After about 4 months of development and ~1000 commits I’m proud to publish the next major release of rspamd: 1.0.0. In this version, I did another bunch of architectural rework. This time, I’ve refactored statistics, symbols cache and HTML processing primarily. At the same time, I’ve tried to improve rspamd usability out of the box:

• improving default rules
• improving documentation
• improving installation

Among new rules, rspamd now includes an extensive whitelist for valid mail (e.g. with valid combinations of DKIM/DMARC/SPF). DMARC module is now also enabled by default. The new ip_score module is intended to score messages based on theirs IP reputation.

New statistics includes sqlite3 statistics with such features as per user and per language statistics. Moreover, rspamd now takes metadata, such as messages’ headers or images into consideration when generating statistical tokens. The updated pre built statistics is also available for download.

The main architectural improvement in rspamd that was introduced in 1.0 was the ability to add dependencies between rules. Previosuly, the only way to separate asynchronous rules from each others was using of pre or post filters. In rspamd 1.0 it is possible to create dependencies between any rules, even asynchronous ones, such as DNS or redis rules.

Among other notable changes are:

• New HTML parser that allows to create rules using many HTML attributes, such as:
  • Styles
  • Images
  • URLs
  • Colors (font and background)
  • Structure elements
• Improved URL parser
• New logger

Many other things has been changed as well. However, I’ve tried to preserve backwards compatibility with 0.9/ The main incompatible issues are listed in the migration page.

The full list of major changes could be found here: http://git.io/vnJvF. Moreover, there were a lot of minor changes, improvements and features intorduces with this version.

If you’d like to install the new rspamd version you can check the following document that describes the available distributions in binary and source forms.

I’d like to thank all rspamd contibutors especially Andrew Lewis for his contributions to lua modules and the overall rspamd development, and Andrey Zverev for his kind advices and patience while testing bugfixes.

Since this 1.0 release I plan to switch to feature releases, meaning shorter release cycle and more frequent releases. Thank your all for your support and contibutions!

I will now publish updates about rspamd development in its @rspamd account. Please follow to keep in touch!

After almost half a year of development we are intorducing rspamd 0.9 which is the next major version of rspamd. You can view the full list of changes in the ChangeLog file. But here is the list of the most notable changes introduced in this version:

• Improved optimizations via abstract syntax tree for all expressions (my presentation describes some basic principles of optimizations.
• Switched to luajit and pcre jit by default. JIT compilation allowed to improve the performance in the bottlenecks so now rspamd is significantly faster than 0.8 branch.
• Added spamassassin rules support: you can now use the most of your spamassassin rules in rspamd natively. Of course, they are optimized with JIT and AST techniques.
• Added encryption support: rspamd now can encrypt all traffic with extremely fast and low latency encryption based on public key cryptography and cryptobox construction.
• New aho-corasic implementation has been imported. Now rspamd can search for hundreds thousands of search patterns in almost linear time.
• New statistics architecture:
  • advanced tokenization techniques (secure or fast hashes);
  • improved UTF8 tokenization;
  • avoid multiple learning by the same message by maintaining learning cache;
  • improved features normalization to reduce false positives rate.

Moreover, this release contains a lot of other improvements to plugins, lua API, rspamd core and the build system. In fact, the most of rspamd codebase has been either reworked or completely rewritten to improve the architecture, performance and stability.

We are proud to announce that rspamd is accepted by the Google Summer of Code program. The list of ideas, possible mentors and other useful stuff is placed on the ideas page. We encourage prospective students to apply and help us to make rspamd better with funding generously provided by Google.

Today I have released the next major version of rspamd - 0.8.0. The main difference from the 0.7 branch is completely reworked fuzzy storage. I have switched the storage itself from own memory-based hashes structure to the sqlite3 database and redesigned protocol for future extensions and new features. At the same time, I have preserved backward compatibility with previous rspamd versions, therefore no specific upgrade movements are needed. Moreover, the conversion of an old database format is performed automatically and does not require special attention as well.

Fuzzy check plugin has been reworked accordingly. First of all, I have changed the algorithm of fuzzy hashes to the probabilistic shingles algorithm. It is blazingly fast and still rather accurate to find close texts in the database. Secondly, I have added the normalization algorithm for the target language using snowball lemmatizer. It allows to remove grammar forms and check merely the first forms of all words in a text improving thus fuzzy matching quality by removing meaningless parts.

Rspamd 0.8 is heavily tested in production environments and I consider it as a production ready release. No manual migration is required for rspamd 0.7 users, however, if you use more old versions of rspamd then you should check the migration guide.

As usually, please feel free to ask any questions in rspamd mailing list or IRC discussion channel (#rspamd at OFTC).