On 12/09/17 17:46, Phil Pennock wrote: > Vsevolod,
>
> You wrote:
> } However, the current integration between Rspamd and Exim is not very
> } good so far (legacy proto which I have to support in Rspamd just for
> } Exim, absence of interaction on before-data stages and so on). Perhaps,
> } it is a topic of some separate discussion at some point...
>
> I don't use rspamd, although I did set it up once (a decade ago?). I
> was unaware that there is a problem here.
>
> What's going on? What would you _like_ to see?
Well, let me explain the current issues.
1. First of all, Exim is the only consumer of the legacy SA-like
protocol. Rspamd has switched to HTTP for about 5 years so far. There is
also encryption extension for HTTP called HTTPCrypt but I can also add
HTTPS support in case if somebody really needs it.
The reply format is now JSON instead of some custom protocol. I don't
know how hard it would be to add some JSON parser to Exim and if there
is any intention to do it.
2. Secondly, Rspamd now provides much more information than just spam
scan: it can offer to remove/add headers, add DKIM/ARC signatures and so
on. Unfortunately, that's not possible to do with the Exim integration
because of the previous issue.
3. I'm eager to have better integration with Exim like I have with
Postfix/Sendmail using milter protocol. Rspamd can look at SMTP sessions
on a more earlier stages (e.g. for IP reputation or RBL lookups) and it
can have more information back from Exim. Delays between SMTP commands,
TCP segments sizes, tarpitting information etc: all could be useful to
build efficient rules and ML models.
In fact, I'm mostly interested in Rspamd users who also use Exim: then
we can sit and think what could be improved in the current integration.
But the principal question is (1): support of HTTP/JSON protocol...