From 5d6bc49a33684616d786360c4d07b3e3f70c7a30 Mon Sep 17 00:00:00 2001 From: Stephane de Labrusse Date: Tue, 3 Dec 2024 14:57:01 +0100 Subject: [PATCH 1/4] fix(rspamd): Set max_message size to 100MB in options.inc --- rspamd/etc/rspamd/local.d/options.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/rspamd/etc/rspamd/local.d/options.inc b/rspamd/etc/rspamd/local.d/options.inc index 6f993b04..d4813c11 100644 --- a/rspamd/etc/rspamd/local.d/options.inc +++ b/rspamd/etc/rspamd/local.d/options.inc @@ -7,3 +7,4 @@ dns { retransmits = 5; nameserver = ["127.0.0.1:11336:1"]; # local unbound instance } +max_message = 104857600; From 4081cf205b89a42d96cd07a9e9296bc6853df26e Mon Sep 17 00:00:00 2001 From: Stephane de Labrusse Date: Tue, 3 Dec 2024 16:37:44 +0100 Subject: [PATCH 2/4] feat(rspamd): add max_size configuration for ClamAV scans --- rspamd/usr/local/templates/antivirus.conf.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rspamd/usr/local/templates/antivirus.conf.j2 b/rspamd/usr/local/templates/antivirus.conf.j2 index bfbabfe5..dd315fd1 100644 --- a/rspamd/usr/local/templates/antivirus.conf.j2 +++ b/rspamd/usr/local/templates/antivirus.conf.j2 @@ -7,6 +7,8 @@ clamav { servers = "{= env.clamav_endpoint =}"; action = "reject"; + # If `max_size` is set, messages > n bytes in size are not scanned + max_size = {= env.clamavscansize | default(20000000) =}; scan_mime_parts = false; From 5ec524f5fea417e84f5e1b9c3670c20a0d0ccda6 Mon Sep 17 00:00:00 2001 From: Stephane de Labrusse Date: Tue, 3 Dec 2024 16:37:53 +0100 Subject: [PATCH 3/4] docs(rspamd): update README to include RSPAMD_clamavscansize configuration --- rspamd/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/rspamd/README.md b/rspamd/README.md index 8699a5bc..adcfd443 100644 --- a/rspamd/README.md +++ b/rspamd/README.md @@ -35,7 +35,10 @@ Well-known ports - `RSPAMD_bypass_score` If undefined (default) bypass rules are applied as an accept prefilter. Set to a negative number to turn the rules to ham score and run antivirus checks (e.g. `RSPAMD_bypass_score=-5.000`) - +- `RSPAMD_clamavscansize` sets the maximum size (default 20 MB) for + email attachments scanned by ClamAV in Rspamd. + Attachments larger than this value are skipped to optimize performance. + ## Volumes - `/etc/rspamd/override.d` Rspamd custom configuration From fe5959553488b655c176632c05207b9a171f7d1e Mon Sep 17 00:00:00 2001 From: Stephane de Labrusse Date: Tue, 3 Dec 2024 17:17:13 +0100 Subject: [PATCH 4/4] fix(rspamd): update default RSPAMD_clamavscansize to 2MB in README and configuration --- rspamd/README.md | 4 ++-- rspamd/usr/local/templates/antivirus.conf.j2 | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/rspamd/README.md b/rspamd/README.md index adcfd443..344738f7 100644 --- a/rspamd/README.md +++ b/rspamd/README.md @@ -35,10 +35,10 @@ Well-known ports - `RSPAMD_bypass_score` If undefined (default) bypass rules are applied as an accept prefilter. Set to a negative number to turn the rules to ham score and run antivirus checks (e.g. `RSPAMD_bypass_score=-5.000`) -- `RSPAMD_clamavscansize` sets the maximum size (default 20 MB) for +- `RSPAMD_clamavscansize` sets the maximum size (default 2 MB) for email attachments scanned by ClamAV in Rspamd. Attachments larger than this value are skipped to optimize performance. - + ## Volumes - `/etc/rspamd/override.d` Rspamd custom configuration diff --git a/rspamd/usr/local/templates/antivirus.conf.j2 b/rspamd/usr/local/templates/antivirus.conf.j2 index dd315fd1..cfce182f 100644 --- a/rspamd/usr/local/templates/antivirus.conf.j2 +++ b/rspamd/usr/local/templates/antivirus.conf.j2 @@ -8,7 +8,7 @@ clamav { action = "reject"; # If `max_size` is set, messages > n bytes in size are not scanned - max_size = {= env.clamavscansize | default(20000000) =}; + max_size = {= env.clamavscansize | default(2000000) =}; scan_mime_parts = false;