0

I'm considering switching from SpamAssassin to Rspamd as everybody raves about it. The feature set like improved bayes filtering and easy greylisting sounds interesting. There's a catch though: Rspamd requires Redis for all of this to work. And this comes with the next catch: Redis is absolutely unsuitable for a shared server environment, from what I can read in the documentation and other websites.

My server is a shared webhosting and e-mail environment. Users run their websites on the same server as the MTA runs on. Everybody has their own system user account and is isolated from other accounts. But Redis doesn't care about that and opens a TCP socket or UNIX socket which is accessible for local users. And it only supports a static, global, stored-in-plaintext password for the entire Redis server. And there can only be one server on a host, if you follow the OS packages (Ubuntu in this case) and don't install and manage it all manually. So if I restrict Redis to Rspamd use, I couldn't even make use of it for other services, too, because it's locked down. That doesn't scale at all, which I believe Redis is all about.

What options do I have now? Is it a good idea to use Rspamd with its Redis requirement in this environment? Do I need to buy/rent a seperate machine only for e-mail? Do I need to spend more weeks into a Docker environment to provide the necessary isolation of Redis? Can I use these Rspamd features without Redis or with a more secure Redis alternative? Or is Rspamd not worth it and I should continue to use SpamAssassin?

Redis feels much like the ancient protocols FTP or SMTP from the beginning of the internet. Which nobody raves about anymore today.

ygoe
  • 123
  • 1
  • 11
  • 1
    Redis wasn't really designed for your unusual environment. It was designed more for environments where a machine (or container) will have a single application running, and to support that single application whether it runs on the same instance or a large number of instances. – Michael Hampton Oct 01 '20 at 14:50
  • @MichaelHampton I wouldn't call it that unusual to run multiple services on a single host if there are plenty of computing resources, but less so financial and environmental (energy consumption). And there's lots of shared webhosting providers, so it can't be unusual. Maybe none of them uses Redis or a service that depends on it, like Rspamd. But that won't help Rspamd to become popular. – ygoe Oct 01 '20 at 15:23
  • The existence of shared web hosting isn't unusual. The unusual bit is the way such servers are generally set up and maintained. Which is a large part of the reason why the community here [rejects](https://meta.serverfault.com/q/8094/126632) questions about such environments. – Michael Hampton Oct 01 '20 at 15:59
  • Oh, good that I'm not using a standard web hosting "panel" solution but do it all myself. So I can ask the right questions. – ygoe Oct 01 '20 at 17:24

0 Answers0