Looks like Umami supports Redis

https://git.cloudron.io/packages/umami-app/-/merge_requests/16

[4.0.0]

• Update n8n to 2.0.3
• Full Changelog
• Important: This is a major version with breaking changes
• Remove mysql and mariadb support (#22437) (4aa6dc1)
• Spontit Node Remove Spontit node (#22467) (c3442f5)
• Crowd.dev node Remove crowd.dev node (#22469) (b615abc)
• Kitemaker node Remove Kitemaker node (#22470) (0870d0a)
• Automizy Node Remove Automizy node (#22471) (cd8a3ad)
• editor Sidebar redesign (#22395) (0ba2043)
• core Block access to env in code and expressions by default (#22643) (0ffd760)
• core Introduce native Python code tool for AI agent (#22658) (b1bc778)
• editor Improve node component visual states (#20242) (3fc1c56)
• Validate nodes before activating (#22916) (1aa325a)

@d19dotca said in Sharing custom SpamAssassin Rules:

@imc67 said in Sharing custom SpamAssassin Rules:

@msbt said in Sharing custom SpamAssassin Rules:

Thanks a bunch for the list @d19dotca! Quick question about the rest of the setup though: Do you still have entries in the Email ACL DNSBL Zones or is that empty because everything is handled in the custom rules? Like those:

zen.spamhaus.org
bl.mailspike.net
noptr.spamrats.com
dnsbl.sorbs.net

Or is that empty on your side?

I think this is still a relevant question, @d19dotca your spam-rules are amazing, however you are "calling" ACL DSNBL's that are not default in a Cloudron install (https://docs.cloudron.io/email/#dnsbl) so I guess that they are not working until you add them?

I asked ChatGPT to analyse your latest rules and it advised to add the below ones to the DNSLBL Zones ACL (https://my.domain.com/#/email-settings). Is that in your opinion correct to make them all work?

zen.spamhaus.org
bl.mailspike.net
noptr.spamrats.com
all.spamrats.com
backscatter.spameatingmonkey.net
bl.spameatingmonkey.net
netbl.spameatingmonkey.net

So just to clarify… if you add those to the DNSBL list in Cloudron mail settings, it will completely reject mail that has a hit on any of those services. That mail setting in Cloudron is used by Dovecot/Haraka, not SpamAssassin. The reason you don’t want all those DNSBLs there is because not all of them are super accurate (some are too aggressive), which is why they’re in the SpamAssassin rules instead.

Basically the DNSBL list for Cloudron should only be if you want anything that has a hit to be outright rejected and never arrive in your mailbox (not even the junk folder). I prefer to keep that to just Abusix and SpamHaus myself because they have proven to be very accurate in the sense that they return no false positives, so they’re “safe” in rejecting only the most obvious of spam.

Then everything else that passes through that part will simply be scanned by SpamAssassin against the other DNSBLs in the custom rules and are therefore not rejected but just categorized as either spam or ham. It’s safer that way.

But also totally up to you. If you trust the other DNSBLs, then certainly feel free to add them to the Cloudron DNSBL list, but just know that doing so will most likely result in rejected/dropped messages that you’ll never know about until you look at the mail sever logs.

Ultimately… the DNSBLs in the custom SpamAssassin rule set doesn’t really have anything to do with the DNSBL setting used in Cloudron, as they are different levels of filtering and unrelated to each other.

Hopefully that makes sense. I’m just waking up while writing this so let me know if I can clarify further as I may not be explaining myself perfectly, lol.

WOW thank you very very much for this extraordinary clarification! I expected a necessary connection between the two but it isn’t. Thanks for your great work and explanation!

@fanvyr it's intentional to ship the source code. We want users to have a copy of not just the build but also the source code and the build tools. If one knows how, they can trivially change the source files and build dist. Personally, I would love to see this in all the stuff I use I like this kind of freedom, to be able to inspect, change and learn.

(And also, many of our service providers, simply maintain patches which they apply on top of the release and rebuild. So, it's much easier for them).

@fanvyr good investigation! clearly a bug on our side. Fixed in https://git.cloudron.io/platform/box/-/commit/22cb7f7d8fc8312254db4d1ea670d563bf0ff1af

Have to see. There is a risk of using container images maintained by others. What if it suddenly becomes non-free etc. After all, docker has a history of changing pricing (including docker hub).

I would atleast like to move our base image but afaict they offer no hardened ubuntu image.

Thanks for reporting. Fixed in https://git.cloudron.io/platform/box/-/commit/5107cd28c4a0b8b362e9ee5da7151a9271db9fa3 . It won't collapse anymore and you can select it.

The link to http://www.barracudanetworks.com/reputation/?pr=1&ip= ... itself is broken, gets forwarded to https://www.barracuda.com/ which results in a 404. Working link is https://www.barracudacentral.org/lookups but I didn't manage to add the IP as parameter

This is actually the raw TXT record that is in their DNS. It would not be safe to render it as a link, since it is random external data. But also their DNS simply has raw links like above which are i guess broken. For example:

# host -t TXT 70.188.231.171.b.barracudacentral.org 127.0.0.150
Using domain server:
Name: 127.0.0.150
Address: 127.0.0.150#53
Aliases: 

70.188.231.171.b.barracudacentral.org descriptive text "http://www.barracudanetworks.com/reputation/?pr=1&ip=171.231.188.70"

@msbt said in Sharing custom SpamAssassin Rules:

Thanks a bunch for the list @d19dotca! Quick question about the rest of the setup though: Do you still have entries in the Email ACL DNSBL Zones or is that empty because everything is handled in the custom rules? Like those:

zen.spamhaus.org
bl.mailspike.net
noptr.spamrats.com
dnsbl.sorbs.net

Or is that empty on your side?

I think this is still a relevant question, @d19dotca your spam-rules are amazing, however you are "calling" ACL DSNBL's that are not default in a Cloudron install (https://docs.cloudron.io/email/#dnsbl) so I guess that they are not working until you add them?

I asked ChatGPT to analyse your latest rules and it advised to add the below ones to the DNSLBL Zones ACL (https://my.domain.com/#/email-settings). Is that in your opinion correct to make them all work?

zen.spamhaus.org
bl.mailspike.net
noptr.spamrats.com
all.spamrats.com
backscatter.spameatingmonkey.net
bl.spameatingmonkey.net
netbl.spameatingmonkey.net

Oh, that is rough to send an email when DNS records change. In Cloudron 9, we periodically test the validity of the domain/DNS keys by adding a test record. I guess we can change it to just "read" records and not "write" a test record for say namecheap. Would that work?

w00h00 . @themeerkat works I was sending the /verify incorrectly to surfer instead of hecapte.