Skip to content

JustinGuese/rspamd-iscan

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

86 Commits
.github/workflows
.github/workflows
 
 
helm
helm
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 

Repository files navigation

rspamd-iscan

build build-publish-docker

The main repository is at fho/rspamd-iscan. This repo provides the Docker image and Helm chart.

rspamd-iscan is a daemon that monitors IMAP mailboxes and sends new mails to Rspamd for spam analysis and training. It decouples spam filtering from mail delivery — allowing the MDA, Rspamd, and rspamd-iscan to run on entirely separate hosts. For example, you can filter mails on the IMAP server of your third-party provider using your self-hosted Rspamd instance. It is similar to isbg but uses Rspamd instead of SpamAssassin.

Quick start (Docker)

Build and run locally:

docker build -t rspamd-iscan .

docker run -d \
  --name rspamd-iscan \
  -v /path/to/config.toml:/etc/rspamd-iscan/config.toml \
  rspamd-iscan

Or pull the pre-built image:

docker pull guestros/rspamd-iscan

Helm (Kubernetes)

The Helm chart deploys the full stack: Rspamd + rspamd-iscan, with an optional in-cluster Redis.

Install

Copy helm/examplevalues.yaml, fill in your IMAP details and password, then install:

cp helm/examplevalues.yaml myvalues.yaml
# edit myvalues.yaml

helm install rspamd-iscan oci://ghcr.io/justinguese/rspamd-iscan \
  -f myvalues.yaml -n spamfilter --create-namespace

No manual secret creation needed — all credentials go in your values file and are stored in a Kubernetes Secret by Helm. The Rspamd controller password is auto-generated on first install.

All options are documented in helm/rspamd-iscan/values.yaml.

IMAP mailbox setup

The rspamdIscan.mailboxes section controls which IMAP folders are used:

Key Purpose Default
scan Incoming unprocessed mail — rspamd-iscan watches this INBOX.Unscanned
inbox Clean mail is moved here after scanning INBOX
spam Detected spam is moved here INBOX.Junk
ham Drop false positives here to train Rspamd INBOX
undetected Drop missed spam here to train Rspamd INBOX.Undetected
backup Archive copy of all processed messages INBOX.BackupMailbox

Note: Undetected, Unscanned, and BackupMailbox are non-standard folders — most providers won't create them automatically. Create them manually in your mail client or provider's webmail before deploying.

Recommended mail provider setup: Configure a server-side rule to deliver all incoming mail into the scan folder instead of INBOX. rspamd-iscan will then sort it automatically.

I am using Hostinger Email (~€1/month) — good, cheap, and works great with this setup. If this saved you some time, feel free to use the referral link and buy me a coffee ☕

How training works

  • Missed spam in inbox → drag it to undetected — rspamd-iscan will use it as a spam training example
  • Legitimate mail in spam → drag it to ham — rspamd-iscan will use it as a ham training example

CI / Docker image

The GitHub Actions workflow builds and publishes a new Docker image automatically:

  • On every push to main (e.g. Dockerfile changes)
  • Weekly, if the upstream repo (fho/rspamd-iscan) has new commits — checked via commit SHA caching, so no unnecessary rebuilds

To publish images from your own fork, configure:

  1. Settings → Secrets and variables → Actions
  2. Add variable DOCKERHUB_USERNAME — your Docker Hub username
  3. Add secret DOCKERHUB_TOKEN — a Docker Hub access token

About

docker/helm chart for spam-checking IMAP mailboxes with rspamd

Topics

spam email emails spam-protection spam-filtering spam-detection

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Dockerfile 100.0%