Managing rspamd effectively is a crucial skill for any system administrator. This tutorial provides step-by-step instructions for spam configuration, along with best practices for production environments.
Prerequisites
- A VPS running Ubuntu 22.04 or later (2GB+ RAM recommended)
- Basic familiarity with the Linux command line
- A clean IP address not on any blacklists
Server Installation
The default configuration works well for development environments, but production servers require additional tuning. Pay particular attention to connection limits, timeout values, and logging settings.
# Install Postfix and Dovecot
sudo apt update
sudo apt install -y postfix dovecot-core dovecot-imapd dovecot-lmtpd
# Configure Postfix main.cf
sudo postconf -e 'myhostname = mail.example.com'
sudo postconf -e 'mydomain = example.com'
sudo postconf -e 'smtpd_tls_cert_file = /etc/letsencrypt/live/mail.example.com/fullchain.pem'
sudo postconf -e 'smtpd_tls_key_file = /etc/letsencrypt/live/mail.example.com/privkey.pem'
Note that file paths may vary depending on your Linux distribution. The examples here are for Debian/Ubuntu; adjust paths accordingly for RHEL/CentOS-based systems.
Authentication Setup (SPF/DKIM)
Before making changes to the configuration, always create a backup of the existing files. This ensures you can quickly roll back if something goes wrong during the setup process.
# Generate DKIM key
sudo apt install -y opendkim opendkim-tools
sudo mkdir -p /etc/opendkim/keys/example.com
sudo opendkim-genkey -b 2048 -d example.com -D /etc/opendkim/keys/example.com -s default -v
# Add the DNS TXT record from:
cat /etc/opendkim/keys/example.com/default.txt
The configuration above sets the recommended values for a VPS with 2-4GB of RAM. Adjust the memory-related settings proportionally if your server has different specifications.
Configuration Options
When scaling this setup, consider vertical scaling (adding more RAM/CPU) first, as it's simpler to implement. Horizontal scaling adds complexity but may be necessary for high-traffic applications.
Client Configuration
The default configuration works well for development environments, but production servers require additional tuning. Pay particular attention to connection limits, timeout values, and logging settings.
# Install Postfix and Dovecot
sudo apt update
sudo apt install -y postfix dovecot-core dovecot-imapd dovecot-lmtpd
# Configure Postfix main.cf
sudo postconf -e 'myhostname = mail.example.com'
sudo postconf -e 'mydomain = example.com'
sudo postconf -e 'smtpd_tls_cert_file = /etc/letsencrypt/live/mail.example.com/fullchain.pem'
sudo postconf -e 'smtpd_tls_key_file = /etc/letsencrypt/live/mail.example.com/privkey.pem'
Note that file paths may vary depending on your Linux distribution. The examples here are for Debian/Ubuntu; adjust paths accordingly for RHEL/CentOS-based systems.
- Enable automatic security updates for critical patches
- Monitor disk space usage and set up alerts
- Review log files weekly for anomalies
- Keep your system packages updated regularly
Common Issues and Solutions
- Slow performance: Check for disk I/O bottlenecks with
iostat -x 1and network issues withmtr. Review application logs for slow queries or requests. - Service won't start: Check the logs with
journalctl -xe -u rspamd. Common causes include port conflicts, missing configuration files, or insufficient permissions. - Connection timeout: Verify your firewall rules allow traffic on the required ports. Use
ss -tlnpto confirm the service is listening on the expected port.
Next Steps
With rspamd now set up and running, consider implementing monitoring to track performance metrics over time. Regularly review your configuration as your workload changes and scale resources accordingly.