Skip to content

Releases: rspamd/rspamd

Release 4.1.1

Choose a tag to compare

@vstakhov vstakhov released this 19 Jun 14:58
0f29274

Features

  • Neural: Add pluggable feature-provider and ANN-architecture registries, a sequence output mode with SIF word selection for fasttext_embed, a multi-head attention pooling operator in kann, and slice/concat graph transforms in lua_kann.
  • checkv3: Negotiate representation and compression via Accept/Accept-Encoding.
  • CSS: Detect more text-hiding tricks — off-screen positioning, clip, negative text-indent, and tiny fonts.
  • Lua libraries: Bound zip-bomb expansion with opt-in extraction limits (size, count, ratio) in lua_archive, add byte-distribution statistics methods (entropy, byte mean/deviation, serial correlation, Monte-Carlo Pi) in lua_text, and expose a zlib/YARA-compatible crc32 for rspamd_text, rspamd_util, and cryptobox hash.
  • Multipattern: Add an explicit SOM (start-of-match) flag and fix regex-fallback offsets.

Bug fixes

  • DNS: Do not defer resolver nameservers, fixing a SIGSEGV at worker startup (regression in 4.1.0).
  • Lua runtime: Add state/generation guards and refcounting to the coroutine thread pool to prevent use-after-free on async completion, and avoid a lua_worker deadlock when a spawned subprocess returns an invalid value.
  • Neural: Stabilise training on dense embedding inputs (funnel architecture, input-typed learning rate, single-class quality gate) and stop stranding trained ANNs behind stale high-version tombstones.
  • checkv3: Register the /checkv3 controller endpoint and use a case-preserving boundary for v3 HTTP multipart parsing.
  • URL: Scan bare query-embedded URLs containing = as a whole, and stop multiplying URLs that contain multiple @ signs and backslashes.
  • CSS: Detect text hidden via overflow clipping, opacity, and max-width/height.
  • Milter: Send QUARANTINE even with a caller-supplied reply (regression from 3.10.0).
  • Checks: Classify loopback-only MX as MX_LOCAL_ONLY instead of MX_BOGON_ONLY, use alphanumeric-only random DNS prefixes for random_monitored RBL checks, and fix timeout inflation in pre/postfilter priority grouping.
  • Build: Fix the build with OpenSSL 4.0 opaque ASN1_STRING, make the mime_string iterator const for the doctest 2.5.0 build, and prioritise bundled simdutf headers over system ones.

Full changelog: 4.1.0...4.1.1

Release 4.1.0

Choose a tag to compare

@vstakhov vstakhov released this 05 Jun 11:45
e2b0b18

Incompatible changes

  • mx_check: three-layer Redis cache and finer outcome symbols (MX_NONE replaces MX_NXDOMAIN/MX_MISSING)
  • fuzzy_check: discover rspamd.com servers via SRV by default

Features

  • Upstreams: load-aware Power of Two Choices selection, per-upstream latency EWMA, slow start on revive, per-target SRV expansion honouring weights and error budgets, and deferred DNS so transient startup failures no longer drop upstreams
  • url_redirector: chain-aware cache with intermediate hop injection, coherent browser fingerprint profiles for stealth resolution, glob-based redirector_hosts_map, and a per-URL GET allowlist
  • mx_check: IP-class classification, bad_mxs/bad_ips trust maps, and per-source checks
  • Protocol (/checkv3): expose custom metadata via metadata headers and task:get_metadata()
  • Composites: hot-reloadable dynamic composites map
  • Lua API: bulk and regexp symbol lookups on task; phase-specific (connect/read/write) timeouts and an on_error callback for lua_tcp; lua_extras structured loader for custom selectors, maps, and regexps with cross-kind dependency ordering; and lua_feedback_parsers for DSN and ARF reports
  • Scan timeouts: report pending async events and stalled symbols when a scan times out
  • Selectors: add fuzzy_digest, fuzzy_shingles, authenticated, and received_count
  • Logging & reporting: ClickHouse named extra_columns presets (with an outbound preset) and richer Elastic logs (Reply-To, received IPs, URL metadata, forcing module)
  • external_services & scanners: per-service <RULE>_CHECK anchor symbol for dependency ordering, plus eXpurgate engine support in lua_scanners
  • HTML/HTTP: HTML5 tag definitions (video/audio/picture/svg/…) and optional insertion-ordered HTTP header emission
  • Tooling: rspamadm control memstat for per-worker memory dumps (RSS, mempool callsites, Lua heap, jemalloc), dmarc_report --batch-wait, and autolearnstats --sort-by/--group
  • Containers & misc: env-overridable baseline pidfile and logging, auto-load of the shipped fasttext model when present, and fixed-point (%.Nf) formatting with correct rounding in fpconv

Bug fixes

  • Security hardening (parsers): fix NULL deref on S/MIME with empty pkcs7-data, bound S/MIME recursion depth, harden RAR/ZIP/7-zip parsers against malformed input, fix OOB reads in CSS ident-escape scanning, find_eoh lookahead, bare spf2. records, and empty/all-dots URL hosts, reject DNS labels that overrun the packet, prevent an HTML entity-decode buffer overflow, and add defensive mime_parser guards
  • Security hardening (DoS & deps): bound URL query-scan reentrancy on nested query URLs (multipattern), avoid uninitialised bytes in rfc2047 decode, guard image linking against a NULL decoded header, and port libucl upstream security fixes (msgpack, parser bounds, schema)
  • fuzzy_storage: harden network input paths, fix peer-pipe partial-write resume and shutdown drain, plug a per-refresh leak in dynamic ban inserts and a per-frame leak on persistent TCP connections, and stop blocking allowed clients on TCP
  • neural: preserve the trained ANN across symbol-list drift and symcache-driven profile rotation, and stabilise the profile digest under disable_symbols_input while retargeting training to the newest profile
  • upstream: refill the token bucket over time so a flapping upstream recovers, and avoid an infinite loop in get_random when the only candidate is excluded
  • URLs: canonicalise mailto: URIs and bare emails to a slash-less form (RFC 6068), keep URLs with long userinfo (userinfo-obfuscation phishing), preserve the verbatim href as url->raw, and require TLD ≥ 3 chars for word_dot naked-domain matches
  • protocol (/checkv3): apply inline metadata.settings and populate request headers
  • composites: avoid over-eager second-pass deferral so filter-stage composites are visible from postfilters
  • Lua modules: fix a lua_tcp connection leak on read without write, resolve the Redis master for rspamadm tools under Sentinel, use Queue:new() in elastic, floor the dmarc connect timestamp for PUC Lua compatibility, separate the greylisting period from the Redis connection timeout, and write rspamadm vault output to stdout directly
  • Headers & encoding: emit ARC headers deterministically, map DKIM permfail to dkim=permerror in Authentication-Results, honour mime_utf8 in the INVALID_MSGID rule, correct lengths after in-place mime-header rewrites, keep capture groups that follow an empty one in regexp, and skip ICU conversion for the synthetic x-binaryenc charset
  • Misc: track all buckets in ratelimit selector rules, warn when task_timeout is less than the symcache symbol timeout, and use string_view::data() to fix libc++ builds

Full changelog: 4.0.1...4.1.0

Release 4.0.1

Choose a tag to compare

@vstakhov vstakhov released this 05 Apr 19:31
4.0.1
8700333

Features

  • Settings merge: Layered collect-then-merge flow for settings, weak dependencies and disabled status in symcache, force-enable override for settings conflicts
  • Fuzzy dynamic blocks: Dynamic block API for fuzzy storage worker, custom response codes (403 for ratelimits vs 503 for bans), ratelimit_whitelist check exposed to Lua

Bug fixes

  • Proxy milter fd leak: Original fd was not closed after milter dup(), leaking one fd per milter connection — caused unbounded CLOSE_WAIT accumulation in production (regression in 4.0.0)
  • Proxy self-scan task timeout: Used upstream wire timeout (e.g. 120s) instead of task_timeout (8s default) for self-scan tasks
  • ARC AAR parsing (#5963): Replace naive semicolon split with LPeg grammar respecting RFC 8601 comments and quoted strings — fixes cv=fail on multi-hop ARC chains where i=N appeared inside comments
  • Fix ev_now() usage for dynamic ban expiry
  • Fix deps in pre/postfilters and settings flow
  • Fix missing #include <memory> in redis_backend.cxx

Full changelog: 4.0.0...4.0.1

4.0.0

Choose a tag to compare

@vstakhov vstakhov released this 30 Mar 12:59
4.0.0
4a2ab73

Rspamd 4.0.0 Released

Date: March 30, 2026 | Type: Major Release


Upgrade Notes

Action required for per-user Bayes with Redis sharding: Jump Hash has been replaced with Ring Hash (Ketama). Run rspamadm statistics_dump migrate after upgrading or accept temporary accuracy loss as data is re-learned. Single Redis server setups are not affected.

Other breaking changes

  • Content URLs included by default — URLs from PDF and other computed parts are now returned by task:get_urls(). Set include_content_urls = false in local.d/options.inc to restore old behavior.
  • SSL auto-detectionssl = true worker option removed; SSL is now auto-detected from bind socket flags.
  • libfasttext removed — Replaced with built-in mmap-based shim. ENABLE_FASTTEXT cmake option no longer exists. Existing models still work with massive memory savings.
  • SenderScore RBLs disabled — Requires MyValidity account registration; was non-functional without it.
  • Suspicious TLDs now map-based — Hardcoded list replaced with conf/maps.d/suspicious_tlds.inc, customizable via local.d/.
  • Neural autolearn options renamed — Now match RBL module naming conventions.
  • Token bucket load balancing — Enabled by default for proxy upstreams, replacing simple round-robin.
  • DKIM RFC conformance — Unknown and broken DKIM keys now handled per RFC.

Key Features

/checkv3 Multipart Protocol

New /checkv3 endpoint using multipart/form-data requests and multipart/mixed responses. Metadata sent as structured JSON/msgpack instead of HTTP headers. Per-part zstd compression, zero-copy writev responses, and proxy support. Client-side: rspamc --protocol-v3 / rspamc --msgpack.

Pluggable Async Hyperscan Cache

Hyperscan compilation and caching moved to an async Lua backend with Redis storage support. Shared hyperscan databases across workers and hosts. Self-healing cache auto-detects stale blobs and triggers recompile. Small databases compiled in-memory without file caching.

Multi-Flag Fuzzy Hashes

Single fuzzy hash can carry up to 8 flags simultaneously (epoch 12). Multiple rules match the same digest with independent flag/value pairs. Redis update path rewritten in Lua with EVALSHA + NOSCRIPT recovery. Fully backward-compatible.

HTML Fuzzy Phishing Detection

Dual-mode fuzzy: template matching + domain-sensitive matching. New FUZZY_HTML_PHISHING symbol fires when an HTML template matches but link domains differ — detecting reused phishing templates with swapped links.

HTTPS Server Support

Workers can now serve HTTPS natively, enabling secure WebUI and API without a reverse proxy. SSL auto-detected from bind socket configuration.

Built-in Fasttext Shim

External C++ library replaced with zero-dependency mmap-based reader. Shared memory across workers (MAP_SHARED) eliminates per-worker heap copies (~500MB-7GB savings). Hot-reloadable via maps infrastructure.

UUID v7 Per Task

Native UUID v7 generation per task, synced with Log-Tag header. New ClickHouse UUID v7 column support for correlation across systems.

Neural / LLM Embeddings

External pretrained neural model support. Multi-layer funnel architecture with language-based model/URL selection. Multi-model fasttext embedding with SIF word weighting. Expression-based autolearn for LLM providers.

Multi-Class Bayes

Classifiers support arbitrary classes beyond binary spam/ham. WebUI learning UI, /stat and /bayes/classifiers endpoints updated. Shard migration tool for the Jump Hash to Ring Hash transition.

Legacy Protocol Enhancements

Milter add/remove headers and extended symbol info now exposed in RSPAMC/SPAMC text protocol. Enables Exim and other legacy clients to access milter headers.


Other Notable Features

  • Token bucket load balancing for proxy upstreams with configurable burst parameters
  • Ring Hash (Ketama) consistent hashing with true minimal disruption and recovery
  • Structured metadata exporter with zstd compression and detected MIME types
  • ARC trusted_authserv_id for reusing upstream Authentication-Results headers
  • Reply-To validity checks in headers_checks
  • Fuzzy hashes in Redis history for matched hash tracking
  • HTTP content negotiation framework with zstd compression for /stat endpoint
  • Attachment filename sub-tokens for improved Bayes classifier accuracy
  • GPT module — configurable consensus thresholds and context_augment hook
  • New rspamadm subcommandsautolearnstats, logstats, mapstats
  • ASCII85 decode and PDF object padding evasion fixes for PDF extraction

Critical Fixes

  • Stop ev_io watcher in fuzzy UDP session destroy (use-after-free)
  • Fix CPU busy-loop in fuzzy TCP client
  • RHEL/CentOS 10+ SHA-1 DKIM crypto-policy bypass
  • DKIM RSA signing memory leak fix
  • Self-healing hyperscan cache for stale blobs
  • Multiple use-after-free fixes on config reload (regexp maps, multipatterns)
  • PCRE2 complexity checks before JIT compilation
  • Rework alternative parts detection (R_PARTS_DIFFER)
  • SPF address family flag inheritance fix
  • Ratelimit compatibility with old records
  • Default map URL path to "/" when no path component (crash fix)

Changelog

3.14.2

Choose a tag to compare

@vstakhov vstakhov released this 11 Dec 11:50
3.14.2
e6f401a

🚀 Rspamd 3.14.2 Released!

Date: December 10, 2025 | Type: Patch Release


🔥 Key Features

📤 Metadata Exporter Enhancements

  • New formatters: multipart, msgpack, and json_with_message
  • Binary message support and efficient multipart uploads
  • Deprecated old meta_headers option in favor of new formatters

🛡️ DMARC RUA Validation

  • New rspamadm dmarc_report --recheck-rua flag
  • Re-validate cached report addresses against exclusion maps
  • Useful for validating domains against RBLs before sending reports

✉️ Milter Headers Control

  • Selective Authentication-Results removal with remove_ar_from
  • Target specific domains for header cleanup

📚 Documentation

  • Added comprehensive Python/aiohttp example for handling multipart metadata exports

🔗 GitHub | Changelog

Patch release focused on Metadata Exporter flexibility and DMARC reporting improvements. Recommended upgrade for metadata export users! 🎯

3.14.0

Choose a tag to compare

@vstakhov vstakhov released this 11 Nov 14:08
3.14.0
e6391dc

🚀 Rspamd 3.14.0 Released!

Date: November 10, 2025 | Type: Major Release


🔥 Major Features

🎯 HTML Fuzzy Hashing

  • Structural similarity detection for HTML content (#5661, #5720)
  • Per-rule text_hashes toggle for HTML-only matching

🌐 TCP Fuzzy Protocol

  • Full TCP support with auto-switch from UDP (#5669)
  • Production-ready connection management and framing

🔗 Advanced URL Processing

  • New task:get_cta_urls() API for CTA detection (#5732)
  • DoS protection: hash-based deduplication with 50k URL limit
  • HTML URL rewriting infrastructure (#5676)

🤖 AI & WebUI

  • Web search context for LLM plugin with Redis caching (#5732)
  • Dark mode with auto-detection (#5725)

📧 Email & Integration

  • Advanced aliases with loop detection (#5655)
  • Milter ESMTP argument parsing with Lua API (#5663)
  • Postfix wizard for automated integration (#5667)

🐛 Critical Fixes

🌐 DNS Stability

  • Fixed UDP→TCP packet truncation on retransmits (#5739)
  • Fixed transaction ID collision and nameserver round-robin (#5721, #5739)

🔒 Memory & Stability

  • Fixed allocator crashes (jemalloc/malloc mixing) (#5721, #5724)
  • Fixed memory leaks in fuzzy storage, OpenSSL, UCL (#5709)
  • Hyperscan runtime version check prevents cache corruption (#5724)

📊 DMARC & Protocol

  • Fixed Redis connection exhaustion with batching + GC (#5737)
  • ARC RFC 8617 compliance + ed25519 support (#5684)
  • Composites two-phase evaluation (#5681)

🐧 BSD & Security

  • Fixed FreeBSD/NetBSD/OpenBSD builds (#5726, #5729)
  • Fuzzy TCP race conditions and buffer overflows (#5669)

⚡ Performance

  • khash migration for better fuzzy_check performance (#5720)
  • Intrusive heap implementation (#5693)
  • Configurable Bayes guards (#5701)

Total: 139 improvements across 45 PRs

🔗 GitHub | Changelog

Major upgrade with HTML fuzzy matching, critical DNS fixes, and memory leak resolution. Highly recommended! 🎯

3.13.2

Choose a tag to compare

@vstakhov vstakhov released this 14 Oct 14:11
3.13.2
8bf6022

What's Changed

  • [Feature] Add user/domain context support for LLM-based classification by @vstakhov in #5647
  • Implement Metadefender hash lookup module by @vstakhov in #5656
  • Add vault kv version 2 support by @vstakhov in #5654
  • Fix duplicate symbol in once_received plugin by @vstakhov in #5658
  • [Fix] Enforce server-controlled HTTP map refresh intervals by @vstakhov in #5660
  • [Fix] Propagate unused Redis Sentinel options by @fatalbanana in #5597
  • Fix rspamd dkim key loading for ed25519 by @vstakhov in #5664
  • Fix dkim relaxed bodyhash calculation for spaces by @vstakhov in #5662
  • Feat: Added rua address exclusion in dmarc.lua by @croessner in #5653
  • [Feature] Add separate encryption keys for read/write operations in fuzzy_check by @vstakhov in #5665

Full Changelog: 3.13.1...3.13.2

3.13.1

Choose a tag to compare

@vstakhov vstakhov released this 30 Sep 10:28
3.13.1
ca8301f

Added

  • Archive module: Full support for encrypted ZIP archives, including both ZipCrypto and AES encryption; both reading and writing of AES-encrypted ZIP archives is supported with updated Lua bindings using libarchive for flexible compatibility with all standard ZIP encryption schemes
  • Encrypted maps: Support for encrypted maps to enable new map distribution scenarios
  • Redis TLS: Configurable TLS connections in Redis backend for improved compatibility in secure environments

Improved

  • MIME encoding refactoring: Major overhauls and multiple fixes for MIME encoding logic, including improved handling and decoding of UTF-8 in MIME headers, resulting in more robust email processing and better compatibility
  • Learning system: Numerous fixes to learn checks and autolearn flag handling, prevention of duplicate message learning, and extended multiclass learning test coverage
  • Map helpers alignment: Map helpers now enforced to be aligned to 64 bytes to prevent unaligned memory access errors on certain platforms
  • CLI enhancements: Enhanced secretbox CLI and additional security test coverage
  • Platform compatibility: Improved compatibility with Lua versions above 5.1 and better support for 32-bit platforms

Fixed

  • Critical fixes: Fixed bug when converting zero-length strings to numbers
  • XML parsing: Fixed XML prolog detection in lua_magic module
  • Build issues: Fixed build issues on 32-bit platforms
  • Empty input handling: Addressed issues with empty input handling in lua_magic
  • Test stability: Improved stability of automated testing with multiple miscellaneous test fixes
  • Compatibility: Minor compatibility improvements and bugfixes (buffer allocation, missing cmath include, etc.)

This release introduces archive module extensibility with full encrypted archive support including AES, new map distribution capabilities, secure integration options with Redis TLS, robust email and message processing improvements, and bugfixes for broader platform compatibility. This is recommended as a major stability and feature update.

3.13.0

Choose a tag to compare

@vstakhov vstakhov released this 17 Sep 08:01
a86cf07

Highlights & Major Features Since 3.12.1

1. Multiclass Bayes Classification ([#5547](#5547))

  • Bayesian classifiers now support multi-class differentiation—labels like spam, ham, transactional, newsletters, phishing, and more (2-20 classes supported).
  • Efficient: all classes for a message handled in a single Redis call.
  • Backward compatible with old config (is_spam); new config enables named classes and labels.
  • Autolearn and Lua API support multiclass workflows.
  • Fully class-aware Redis caching.

Examples:

  • rspamc learn_class:transactional receipt.eml or rspamc learn_class:newsletter newsletter.eml
  • Lua API: task:get_multiclass_result() gives class probabilities and confidence.

2. Neural Module Overhaul ([#5579](#5579))

  • Complete rework into a provider-based architecture: combines symbols, LLM embeddings (OpenAI, etc.), and planned providers (Bayes/FastText, in the future).
  • Pluggable fusion—multiple feature types can be combined for richer, more accurate classification.
  • Trained normalization (unit/zscore/none), used consistently at training/inference.
  • Redis-backed caching for LLM embeddings to control cost/latency.
  • Configurable via providers, versioned for safe upgrades, fully backwards compatible.

3. Multimap Selectors & Regex Enhancements ([#5615](#5615))

  • Powerful, SA-style “selector” rules in multimap module for regex filtering on message fields.
  • Dedicated selector field, integrated with Hyperscan and regex cache.
  • Example: selector FROM_CORP from:domain =~ /corp\.example$/i

4. MIME & HTML Feature Extraction ([#5619](#5619), [#5608](#5608))

  • MIME parser detects part types automatically.
  • HTML parser project extracts more features for downstream modules.

5. HTTP, DNS, Upstream Improvements ([#5614](#5614), [#5603](#5603), [#5601](#5601))

  • Flexible HTTP timeout config and handling.
  • Upstream reliability: probe mode, less need for forced revive.
  • DNS nameserver resolution moved to getaddrinfo.

6. Modernization & Maintenance ([#5592](#5592), [#5598](#5598), [#5580](#5580), others)

  • Standardized on C++20; builds, test, and CI improvements (ARM support, modern fallback maps).
  • Regular code cleaning, bugfixes, and RPM tweaks.

7. WebUI & UX ([#5606](#5606), [#5607](#5607))

  • E2E scan test flows in WebUI.
  • Bootstrap upgrade, Bayes class management from the web interface.

8. GPT & LLM Integrations ([#5612](#5612), [#5572](#5572))

  • Improved handling of GPT model parameters and prompts.
  • Initial support for OpenAI GPT-5 and other models.

Notable Bugfixes & Maintenance

  • DCC plugin rewritten ([#5602](#5602)), optimized.
  • DKIM relaxed body canonicalization ([#5593](#5593)), multimap, WebUI and configuration reliability increased.
  • Numerous minor bugfixes, build and CI improvements.

Projects & Modules Affected

  • Core: Multiclass Bayes, Neural/LLM fusion
  • Filtering: Multimap selectors, regex & Hyperscan
  • Protocols: HTTP, DNS
  • Web: WebUI, Bootstrap
  • Plugins: DCC, DKIM, GPT, Neural

3.12.1

Choose a tag to compare

@vstakhov vstakhov released this 17 Jun 09:34
3.12.1
6dbfca2

What's Changed

  • Remove aweber.com from spf_dkim_whitelist.inc by @TaaviE in #5500
  • [Fix] Fix several issues with the lua_logger by @vstakhov in #5503
  • [Test] Detect libicu idna behaviour and select the appropriate tests by @vstakhov in #5506
  • [Fix] Fix proxy headers duplication by @vstakhov in #5507
  • [Minor] Treat *.library-ms and *.search-ms attachments as harmful by @twesterhever in #5509
  • Revert "[Minor] Treat *.library-ms and *.search-ms attachments as harmful" by @vstakhov in #5511
  • [Fix] Another fix for maps concurrent load by @vstakhov in #5512
  • [Feature] Add /bayes/classifiers HTTP endpoint by @moisseev in #5517

New Contributors

Full Changelog: 3.12.0...3.12.1