Migrate to rspamd

Hello,
I would propose to migrate to rspamd.
This was discussed in the past w/o any progress.

Regards
Thomas

1 Like

As I said there in 2015, I am open to it. Since then there have been some other comments in support.

Are you volunteering time to make the changes and test it?

I will install and test it on my MiaB deployment and can report here.
However, installation guides recommend to install unbound DNS resolver, but MiaB deploys BIND9.
What functions are provided by BIND9 in MiaB?
Can it be replaced by unbound?

1 Like

It’s easy enough to replace bind9 with unbound. See Replace bind9 with unbound by kiekerjan · Pull Request #2193 · mail-in-a-box/mailinabox · GitHub This works fine.

That’s great!
I’m not fully aware of the procedure to apply your pull request to my deployment.
Could you please advise how to proceed.

Additionally I would prefer openresolv over other similar solutions.

I suppose you could try to merge the unbound branch into your local mailinabox repository. Then you can run sudo setup/dns.sh to install unbound. Unfortunately, I have no step by step instructions for you.
But, you might not need it. Bind is already a local DNS resolver, and if that is working, it should not prevent you from using rspamd

Not sure what you mean with this. One of the first words in that link is /etc/resolv.conf which is the file Mail-in-a-Box is adapting to use the Bind local DNS resolver.

Actually I deployed Unbound based on Arch Linux wiki, and applied configuration based on this. This configuration is very similar to the one you provided in your pull request.

In addition I stopped BIND9 and nsd services; I don’t need NSD because I’m using external DNS.
Using openresolv in combination with Unbound has some advantages:

  1. Simplicity
  2. Wireguard readiness

Why Wireguard? - Because I want setup Tailscale on every server for secure remote access.

Could you please have a look to my new issue related to DNS?