You can watch the following [introduction video](https://www.youtube.com/watch?v=_fl9i-az_Q0) from the [FOSDEM-2016](http://fosdem.org) where I describe the main features of Rspamd and explain why Rspamd runs so fast.
Rspamd is [packaged](https://rspamd.com/downloads.html) for the major Linux distributions and is also available via [FreeBSD ports](https://freshports.org/mail/rspamd), NetBSD [pkgsrc](https://pkgsrc.org) and [OpenBSD ports](http://openports.se/mail/rspamd).
traditionally used monograms (or words literally speaking), that is described in details in the following [paper](http://osbf-lua.luaforge.net/papers/osbf-eddc.pdf).
* **Fuzzy hashes** - for checking of malicious mail patterns Rspamd uses so called `fuzzy hashes`. Unlike normal hashes, these structures are targeted to hide
small differences between text patterns allowing to find similar messages quickly. Rspamd has internal storage of such hashes and allows to block mass spam sendings
quickly based on user's feedback that specifies messages reputation. Moreover, this allows to feed Rspamd with data from [`honeypots`](http://en.wikipedia.org/wiki/Honeypot_(computing)#Spam_versions)
Rspamd uses the conjunction of different techniques to make the final decision about a message. This allows to improve the overall quality of filtering and reduce the number of
false positives (e.g. when a innocent message is badly classified as a spam one). I have tried to simplify Rspamd usage by adding the following elements:
* **Web interface** - Rspamd is shipped with the fully functional Ajax-based web interface that allows to observe Rspamd statistic, to configure rules, weights and lists, to scan
and learn messages and to view the history of scans. The interface is self-hosted, requires zero configuration and follows the recent web applications standards. You don't need a
* **Integration with MTA** - Rspamd can work with the most popular mail transfer systems, such as Postfix, Exim or Sendmail. For Postfix and Sendmail, there is an [`Rmilter` project](https://github.com/vstakhov/rmilter),
whilst for Exim there are several solutions to work with Rspamd. Should you require MTA integration then please consult with the [integration guide](https://rspamd.com/doc/integration.html).
* **Extensive Lua API** - Rspamd ships with hundreds of [Lua functions](https://rspamd.com/doc/lua) that are available to write own rules for efficient and targeted spam filtering.
* **Dynamic tables** - Rspamd allows to specify bulk lists as `dynamic maps` that are checked in runtime with updating data when they are changed. Rspamd supports file, HTTP and HTTPS maps.
Rspamd is designed to be fast. The core of Rspamd is written in `C` and uses an event-driven model that allows to process multiple messages simultaneously and without blocking.
Moreover, a set of techniques is used in Rspamd to process messages faster:
* **Finite state machines processing** - Rspamd uses specialized finite state machines for the performance critical tasks to process input faster than a set of regular expressions.
Of course, it is possible to implement these machines by ordinary `Perl regular expressions` but then they won't be compact or human-readable. On the contrary, Rspamd optimizes
* **Expressions optimizer** - allows to optimize expressions by execution of `likely false` or `likely true` expressions in order in the branches. That allows to reduce number of
* **Symbols optimizer** - Rspamd tries to check first the rules that are frequent or inexpensive in terms of time or CPU resources which allows to block spam before processing of
* **Event driven model** - Rspamd is designed not to block anywhere in the code and knowing that a spam check requires a lot of network operations, Rspamd can process many messages
simultaneously increasing the efficiency of shared DNS caches and other system resources. Moreover, event-driven system normally scales automatically and you won't need to do any
* **Hyperscan regular expressions engine** - Rspamd utilizes [Hyperscan](https://01.org/hyperscan) engine to match multiple regular expressions at the same time. You can watch the following [presentation](https://highsecure.ru/rspamd-hyperscan.pdf) where the main benefits of Hyperscan are described.
* **Clever choice of data structures** - Rspamd tries to use the optimal data structure for each task. For example, it uses very efficient suffix tries for fast matching of a text
Besides its `C` core, Rspamd provides an extensive [Lua](http://lua.org) API to access almost all the features available directly from `C`. Lua is an extremely easy
to learn programming language though it is powerful enough to implement complex mail filters. In fact Rspamd has a significant amount of code written completely in Lua such as
DNS blacklists checks, user's settings or different maps implementation. You can also write your own filters and rules in Lua adopting Rspamd functionality to your needs.
Furthermore, Lua programs are very fast and their performance is rather [close](http://attractivechaos.github.io/plb/) to pure `C`. However, you should mention that for the most
of performance critical tasks you usually use the Rspamd core functionality than Lua code. Anyway, you can also use `LuaJIT` with Rspamd if your goal is maximum performance.
* **Reading the configuration parameters** - Lua code has the full access to the parsed configuration knobs and you can easily modify your plugins behaviour by means of the main
* **Registering custom filters** - it is more than simple to add your own filters to Rspamd: just add new index to the global variable `rspamd_config`:
* **Full access to the content of messages** - you can access text parts, headers, SMTP data and so on and so forth by using of `task` object. The full list of methods could be found
[here](https://rspamd.com/doc/lua/task.html).
* **Pre- and post- filters** - you can register callbacks that are called before or after messages processing to make results more precise or to make some early decision,
* **Managing statistics** - Lua scripts can define a set of statistical files to be scanned or learned for a specific message allowing to create more complex
* **Standalone Lua applications** - you can even write your own worker based on Rspamd core and performing some asynchronous logic in Lua. Of course, you can use the
all features from Rspamd core, including such features as non-blocking IO, HTTP client and server, non-blocking Redis client, asynchronous DNS, UCL configuration and so on
* **API documentation** - Rspamd Lua API has an [extensive documentation](https://rspamd.com/doc/lua) where you can find examples, references and the guide about how to extend