules, phishing detection and some other differences. And it’s still 13 times faster than SA. Moreover, it eats less memory and can process more messages in parallel. In other experiments, rspamd was able to process about 450 messages per second on a single SandyBridge 4 cores scanner box.

I plan to release rspamd 1.2 very soon with a lot of cool features, including dynamic rules updates. I would appreciate any help in testing of the experimental packages. In fact, they are already used in production and are even more stable than 1.1 branch.

Rspamd switches to apache 2 license

2016-02-04 00:00:00 +0100

In the modern world, software patents are a significant threat for the Open Source software. Therefore, I have decided to switch from the original BSD license to Apache-2 license. Whilst Apache license has the same permissive clauses as BSD license has there is an explicit definition of software patents in Apache license. The Apache License contains both a patent grant and a patent retaliation clause.

Another terms of licensing have not been changed: you can still use the code in your projects and you are not obliged to open your modifications to the code like you need in GPL. Contributed code is still licensed under BSD license.

Rspamd 1.1.2 has been released

2016-01-29 00:00:00 +0100

The next feature release 1.1.2 of rspamd is out. This release contains some important improvements:

  • Add support for forged confirmation headers (by @AdUser)
  • Improve multimap plugin: add filtering support
  • Add rspamadm statconvert utility to convert statistical tokens and learn cache from sqlite3 to redis
  • Add logging for slow rules and regexps
  • Add mime_types plugin to check sanity of mime types in messages

Bugfixes and minor improvements in this version:

  • Fix stat_cache closing
  • Add checkpoints to sqlite3 learn cache
  • Do not recompile lua generated headers all the time
  • Increase number of messages learned
  • Fix issues with dual stack and hfilter
  • Disable MID checks for hfilter by default
  • Fix cache definitions in multiple classifier and no type
  • Don’t crash if learn cache failed to initialize
  • Fix googlegroups support in maillist plugin
  • Rework flags LUA API:
    • Allow to check for a specific flag
    • Add learn_spam, learn_ham and broken_headers flags
    • Unify internal functions
  • Add BROKEN_HEADERS rule
  • Allow any, mime and smtp for get_from/get_recipients
  • Add rule to detect spammers attempts to cheat mime parsing
  • Rework parsing of IP addresses in configuration (better IPv6 support)
  • Add util.parse_mail_address function to LUA API
  • Add lua sqlite3 module
  • Implement synchronous redis call
  • Ratelimit: avoid possible indexing of nil value (Fixes #498) (by @fatalbanana)
  • Implement redis advanced lua api with pipelining
  • Fix memory leak on redis stat (#500)
  • Fix user/language learn count in sqlite statistics (#496) (by @fatalbanana)
  • Fix build with custom pcre
  • Fix fuzzy relearning (#498)
  • Improve planning of asynchronous tasks
  • Add base32 decode/encode routines to lua util
  • Allow converting of learn cache from sqlite to redis
  • Add methods to check if a messages has from/rcpts
  • Disable reload command in rc scripts
  • Improve runtime CPU dispatcher for libcryptobox
  • Add preliminary support of digital signatures via ed25519
  • Add detection for RDRAND support
  • Print configuration of crypto on start
  • A in SPF presumes AAAA lookup as well

This version has full backward compatibility with 1.1.0 preserved.