Docs / Email Servers / Rspamd with Redis for Advanced Spam Filtering

Rspamd with Redis for Advanced Spam Filtering

By Admin · Mar 15, 2026 · Updated Apr 23, 2026 · 588 views · 3 min read

Rspamd is a high-performance spam filtering system that uses machine learning, neural networks, and traditional rule-based detection to classify email with exceptional accuracy. Combined with Redis for caching and statistics storage, Rspamd provides enterprise-grade spam protection for self-hosted mail servers. This guide covers installation, integration with Postfix, and tuning for optimal detection rates.

Why Rspamd?

  • Performance — written in C, processes thousands of messages per second
  • Machine learning — neural network classifier adapts to your specific spam patterns
  • Web interface — built-in dashboard for monitoring and training
  • Modern protocols — native DKIM signing/verification, ARC, DMARC
  • Redis integration — fast statistics, rate limiting, and greylisting

Installation

# Ubuntu/Debian
sudo apt install rspamd redis-server

# Rocky Linux/RHEL
sudo dnf install rspamd redis

# Start services
sudo systemctl enable --now rspamd redis

Redis Configuration

# /etc/redis/redis.conf — optimize for Rspamd
maxmemory 256mb
maxmemory-policy volatile-ttl
save 900 1
save 300 10

Rspamd Configuration

Main Configuration

# /etc/rspamd/local.d/redis.conf
servers = "127.0.0.1:6379";

# /etc/rspamd/local.d/classifier-bayes.conf
backend = "redis";
autolearn = true;
min_learns = 200;
new_schema = true;
expire = 8640000;  # 100 days

# /etc/rspamd/local.d/worker-normal.inc
bind_socket = "localhost:11333";

# /etc/rspamd/local.d/worker-proxy.inc
bind_socket = "localhost:11332";
milter = yes;
timeout = 120s;
upstream "local" {
    default = yes;
    self_scan = yes;
}

DKIM Signing

# /etc/rspamd/local.d/dkim_signing.conf
allow_username_mismatch = true;
domain {
    example.com {
        path = "/var/lib/rspamd/dkim/example.com.key";
        selector = "mail";
    }
}

# Generate DKIM key
sudo mkdir -p /var/lib/rspamd/dkim
sudo rspamadm dkim_keygen -s mail -d example.com -k /var/lib/rspamd/dkim/example.com.key > /var/lib/rspamd/dkim/example.com.txt
sudo chown -R _rspamd:_rspamd /var/lib/rspamd/dkim

Anti-Spam Modules

# /etc/rspamd/local.d/greylist.conf
enabled = true;
expire = 86400;  # Remember for 24 hours
timeout = 300;   # Greylist for 5 minutes

# /etc/rspamd/local.d/rbl.conf
# Real-time blacklists
rbls {
    spamhaus_zen {
        rbl = "zen.spamhaus.org";
        symbol = "RBL_SPAMHAUS";
        ipv4 = true;
    }
    barracuda {
        rbl = "b.barracudacentral.org";
        symbol = "RBL_BARRACUDA";
    }
}

# /etc/rspamd/local.d/phishing.conf
openphish_enabled = true;
phishtank_enabled = true;

# /etc/rspamd/local.d/neural.conf
enabled = true;
rules {
    NEURAL_SPAM {
        train {
            max_trains = 1000;
            max_usages = 20;
            learning_rate = 0.01;
        }
        ann_expire = 864000;
    }
}

Integrate with Postfix

# /etc/postfix/main.cf
smtpd_milters = inet:localhost:11332
non_smtpd_milters = inet:localhost:11332
milter_protocol = 6
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept
sudo systemctl restart postfix

Web Interface

# Set web interface password
sudo rspamadm pw
# Copy the hash

# /etc/rspamd/local.d/worker-controller.inc
password = "$2$hash_from_rspamadm_pw";
bind_socket = "localhost:11334";

# Access at http://localhost:11334
# Or proxy through Nginx for remote access

Training the Bayesian Filter

# Train on spam
rspamc learn_spam /path/to/spam-folder/

# Train on ham (legitimate mail)
rspamc learn_ham /path/to/ham-folder/

# Check Bayes statistics
rspamc stat

# Auto-learning: Rspamd automatically trains on messages
# with very high or very low scores when autolearn = true

Actions and Thresholds

# /etc/rspamd/local.d/actions.conf
reject = 15;        # Reject messages scoring above 15
add_header = 6;     # Add spam header above 6
greylist = 4;       # Greylist above 4
# Customize per your tolerance level

Monitoring

# Check Rspamd stats
rspamc stat

# View processing history
rspamc history

# Check Redis memory usage
redis-cli info memory

# Rspamd logs
sudo journalctl -u rspamd -f

Best Practices

  • Train the Bayesian filter with at least 200 spam and 200 ham messages before relying on it
  • Enable the neural network module for adaptive spam detection that improves over time
  • Use the web interface to monitor false positives and adjust thresholds
  • Configure Redis memory limits to prevent unbounded growth
  • Enable greylisting for significant spam reduction with minimal impact on legitimate mail
  • Subscribe to real-time blacklists (Spamhaus, Barracuda) for known spammer detection
  • Review and train on false positives regularly to improve filter accuracy

Was this article helpful?

Related Articles