← Back to Guardian

Rspamd Integration

The Mailuminati Guardian integrates seamlessly with Rspamd through a dedicated Lua module. It acts as a prefilter to analyze message structures before they hit your main scoring engine.

LUA MODULE

How it Works

The module uses the rspamd_http library to perform asynchronous calls to the Guardian API. It sends the raw message content to the /analyze endpoint to compute structural fingerprints.

Asynchronous: Does not block the Rspamd main thread.
Priority: Runs as a prefilter with a priority of 10.
Caching: Stores structural hashes in the task cache for subsequent use.

Registered Symbols

Based on the Guardian's analysis, the following symbols are inserted into the Rspamd result:

MAILUMINATI_SPAM: Triggered when a structural DNA match is found (Default score: 10.0).
MAILUMINATI_SUSPICIOUS: Triggered on strong structural proximity (Default score: 4.0).

Installation

1. Copy mailuminati.lua to your Rspamd lua directory (usually /etc/rspamd/lua/).

2. Configure the module in /etc/rspamd/local.d/mailuminati.conf:

mailuminati {
    endpoint = "http://127.0.0.1:12421/analyze";
    timeout = 5.0;
    spam_score = 12.0; -- Optional override
    suspicious_score = 5.0; -- Optional override
}

Metrics & Logs

The module logs its activity via the standard Rspamd logger. You can monitor the structural matches in your Rspamd history or via the rspamadm statistics.

# Example log output
Mailuminati: MODULE LOADED
Mailuminati response body: {"action": "reject", "label": "match", "proximity_match": true}