Mail::SpamAssassin::BayesStore::Redis - Redis Bayesian Storage Module Implementation
This module implements a Redis based bayesian storage module with support for separate read and write servers.
Apache SpamAssassin v3.4.0 introduces support for keeping a Bayes database on a Redis server, either running locally, or accessed over network. Similar to SQL backends, the database may be concurrently used by several hosts running SpamAssassin.
The current implementation only supports a global Bayes database, i.e. per-recipient sub-databases are not supported. The Redis server supports access over IPv4 or over a Unix socket, and since Redis version 2.8.0 also IPv6 is supported. Bear in mind that Redis server only offers limited access controls, so it is advisable to let the Redis server bind to a loopback interface only, or to use other mechanisms to limit access, such as local firewall rules.
The Redis backend for Bayes can put a Lua scripting support in a Redis server to good use, improving performance. The Lua support is available in Redis server since version 2.6. In absence of a Lua support, the Redis backend uses batched (pipelined) traditional Redis commands, so it should work with a Redis server version 2.4 (untested), although this is not recommended for busy sites.
Expiration of token and 'seen' message id entries is left to the Redis server. There is no provision for manually expiring a database, so it is highly recommended to leave the setting bayes_auto_expire to its default value 1 (i.e. enabled).
The module supports separate read and write servers, allowing for Redis replication-based scaling and high availability. Multiple read servers can be configured, with automatic failover if one becomes unavailable.
Example configuration:
# Basic configuration with single server
bayes_store_module Mail::SpamAssassin::BayesStore::Redis
bayes_redis_write_server server=127.0.0.1:6379;password=foo
bayes_redis_read_servers server=127.0.0.1:6379;password=foo
bayes_redis_database 2
bayes_token_ttl 21d
bayes_seen_ttl 8d
bayes_auto_expire 1
# Configuration with primary/replica setup
bayes_store_module Mail::SpamAssassin::BayesStore::Redis
bayes_redis_write_server server=redis-master.example.com:6379;password=foo
bayes_redis_read_servers server=redis-replica1.example.com:6379;password=foo,server=redis-replica2.example.com:6379;password=foo
bayes_redis_database 2
bayes_redis_prefix bayes:
bayes_token_ttl 21d
bayes_seen_ttl 8d
bayes_auto_expire 1A redis server with a Lua support (2.6 or higher) is recommended for performance reasons.
The following configuration options are available:
bayes_redis_read_servers
Comma-separated list of Redis read servers with connection parameters.
Each server specification is a semicolon-separated list of option=value
pairs.
Example: server=replica1.example.com:6379;password=foo,server=replica2.example.com:6379;password=foo
bayes_redis_write_server
Redis write server with connection parameters as a semicolon-separated
list of option=value pairs.
Example: server=master.example.com:6379;password=foo
bayes_redis_database
Database index to use (default: 0). This is passed to a Redis server
with a SELECT command on connecting and chooses a sub-database index.
bayes_redis_password
Password for authentication with Redis servers. This can be overridden
in individual server specifications.
bayes_redis_prefix
Optional prefix for all Redis keys. Allows multiple instances to share
a Redis database.
Example: bayes:user1:
bayes_sql_dsn
Legacy configuration option, still supported for backward
compatibility. This is a semicolon-separated list of option=value
pairs, where an option can be: server, password, database. If this
option is used and the new options above are not specified, the same
configuration will be used for both read and write operations.
Example: server=localhost:6379;password=foo;database=2
bayes_token_ttl
Controls token expiry (ttl value in SECONDS, sent as-is to Redis)
when bayes_auto_expire is true. Default value is 3 weeks (but check
Mail::SpamAssassin::Conf.pm to make sure).
bayes_seen_ttl
Controls 'seen' expiry (ttl value in SECONDS, sent as-is to Redis)
when bayes_auto_expire is true. Default value is 8 days (but check
Mail::SpamAssassin::Conf.pm to make sure).Expiry is done internally in Redis using *_ttl settings mentioned above, but only if bayes_auto_expire is true (which is a default). This is why --force-expire etc does nothing, and token counts and atime values are shown as zero in statistics.
To maintain data consistency, this module is designed to work with Redis in a primary/replica configuration where:
1. All write operations go to a single primary Redis server. 2. Read operations can be distributed across multiple Redis replicas.
When setting up the Redis servers, configure: - One Redis server as the primary, handling all writes. - One or more Redis replicas (read-only) for scaling read operations.
In case of read server failure, the module will automatically attempt to connect to the next configured read server.
The module supports key namespacing via the bayes_redis_prefix configuration option. This allows multiple SpamAssassin instances to share the same Redis database with different key prefixes.
LIMITATIONS: Only global bayes storage is implemented, per-user bayes is not currently available. Dumping (sa-learn --backup, or --dump) of a huge database may not be possible if all keys do not fit into process memory.
public class (Mail::SpamAssassin::BayesStore::Redis) new (Mail::Spamassassin::Plugin::Bayes $bayes)
Description: This methods creates a new instance of the Mail::SpamAssassin::BayesStore::Redis object. It expects to be passed an instance of the Mail::SpamAssassin:Bayes object which is passed into the Mail::SpamAssassin::BayesStore parent object.
Configuration: bayes_redis_read_servers - Comma-separated list of Redis read servers with connection parameters bayes_redis_write_server - Single Redis write server with connection parameters bayes_redis_database - Redis database number (default: 0) bayes_redis_password - Redis password for authentication bayes_redis_prefix - Key prefix for namespacing (default: "")
Legacy configuration (still supported): bayes_sql_dsn - DSN-style connection string
Destructor method.
private instance (Boolean) _connect_read ()
Description: Connects to a Redis read server. Tries each configured read server in turn until one succeeds. If all fail, throws an exception.
private instance (Boolean) _connect_write ()
Description: Connects to the Redis write server. Since there's only one write server, throws an exception if the connection fails.
private instance () _disconnect_read ()
Description: Disconnects from the Redis read server.
private instance () _disconnect_write ()
Description: Disconnects from the Redis write server.
private instance (String) _key (String $key)
Description: Prefixes a key with the configured key prefix for namespacing.
public instance (Boolean) prefork_init ();
Description: This optional method is called in the parent process shortly before forking off child processes.
public instance (Boolean) spamd_child_init ();
Description: This optional method is called in a child process shortly after being spawned.
public instance (Boolean) tie_db_readonly ();
Description: This method ensures that the database connection for read operations is properly setup and working.
public instance (Boolean) tie_db_writable ()
Description: This method ensures that the database connection for write operations is properly setup and working. If necessary it will initialize the database so that they can begin using the database immediately.
private instance (Boolean) _open_db_readonly ()
Description: This method ensures that the database connection for read operations is properly setup and working. It will initialize bayes variables so that they can begin using the database immediately.
private instance (Boolean) _open_db_writable ()
Description: This method ensures that the database connection for write operations is properly setup and working. It will initialize the database if necessary.
private instance () _check_server_info ($redis)
Description: Checks and stores Redis server information (version, Lua availability, etc.)
public instance () untie_db ()
Description: Closes any open db handles. You can safely call this at any time.
public instance (Boolean) sync_due ()
Description: This method determines if a database sync is currently required.
Unused for Redis implementation.
public instance (Boolean) expiry_due ()
Description: This methods determines if an expire is due.
Unused for Redis implementation.
public instance (String) seen_get (string $msgid)
Description: This method retrieves the stored value, if any, for $msgid. The return value is the stored string ('s' for spam and 'h' for ham) or undef if $msgid is not found.
public (Boolean) seen_put (string $msgid, char $flag)
Description: This method records $msgid as the type given by $flag. $flag is one of two values 's' for spam and 'h' for ham.
public instance (Boolean) seen_delete (string $msgid)
Description: This method removes $msgid from the database.
public instance (@) get_storage_variables ()
Description: This method retrieves the various administrative variables used by the Bayes process and database.
The values returned in the array are in the following order:
0: scan count base 1: number of spam 2: number of ham 3: number of tokens in db 4: last expire atime 5: oldest token in db atime 6: db version value 7: last journal sync 8: last atime delta 9: last expire reduction count 10: newest token in db atime
Only 1,2,6 are used with Redis, others return zero always.
public instance (String $time) get_running_expire_tok ()
Description: This method determines if an expire is currently running and returns the last time set.
public instance (String $time) set_running_expire_tok ()
Description: This method sets the time that an expire starts running.
public instance (Boolean) remove_running_expire_tok ()
Description: This method removes the row in the database that indicates that and expire is currently running.
public instance (Integer, Integer, Integer) tok_get (String $token)
Description: This method retrieves a specified token ($token) from the database and returns its spam_count, ham_count and last access time.
public instance (\@) tok_get (@ $tokens)
Description: This method retrieves the specified tokens ($tokens) from storage and returns a ref to arrays spam count, ham count and last access time.
public instance (Boolean) tok_count_change ( Integer $dspam, Integer $dham, String $token, String $newatime)
Description: This method takes a $spam_count and $ham_count and adds it to $tok along with updating $toks atime with $atime.
public instance (Boolean) multi_tok_count_change ( Integer $dspam, Integer $dham, \% $tokens, String $newatime)
Description: This method takes a $dspam and $dham and adds it to all of the tokens in the $tokens hash ref along with updating each token's atime with $atime.
public instance ($spam_count, $ham_count) nspam_nham_get ()
Description: This method retrieves the total number of spam and the total number of ham learned.
public instance (Boolean) nspam_nham_change (Integer $num_spam, Integer $num_ham)
Description: This method updates the number of spam and the number of ham in the database.
public instance (Boolean) tok_touch (String $token, String $atime)
Description: This method updates the given tokens ($token) atime.
The assumption is that the token already exists in the database.
We will never update to an older atime
public instance (Boolean) tok_touch (\@ $tokens String $atime)
Description: This method does a mass update of the given list of tokens $tokens, if the existing token atime is < $atime.
public instance (Boolean) cleanup ()
Description: This method performs any cleanup necessary before moving onto the next operation.
public instance (String) get_magic_re ()
Description: This method returns a regexp which indicates a magic token.
public instance (Boolean) sync (\% $opts)
Description: This method performs a sync of the database
public instance (Boolean) perform_upgrade (\% $opts);
Description: Performs an upgrade of the database from one version to another, not currently used in this implementation.
public instance (Boolean) clear_database ()
Description: This method deletes all records for a particular user.
Callers should be aware that any errors returned by this method could causes the database to be inconsistent for the given user.
public instance () dump_db_toks (String $template, String $regex, Array @vars)
Description: This method loops over all tokens, computing the probability for the token and then printing it out according to the passed in token.
public instance (Boolean) backup_database ()
Description: This method will dump the users database in a machine readable format.
public instance (Boolean) restore_database (String $filename, Boolean $showdots)
Description: This method restores a database from the given filename, $filename.
Callers should be aware that any errors returned by this method could causes the database to be inconsistent for the given user.
public instance (Boolean) db_readable()
Description: This method returns a boolean value indicating if the database is in a readable state.
public instance (Boolean) db_writable()
Description: This method returns a boolean value indicating if the database is in a writable state.
private instance () _define_lua_scripts ($redis)
Description: Defines Lua scripts used for efficient Redis operations.