From: Vsevolod Stakhov Date: Mon, 11 Jan 2016 19:10:47 +0000 (+0000) Subject: Start SA migrating guide X-Git-Tag: 1.1.0~59 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=63950721d07ce57b227701aa7a94da4d44ddea68;p=rspamd.git Start SA migrating guide --- diff --git a/doc/markdown/tutorials/index.md b/doc/markdown/tutorials/index.md index ad03e46f0..861b1cb1a 100644 --- a/doc/markdown/tutorials/index.md +++ b/doc/markdown/tutorials/index.md @@ -4,6 +4,7 @@ In this section, you can find step-by-step tutorials for various things related Currently, there are the following tutorials ready: +* [Migrating from SA](migrate_sa.md) - the guide for those who wants to migrate their existing system to Rspamd * [Writing rspamd rules](writing_rules.md) - here you can find information of how to write new rspamd rules * [Training rspamd with dovecot antispam plugin, part 1](https://kaworu.ch/blog/2014/03/25/dovecot-antispam-with-rspamd/) - this tutorial describes how to learn rspamd automatically using `antispam` pluging of `dovecot` IMAP server * [Training rspamd with dovecot antispam plugin, part 2](https://kaworu.ch/blog/2015/10/12/dovecot-antispam-with-rspamd-part2/) - the continuation of the previous tutorial diff --git a/doc/markdown/tutorials/migrate_sa.md b/doc/markdown/tutorials/migrate_sa.md new file mode 100644 index 000000000..9e4b21bee --- /dev/null +++ b/doc/markdown/tutorials/migrate_sa.md @@ -0,0 +1,46 @@ +# Migrating from Spamassassin to Rspamd + +This guide provides information for those who wants to migrate their existing system from [spamassassin](https://spamassassin.apache.org) to rspamd. Here you will find information about major differences between these two spam filtering engines and how to deal with the transition process. + +## Why migrate to Rspamd + +The first question you need to ask yourself is 'what is **wrong** with my spamassassin installation?' To my sense and according to many users' reports, rspamd runs **significantly faster** than spamassassin providing almost the same quality of filtering. However, if you don't care about performance and resources consumption of your spam filtering engine you might still find rspamd useful because it has a simple but yet powerful web management system (WebUI). + +On the contrary, if you have a lot of custom rules, or if you use Pyzor/Razor/DCC, or you have some commercial 3rd party products that are SpamAssassin only then there are no clear reasons of migrating indeed. + +In brief, Rspamd is for **speed**! + +## What about dspam/spamoracle...? + +You could also move from these projects to Rspamd. However, you should bear in mind that Rspamd and SA are multi-factor spam filtering systems that uses 3 main approaches to filter Spam messages: + +* Content filtering - static rules that are designed to find some known `bad patterns` in messages (usually regexp or other custom rules) +* Dynamic lists - DNS or reputation lists that are used to filter known bad content, such as abused IP addresses or URL domains +* Statistical filters - are learned dynamically to distinguish spam and ham messages + +`dspam`, `spamoracle` and many others usually implement the third approach providing merely statistical filtering. This method is quite powerful but it might cause many false-positives and is not very well suitable for more than one user. Rspamd and SA, in contrast, are designed for systems with many users. Rspamd in particular was written for a very large system with more than 40 millions of users and about 10 millions of emails per hour. + +## Before you start + +There are a couple of things you need to know before transition: + +1. Rspamd does not support Spamassassin statistics so you'd need to **train** your filter from the scratch with spam and ham samples (or install the [pre-built statistics](???)). Rspamd uses different statistical engine called [OSB-Bayes](???) which is intended to be more precise than SA 'naive' bayes classifier +2. Rspamd uses `Lua` for plugins and rules, so basic knowledge of this language is more than useful for playing with rspamd, however, Lua is very simple and can be learnt [very quickly](???) +3. Rspamd uses `HTTP` protocol for communicating with MTA or milter, so SA native milters might fail to communicate with rspamd. There is some limited support of SpamAssassin protocol, thought some commands are not supported, in particular those which require copying of data batween scanner and milter. What's more important is that `Length`-less messages are not supported by Rspamd as they completely break HTTP semantics, so it won't be supported ever. For achieving the same functionality, a dedicated scanner could use, e.g. HTTP `chunked` encoding. +4. Rspamd is **NOT** intended to work with blocking libraries or services, hence, something like `mysql` or `postgresql` won't likely be supported as well +5. Rspamd is developping quickly, therefore you should be aware that there might be still some incompatible changes between major versions - they are usually listed in the [migration](../migration.md) section of the site. + +## The first steps in Rspamd + +To install rspamd, I'd recommend using of the [official packages](https://rspamd.com/downloads.html) that are available for many popular platforms. If you'd like to have more features then you should consider `experimental` branch of packages, whilst if you'd like to have more stability then you could select the `stable` branch. However, normally even `experimental` branch is stable enough for the production usage, and the bugs are fixed more quickly in the `experimental` branch. + +## General spamassassin rules + +For those who has a lot of custom rules, there is good news: rspamd supports a certain set of SpamAssassin rules via special [plugin](../modules/spamassassin.md) that allows **direct** loading of SA rules into rspamd. You just need to specify all your configuration files in the plugin configuration: + +~~~nginx +spamassassin { + sa_main = "/etc/spamassassin/conf.d/*"; + sa_local = "/etc/spamassassin/local.cf"; +} +~~~ \ No newline at end of file