1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
% RSPAMC(1) Rspamd User Manual
# NAME
`rspamc` - rspamd command line client
# SYNOPSIS
rspamc [*options*] [*command*] [*input-file*]...
rspamc --help
# DESCRIPTION
`rspamc` is a simple rspamd client, primarily for classifying or learning messages.
`rspamc` supports the following commands:
* Scan commands:
* `symbols`: scan message and show symbols (default command)
* Control commands
* `learn_spam`: learn message as spam
* `learn_ham`: learn message as ham
* `fuzzy_add`: add message to fuzzy storage (check `-f` and `-w` options for this command)
* `fuzzy_del`: delete message from fuzzy storage (check `-f` option for this command)
* `stat`: show rspamd statistics
* `stat_reset`: show and reset rspamd statistics (useful for graphs)
* `counters`: display rspamd symbols statistics
* `uptime`: show rspamd uptime
* `add_symbol`: add or modify symbol settings in rspamd
* `add_action`: add or modify action settings
Control commands that modify rspamd state are considered privileged and require a password to be specified with the `-P` option (see **OPTIONS**, below, for details).
This depends on a controller's settings and is discussed in the `rspamd-workers` page (see **SEE ALSO**, below, for details).
`Input files` may be either regular file(s) or a directory to scan. If no files are specified `rspamc` reads
from the standard input. Controller commands usually do not accept any input, however learn* and fuzzy* commands
requires input.
# OPTIONS
-h *host[:port]*, \--connect=*host[:port]*
: Specify host and port
-P *password*, \--password=*password*
: Specify control password
-c *name*, \--classifier=*name*
: Classifier to learn spam or ham (bayes is used by default)
-w *weight*, \--weight=*weight*
: Weight for fuzzy operations
-f *number*, \--flag=*number*
: Flag for fuzzy operations
-p, \--pass
: Pass all filters
-v, \--verbose
: More verbose output
-i *ip address*, \--ip=*ip address*
: Emulate that message was received from specified ip address
-u *username*, \--user=*username*
: Emulate that message was received from specified authenticated user
-d *user@domain*, \--deliver=*user@domain*
: Emulate that message was delivered to specified user (for LDA/statistics)
-F *user@domain*, \--from=*user@domain*
: Emulate that message has specified SMTP FROM address
-r *user@domain*, \--rcpt=*user@domain*
: Emulate that message has specified SMTP RCPT address
\--helo=*helo_string*
: Imitate SMTP HELO passing from MTA
\--hostname=*hostname*
: Imitate hostname passing from MTA (rspamd assumes that it is verified by MTA)
-t *seconds*, \--timeout=*seconds*
: Timeout for waiting for a reply (can be floating point number, e.g. 0.1)
-b *host:port*, \--bind=*host:port*
: Bind to specified ip address
-R, \--human
: Output human readable report. The first line of the output contains the message score and three threshold scores, in this format:
: score/greylist/addheader/reject,action=N:ACTION,spam=0|1,skipped=0|1
-j, \--json
: Output formatted JSON
\--ucl
: Output UCL
\--raw
: Output raw data received from rspamd (compacted JSON)
\--headers
: Output HTTP headers from a reply
\--extended-urls
: Output URLs in an extended format, showing full URL, host and the part of host that was used by surbl module (if enabled).
-n *parallel_count*, \--max-requests=*parallel_count*
: Maximum number of requests to rspamd executed in parallel (8 by default)
-e *command*, \--execute=*command*
: Execute the specified command with either mime output (if `mime` option is also specified) or formatted rspamd output
\--mime
: Output the full mime message instead of scanning results only
\--header=*header*
: Add custom HTTP header for a request. You may specify header in format `name=value` or just `name` for an empty header. This option can be repeated multiple times.
\--sort=*type*
: Sort output according to a specific field. For `counters` command the allowed values for this key are `name`, `weight`, `frequency` and `hits`. Appending `:asc` to any of these types inverts sorting order.
\--commands
: List available commands
# RETURN VALUE
On exit `rspamc` returns `0` if operation was successful and an error code otherwise.
# EXAMPLES
Check stdin:
rspamc < some_file
Check files:
rspamc symbols file1 file2 file3
Learn files:
rspamc -P pass learn_spam file1 file2 file3
Add fuzzy hash to set 2:
rspamc -P pass -f 2 -w 10 fuzzy_add file1 file2
Delete fuzzy hash from other server:
rspamc -P pass -h hostname:11334 -f 2 fuzzy_del file1 file2
Get statistics:
rspamc stat
Get uptime:
rspamc uptime
Add custom rule's weight:
rspamc add_symbol test 1.5
Add custom action's weight:
rspamc add_action reject 7.1
# SEE ALSO
Rspamd documentation and source code may be downloaded from
<https://rspamd.com/>.
[rspamd-workers]: https://rspamd.com/doc/workers/
|