Recently I have been implementing Rspamd for providing some automatic filtering for the emails hosted on my server, which are presently delivered by Exim to the Dovecot LDA.
For integrating Exim with Rspamd, I followed the Rspamd manual, but thing weren’t exactly working as expected.
I was frequently getting error messages such as:
Feb 7 11:10:44 stanke rspamd: (normal) <3a1c27>; task; accept_socket: accepted connection from 127.0.0.1 port 51289
Feb 7 11:10:44 stanke rspamd: (normal) <3a1c27>; task; rspamd_worker_error_handler: abnormally closing connection from: 127.0.0.1, error: IO timeout
with Exim at the same time reporting
2016-02-07 11:10:44 1aSMIm-0005QH-3P spam acl condition: Broken pipe on spamd socket
2016-02-07 11:10:44 1aSMIm-0005QH-3P H=mail1.mcsignup.com [18.104.22.168]:49767 Warning: ACL "warn" statement skipped: condition test deferred
In the majority of cases however the scan succeeded, so that a general misconfiguration could be ruled out. For some reason the socket connection between Exim and Rspamd seemed to break in some cases. I tried playing with the
spamd_address options of exim, in particular with
retry (see the Exim documentation on content scanning at ACL time), but to no avail.
What seems to have fixed the problem however was to define two entries for spam servers that Exim can connect to, despite the fact that they both refer to the same Rspamd instance. Exim seems to simply switch to the next (in fact same) server when seeing a „broken pipe“ and the reconnect seems to suffice to iron things out. Here is the relevant snippet to be inserted in
spamd_address = 127.0.0.1 11333 tmo=1m retry=10s variant=rspamd : \
127.0.0.1 11333 tmo=1m retry=10s variant=rspamd