npm - spamscanner - Versions diffs - 6.0.0 → 6.1.0 - Mend

spamscanner 6.0.0 → 6.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/README.md +569 -42
package/dist/cjs/arf.cjs +539 -0
package/dist/cjs/arf.cjs.map +7 -0
package/dist/cjs/cli.cjs +4729 -0
package/dist/cjs/cli.cjs.map +7 -0
package/dist/cjs/{index.js → index.cjs} +1677 -52
package/dist/cjs/index.cjs.map +7 -0
package/dist/esm/arf.js +514 -0
package/dist/esm/arf.js.map +7 -0
package/dist/esm/cli.js +4713 -0
package/dist/esm/cli.js.map +7 -0
package/dist/esm/index.js +1676 -51
package/dist/esm/index.js.map +4 -4
package/dist/types/arf.d.ts +129 -0
package/dist/types/auth.d.ts +157 -0
package/dist/types/enhanced-idn-detector.d.ts +236 -0
package/dist/types/get-attributes.d.ts +148 -0
package/dist/types/index.d.ts +959 -0
package/dist/types/is-arbitrary.d.ts +231 -0
package/dist/types/reputation.d.ts +60 -0
package/package.json +13 -4
package/dist/cjs/index.js.map +0 -7

package/README.md CHANGED Viewed

@@ -1,19 +1,26 @@
-# Spam Scanner
-> **The best anti-spam, email filtering, and phishing prevention service for Node.js**
-[![build status](https://github.com/spamscanner/spamscanner/actions/workflows/ci.yml/badge.svg)](https://github.com/spamscanner/spamscanner/actions/workflows/ci.yml)
-[![code coverage](https://img.shields.io/badge/coverage-88.41%25-brightgreen.svg)](https://github.com/spamscanner/spamscanner)
-[![code style](https://img.shields.io/badge/code_style-XO-5ed9c7.svg)](https://github.com/sindresorhus/xo)
-[![styled with prettier](https://img.shields.io/badge/styled_with-prettier-ff69b4.svg)](https://github.com/prettier/prettier)
-[![made with lass](https://img.shields.io/badge/made_with-lass-95CC28.svg)](https://lass.js.org)
-[![license](https://img.shields.io/github/license/spamscanner/spamscanner.svg)](LICENSE)
+<h1 align="center">
+  <a href="https://spamscanner.net"><img src="https://raw.githubusercontent.com/spamscanner/spamscanner/master/media/spamscanner.png" alt="spamscanner" /></a>
+</h1>
+<div align="center">
+  <a href="https://github.com/spamscanner/spamscanner/actions/workflows/ci.yml"><img src="https://github.com/spamscanner/spamscanner/actions/workflows/ci.yml/badge.svg" alt="build status" /></a>
+  <a href="https://github.com/sindresorhus/xo"><img src="https://img.shields.io/badge/code_style-XO-5ed9c7.svg" alt="code style" /></a>
+  <a href="https://github.com/prettier/prettier"><img src="https://img.shields.io/badge/styled_with-prettier-ff69b4.svg" alt="styled with prettier" /></a>
+  <a href="https://lass.js.org"><img src="https://img.shields.io/badge/made_with-lass-95CC28.svg" alt="made with lass" /></a>
+  <a href="LICENSE"><img src="https://img.shields.io/github/license/spamscanner/spamscanner.svg" alt="license" /></a>
+</div>
+<br />
+<div align="center">
+  Spam Scanner is the best <a href="https://en.wikipedia.org/wiki/Anti-spam_techniques" target="_blank">anti-spam</a>, <a href="https://en.wikipedia.org/wiki/Email_filtering" target="_blank">email filtering</a>, and <a href="https://en.wikipedia.org/wiki/Phishing" target="_blank">phishing prevention</a> service.
+</div>
+<hr />
+<div align="center">
+  Spam Scanner is a drop-in replacement and the best alternative to SpamAssassin, rspamd, SpamTitan, and more.
+</div>
+<hr />
 > \[!NOTE]
 > Spam Scanner is actively maintained and used in production at [Forward Email](https://forwardemail.net) to protect millions of emails daily.
----
 ## Table of Contents
@@ -59,6 +66,19 @@
   * [Selective Feature Disabling](#selective-feature-disabling)
   * [Custom Timeout](#custom-timeout)
   * [Custom Logger](#custom-logger)
+* [CLI (Command Line Interface)](#cli-command-line-interface)
+  * [CLI Installation](#cli-installation)
+  * [Commands](#commands)
+  * [Exit Codes](#exit-codes)
+  * [CLI Examples](#cli-examples)
+* [ARF (Abuse Reporting Format)](#arf-abuse-reporting-format)
+  * [Parsing ARF Reports](#parsing-arf-reports)
+  * [Creating ARF Reports](#creating-arf-reports)
+  * [ARF Result Object](#arf-result-object)
+* [Mail Server Integration](#mail-server-integration)
+  * [Postfix Integration](#postfix-integration)
+  * [Dovecot Integration](#dovecot-integration)
+  * [TCP Server Mode](#tcp-server-mode)
 * [Performance](#performance)
   * [Benchmarks](#benchmarks)
   * [Optimization Tips](#optimization-tips)
@@ -282,27 +302,27 @@ graph TB
     C --> D[Language Detection]
     D --> E[Tokenization]
     E --> F[Naive Bayes Classification]
     B --> G[Phishing Detection]
     G --> G1[IDN Homograph Check]
     G --> G2[Confusables Analysis]
     G --> G3[URL Analysis]
     B --> H[Attachment Scanning]
     H --> H1[Virus Scan]
     H --> H2[Executable Check]
     H --> H3[Macro Detection]
     H --> H4[NSFW Detection]
     B --> I[Content Analysis]
     I --> I1[Toxicity Detection]
     I --> I2[Pattern Recognition]
     F --> J[Result Aggregation]
     G --> J
     H --> J
     I --> J
     J --> K{Is Spam?}
     K -->|Yes| L[Spam Result]
     K -->|No| M[Ham Result]
@@ -317,12 +337,12 @@ sequenceDiagram
     participant Classifier
     participant ClamAV
     participant TensorFlow
     Client->>Scanner: scan(email)
     Scanner->>Scanner: Parse Email
     Scanner->>Scanner: Extract URLs
     Scanner->>Scanner: Detect Language
     par Parallel Detection
         Scanner->>Classifier: Classify Tokens
         Scanner->>ClamAV: Scan Attachments
@@ -331,7 +351,7 @@ sequenceDiagram
         Scanner->>Scanner: Check Phishing
         Scanner->>Scanner: Check Macros
     end
     Scanner->>Scanner: Aggregate Results
     Scanner->>Client: Return Result
 ```
@@ -344,20 +364,20 @@ graph LR
     A --> C[Classifiers]
     A --> D[Detectors]
     A --> E[Analyzers]
     B --> B1[Email Parser]
     B --> B2[Tokenizer]
     B --> B3[Preprocessor]
     C --> C1[Naive Bayes]
     C --> C2[TensorFlow NSFW]
     C --> C3[TensorFlow Toxicity]
     D --> D1[Phishing Detector]
     D --> D2[Virus Scanner]
     D --> D3[Macro Detector]
     D --> D4[Executable Detector]
     E --> E1[Language Analyzer]
     E --> E2[URL Analyzer]
     E --> E3[Pattern Analyzer]
@@ -465,16 +485,16 @@ import SpamScanner from 'spamscanner';
 const scanner = new SpamScanner({
   // Enable performance metrics
   enablePerformanceMetrics: true,
   // Filter to supported languages
   supportedLanguages: ['en', 'es', 'fr', 'de'],
   // Enable macro detection
   enableMacroDetection: true,
   // Set scan timeout
   timeout: 30000,
   // Custom ClamAV configuration
   clamscan: {
     preference: 'clamdscan',
@@ -954,7 +974,7 @@ The `scan()` method returns a comprehensive result object:
   // Overall spam classification
   isSpam: boolean,
   message: string, // 'Ham' or 'Spam: <reasons>'
   // Detection results
   results: {
     // Classification details
@@ -962,7 +982,7 @@ The `scan()` method returns a comprehensive result object:
       category: 'spam' | 'ham',
       probability: number
     },
     // Phishing detection
     phishing: [
       {
@@ -971,7 +991,7 @@ The `scan()` method returns a comprehensive result object:
         message: string
       }
     ],
     // Executable detection
     executables: [
       {
@@ -981,7 +1001,7 @@ The `scan()` method returns a comprehensive result object:
         risk: 'high' | 'medium' | 'low'
       }
     ],
     // Macro detection
     macros: [
       {
@@ -989,10 +1009,10 @@ The `scan()` method returns a comprehensive result object:
         message: string
       }
     ],
     // Arbitrary results (custom detections)
     arbitrary: [],
     // Virus scanning
     viruses: [
       {
@@ -1001,7 +1021,7 @@ The `scan()` method returns a comprehensive result object:
         type: 'virus'
       }
     ],
     // Pattern recognition
     patterns: {
       credit_cards: number,
@@ -1013,10 +1033,10 @@ The `scan()` method returns a comprehensive result object:
       dates: number,
       file_paths: number
     },
     // IDN homograph attack detection
     idnHomographAttack: [],
     // Toxicity detection (array of results)
     toxicity: [
       {
@@ -1026,7 +1046,7 @@ The `scan()` method returns a comprehensive result object:
         description: string
       }
     ],
     // NSFW detection (array of results)
     nsfw: [
       {
@@ -1038,13 +1058,13 @@ The `scan()` method returns a comprehensive result object:
       }
     ]
   },
   // All URLs extracted from email
   links: string[],
   // Tokens extracted from email
   tokens: string[],
   // Email metadata
   mail: {
     from: object,
@@ -1055,7 +1075,7 @@ The `scan()` method returns a comprehensive result object:
     attachments: object[],
     headers: object
   },
   // Performance metrics (if enabled)
   metrics: {
     totalTime: number, // milliseconds
@@ -1178,6 +1198,508 @@ const scanner = new SpamScanner({
 ---
+## CLI (Command Line Interface)
+SpamScanner provides a command-line interface for scanning emails directly from the terminal or integrating with mail servers.
+### CLI Installation
+SpamScanner can be installed via npm or as a standalone binary. The standalone binary includes Node.js and all dependencies, so no additional runtime is required.
+#### Install via npm (requires Node.js)
+```bash
+# Install globally
+npm install -g spamscanner
+# Or use npx without installing
+npx spamscanner --help
+```
+#### Install Standalone Binary
+##### macOS
+```bash
+# Using curl (Intel or Apple Silicon - auto-detected)
+curl -fsSL https://github.com/spamscanner/spamscanner/releases/latest/download/spamscanner-darwin-$(uname -m | sed 's/x86_64/x64/' | sed 's/aarch64/arm64/' | sed 's/arm64/arm64/') -o /usr/local/bin/spamscanner
+chmod +x /usr/local/bin/spamscanner
+# Or download manually for Intel Mac
+curl -fsSL https://github.com/spamscanner/spamscanner/releases/latest/download/spamscanner-darwin-x64 -o /usr/local/bin/spamscanner
+chmod +x /usr/local/bin/spamscanner
+# Or download manually for Apple Silicon (M1/M2/M3)
+curl -fsSL https://github.com/spamscanner/spamscanner/releases/latest/download/spamscanner-darwin-arm64 -o /usr/local/bin/spamscanner
+chmod +x /usr/local/bin/spamscanner
+```
+##### Linux
+```bash
+# Download and install to /usr/local/bin
+sudo curl -fsSL https://github.com/spamscanner/spamscanner/releases/latest/download/spamscanner-linux-x64 -o /usr/local/bin/spamscanner
+sudo chmod +x /usr/local/bin/spamscanner
+# Or install to user directory (no sudo required)
+mkdir -p ~/.local/bin
+curl -fsSL https://github.com/spamscanner/spamscanner/releases/latest/download/spamscanner-linux-x64 -o ~/.local/bin/spamscanner
+chmod +x ~/.local/bin/spamscanner
+# Add to PATH if not already: export PATH="$HOME/.local/bin:$PATH"
+```
+##### Windows
+```powershell
+# Using PowerShell (run as Administrator)
+Invoke-WebRequest -Uri "https://github.com/spamscanner/spamscanner/releases/latest/download/spamscanner-win-x64.exe" -OutFile "C:\Program Files\spamscanner\spamscanner.exe"
+# Add to PATH via System Properties > Environment Variables
+# Or download to current directory
+Invoke-WebRequest -Uri "https://github.com/spamscanner/spamscanner/releases/latest/download/spamscanner-win-x64.exe" -OutFile ".\spamscanner.exe"
+```
+##### Verify Installation
+```bash
+# Check version
+spamscanner version
+# Check for updates
+spamscanner update
+```
+#### Automatic Updates
+SpamScanner CLI automatically checks for updates once every 24 hours and displays a notification if a new version is available. You can also manually check for updates:
+```bash
+# Check for updates
+spamscanner update
+# Disable automatic update checks
+spamscanner scan email.eml --no-update-check
+```
+To update to the latest version, simply re-run the installation command for your platform or use npm:
+```bash
+# Update via npm
+npm update -g spamscanner
+# Or re-download the binary (macOS/Linux)
+curl -fsSL https://github.com/spamscanner/spamscanner/releases/latest/download/spamscanner-$(uname -s | tr '[:upper:]' '[:lower:]')-$(uname -m | sed 's/x86_64/x64/' | sed 's/aarch64/arm64/') -o /usr/local/bin/spamscanner
+chmod +x /usr/local/bin/spamscanner
+```
+### Commands
+| Command                   | Description           |
+| ------------------------- | --------------------- |
+| `spamscanner scan <file>` | Scan an email file    |
+| `spamscanner scan -`      | Scan email from stdin |
+| `spamscanner server`      | Start TCP server mode |
+| `spamscanner help`        | Show help message     |
+| `spamscanner version`     | Show version number   |
+| `spamscanner update`      | Check for updates     |
+#### General Options
+| Option              | Description                                   |
+| ------------------- | --------------------------------------------- |
+| `-h, --help`        | Show help                                     |
+| `-v, --version`     | Show version                                  |
+| `-j, --json`        | Output results as JSON                        |
+| `--verbose`         | Show detailed output                          |
+| `--debug`           | Enable debug mode                             |
+| `--timeout <ms>`    | Scan timeout in milliseconds (default: 30000) |
+| `--no-update-check` | Disable automatic update check                |
+#### Spam Detection Options
+SpamScanner calculates a spam score based on multiple detection methods. You can configure which checks are included and customize the score weights.
+| Option                | Description                                       |
+| --------------------- | ------------------------------------------------- |
+| `--threshold <score>` | Spam score threshold (default: 5.0)               |
+| `--check-classifier`  | Include Bayesian classifier in scoring (default)  |
+| `--check-phishing`    | Include phishing detection in scoring (default)   |
+| `--check-executables` | Include executable detection in scoring (default) |
+| `--check-macros`      | Include macro detection in scoring (default)      |
+| `--check-virus`       | Include virus detection in scoring (default)      |
+| `--check-nsfw`        | Include NSFW detection in scoring (disabled)      |
+| `--check-toxicity`    | Include toxicity detection in scoring (disabled)  |
+| `--no-classifier`     | Disable Bayesian classifier scoring               |
+| `--no-phishing`       | Disable phishing scoring                          |
+| `--no-executables`    | Disable executable scoring                        |
+| `--no-macros`         | Disable macro scoring                             |
+| `--no-virus`          | Disable virus scoring                             |
+#### Score Weights
+Customize how much each detection type contributes to the total spam score:
+| Option                   | Description                                 |
+| ------------------------ | ------------------------------------------- |
+| `--score-classifier <n>` | Classifier spam score weight (default: 5.0) |
+| `--score-phishing <n>`   | Phishing score per issue (default: 5.0)     |
+| `--score-executable <n>` | Executable score per file (default: 10.0)   |
+| `--score-macro <n>`      | Macro score per detection (default: 5.0)    |
+| `--score-virus <n>`      | Virus score per detection (default: 100.0)  |
+| `--score-nsfw <n>`       | NSFW score per detection (default: 3.0)     |
+| `--score-toxicity <n>`   | Toxicity score per detection (default: 3.0) |
+#### Header Options
+For mail server integration, SpamScanner can add X-Spam headers to emails (similar to [SpamAssassin](https://github.com/apache/spamassassin) and [Stalwart](https://github.com/stalwartlabs/stalwart)):
+| Option                | Description                                |
+| --------------------- | ------------------------------------------ |
+| `--add-headers`       | Add X-Spam-* headers to output             |
+| `--prepend-subject`   | Prepend [SPAM] to subject if spam detected |
+| `--subject-tag <tag>` | Custom subject tag (default: [SPAM])       |
+**X-Spam Headers Added:**
+| Header          | Description                                                          |
+| --------------- | -------------------------------------------------------------------- |
+| `X-Spam-Status` | `Yes/No, score=X.X required=Y.Y tests=TEST1,TEST2,... version=X.X.X` |
+| `X-Spam-Score`  | Numeric spam score (e.g., `7.5`)                                     |
+| `X-Spam-Flag`   | `YES` or `NO`                                                        |
+| `X-Spam-Tests`  | Comma-separated list of triggered tests                              |
+#### Scanner Configuration Options
+These options configure the underlying SpamScanner engine:
+| Option                     | Description                                             |
+| -------------------------- | ------------------------------------------------------- |
+| `--languages <list>`       | Comma-separated language codes (default: all languages) |
+| `--mixed-language`         | Enable mixed language detection in emails               |
+| `--no-macro-detection`     | Disable macro detection in attachments                  |
+| `--no-pattern-recognition` | Disable advanced pattern recognition                    |
+| `--strict-idn`             | Enable strict IDN/homograph detection                   |
+| `--nsfw-threshold <n>`     | NSFW detection threshold 0.0-1.0 (default: 0.6)         |
+| `--toxicity-threshold <n>` | Toxicity detection threshold 0.0-1.0 (default: 0.7)     |
+| `--clamscan-path <path>`   | Path to clamscan binary (default: /usr/bin/clamscan)    |
+| `--clamdscan-path <path>`  | Path to clamdscan binary (default: /usr/bin/clamdscan)  |
+##### Supported Languages
+Use ISO 639-1 language codes with the `--languages` option. Pass an empty string or `all` to enable all languages (default).
+| Code | Language        | Code | Language   | Code | Language   |
+| ---- | --------------- | ---- | ---------- | ---- | ---------- |
+| `en` | English         | `fr` | French     | `es` | Spanish    |
+| `de` | German          | `it` | Italian    | `pt` | Portuguese |
+| `ru` | Russian         | `ja` | Japanese   | `ko` | Korean     |
+| `zh` | Chinese         | `ar` | Arabic     | `hi` | Hindi      |
+| `bn` | Bengali         | `ur` | Urdu       | `tr` | Turkish    |
+| `pl` | Polish          | `nl` | Dutch      | `sv` | Swedish    |
+| `no` | Norwegian       | `da` | Danish     | `fi` | Finnish    |
+| `hu` | Hungarian       | `cs` | Czech      | `sk` | Slovak     |
+| `sl` | Slovenian       | `hr` | Croatian   | `sr` | Serbian    |
+| `bg` | Bulgarian       | `ro` | Romanian   | `el` | Greek      |
+| `he` | Hebrew          | `th` | Thai       | `vi` | Vietnamese |
+| `id` | Indonesian      | `ms` | Malay      | `tl` | Tagalog    |
+| `uk` | Ukrainian       | `be` | Belarusian | `lt` | Lithuanian |
+| `lv` | Latvian         | `et` | Estonian   | `ca` | Catalan    |
+| `eu` | Basque          | `gl` | Galician   | `ga` | Irish      |
+| `gd` | Scottish Gaelic | `cy` | Welsh      | `is` | Icelandic  |
+| `mt` | Maltese         | `af` | Afrikaans  | `sw` | Swahili    |
+| `am` | Amharic         | `ha` | Hausa      | `yo` | Yoruba     |
+| `ig` | Igbo            | `so` | Somali     | `om` | Oromo      |
+| `ti` | Tigrinya        | `mg` | Malagasy   | `ny` | Chichewa   |
+| `sn` | Shona           | `xh` | Xhosa      | `zu` | Zulu       |
+| `st` | Southern Sotho  | `tn` | Tswana     |      |            |
+#### Server Options
+| Option          | Description                          |
+| --------------- | ------------------------------------ |
+| `--port <port>` | TCP server port (default: 7830)      |
+| `--host <host>` | TCP server host (default: 127.0.0.1) |
+### Exit Codes
+| Code | Meaning          |
+| ---- | ---------------- |
+| `0`  | Clean (not spam) |
+| `1`  | Spam detected    |
+| `2`  | Error occurred   |
+### CLI Examples
+```bash
+# Scan a file
+spamscanner scan email.eml
+# Scan from stdin (for Postfix integration)
+cat email.eml | spamscanner scan -
+# Scan with JSON output (includes score and tests)
+spamscanner scan email.eml --json
+# Scan with verbose output
+spamscanner scan email.eml --verbose
+# Scan with custom spam threshold
+spamscanner scan email.eml --threshold 3.0
+# Scan with only classifier and phishing checks
+spamscanner scan email.eml --no-executables --no-macros --no-virus
+# Scan and add X-Spam headers (for mail server integration)
+spamscanner scan email.eml --add-headers
+# Scan, add headers, and prepend [SPAM] to subject
+spamscanner scan email.eml --add-headers --prepend-subject
+# Scan with custom subject tag
+spamscanner scan email.eml --add-headers --prepend-subject --subject-tag "[JUNK]"
+# Enable NSFW and toxicity checks with custom weights
+spamscanner scan email.eml --check-nsfw --check-toxicity --score-nsfw 5.0
+# Start TCP server on custom port
+spamscanner server --port 8080
+# Start TCP server with custom threshold
+spamscanner server --port 8080 --threshold 3.0
+# Scan with specific language support (English, Spanish, French only)
+spamscanner scan email.eml --languages en,es,fr
+# Scan with mixed language detection enabled
+spamscanner scan email.eml --mixed-language
+# Scan with strict IDN/homograph detection
+spamscanner scan email.eml --strict-idn
+# Scan with custom NSFW threshold (more sensitive)
+spamscanner scan email.eml --check-nsfw --nsfw-threshold 0.3
+# Scan with custom ClamAV paths
+spamscanner scan email.eml --clamscan-path /opt/clamav/bin/clamscan
+```
+#### Example JSON Output
+```json
+{
+  "isSpam": true,
+  "score": 7.5,
+  "threshold": 5.0,
+  "tests": ["BAYES_SPAM(5.0)", "PHISHING_DETECTED(2.5)"],
+  "message": "Spam",
+  "results": {
+    "classification": { "category": "spam", "probability": 0.95 },
+    "phishing": [{ "type": "suspicious_link", "url": "http://example.com" }]
+  },
+  "headers": {
+    "X-Spam-Status": "Yes, score=7.5 required=5.0 tests=BAYES_SPAM(5.0),PHISHING_DETECTED(2.5) version=6.0.1",
+    "X-Spam-Score": "7.5",
+    "X-Spam-Flag": "YES",
+    "X-Spam-Tests": "BAYES_SPAM(5.0), PHISHING_DETECTED(2.5)"
+  }
+}
+```
+---
+## ARF (Abuse Reporting Format)
+SpamScanner includes a native [ARF (Abuse Reporting Format)](https://www.rfc-editor.org/rfc/rfc5965.html) parser for handling email feedback reports from ISPs and email providers.
+### Parsing ARF Reports
+```js
+import {ArfParser} from 'spamscanner/arf';
+import fs from 'node:fs';
+// Read an ARF report email
+const arfEmail = fs.readFileSync('feedback_report.eml');
+// Parse the ARF report
+const report = await ArfParser.parse(arfEmail);
+console.log('Feedback Type:', report.feedbackType);
+console.log('Source IP:', report.sourceIp);
+console.log('Original Sender:', report.originalMailFrom);
+console.log('Original Recipients:', report.originalRcptTo);
+```
+#### Safe Parsing
+```js
+// Use tryParse for safe parsing (returns null if not ARF)
+const report = await ArfParser.tryParse(emailContent);
+if (report) {
+  console.log('ARF report detected:', report.feedbackType);
+} else {
+  console.log('Not an ARF report');
+}
+```
+### Creating ARF Reports
+```js
+import {ArfParser} from 'spamscanner/arf';
+const arfMessage = ArfParser.create({
+  feedbackType: 'abuse',
+  userAgent: 'MyMailServer/1.0',
+  from: 'abuse@yourdomain.com',
+  to: 'abuse@theirisp.com',
+  originalMessage: originalEmailContent,
+  humanReadable: 'This email was reported as spam by our users.',
+  sourceIp: '192.168.1.100',
+  originalMailFrom: 'spammer@example.com',
+  originalRcptTo: ['victim@yourdomain.com'],
+  arrivalDate: new Date(),
+  reportingMta: 'mail.yourdomain.com',
+});
+// Send arfMessage to the abuse address
+```
+### ARF Result Object
+| Property           | Type       | Description                                                                   |
+| ------------------ | ---------- | ----------------------------------------------------------------------------- |
+| `isArf`            | `boolean`  | Whether this is a valid ARF message                                           |
+| `feedbackType`     | `string`   | Type: `abuse`, `fraud`, `virus`, `other`, `not-spam`, `auth-failure`, `dmarc` |
+| `userAgent`        | `string`   | User agent that generated the report                                          |
+| `version`          | `string`   | ARF version (usually "1")                                                     |
+| `sourceIp`         | `string`   | Source IP of the original message                                             |
+| `originalMailFrom` | `string`   | Original MAIL FROM address                                                    |
+| `originalRcptTo`   | `string[]` | Original RCPT TO addresses                                                    |
+| `arrivalDate`      | `Date`     | When the original message arrived                                             |
+| `reportingMta`     | `object`   | Reporting MTA info (`{type, name}`)                                           |
+| `incidents`        | `number`   | Number of incidents reported                                                  |
+| `humanReadable`    | `string`   | Human-readable description                                                    |
+| `originalMessage`  | `string`   | The original reported message                                                 |
+| `originalHeaders`  | `object`   | Parsed headers from original message                                          |
+---
+## Mail Server Integration
+SpamScanner can be integrated with popular mail servers like [Postfix](https://www.postfix.org/) and [Dovecot](https://www.dovecot.org/) as a content filter.
+### Postfix Integration
+#### Using Pipe Content Filter
+This is the recommended method for most Postfix setups.
+1. **Create a dedicated user** (recommended for security):
+```bash
+sudo useradd -r -s /bin/false spamscanner
+```
+2. **Edit `/etc/postfix/master.cf`**:
+```cf
+# SpamScanner content filter
+spamscanner unix - n n - - pipe
+  flags=Rq user=spamscanner argv=/usr/local/bin/spamscanner scan -
+```
+3. **Edit `/etc/postfix/main.cf`**:
+```cf
+content_filter = spamscanner:dummy
+```
+4. **Reload Postfix**:
+```bash
+sudo postfix reload
+```
+Postfix will now pipe all incoming emails to SpamScanner. If SpamScanner exits with code 1 (spam), Postfix will reject the message.
+### Dovecot Integration
+#### Using Sieve and Pipe
+1. **Enable Pigeonhole Sieve** (ensure `dovecot-pigeonhole` is installed)
+2. **Create a Sieve script** (`/var/lib/dovecot/sieve/default.sieve`):
+```sieve
+require ["vnd.dovecot.pipe"];
+# Scan all incoming mail
+if header :contains "X-Spam-Flag" "NO" {
+  pipe "/usr/local/bin/spamscanner-sieve-helper";
+}
+```
+3. **Create a helper script** (`/usr/local/bin/spamscanner-sieve-helper`):
+```bash
+#!/bin/bash
+EMAIL=$(cat)
+RESULT=$(echo "$EMAIL" | /usr/local/bin/spamscanner scan -)
+if [[ $? -eq 1 ]]; then
+  echo "X-Spam-Flag: YES" | cat - <(echo "$EMAIL")
+else
+  echo "$EMAIL"
+fi
+```
+### TCP Server Mode
+For high-volume environments, run SpamScanner as a persistent TCP server:
+```bash
+# Start the server
+spamscanner server --port 7830 --host 127.0.0.1
+```
+#### Systemd Service
+Create `/etc/systemd/system/spamscanner.service`:
+```ini
+[Unit]
+Description=SpamScanner TCP Server
+After=network.target
+[Service]
+Type=simple
+User=spamscanner
+ExecStart=/usr/local/bin/spamscanner server --port 7830
+Restart=always
+RestartSec=5
+[Install]
+WantedBy=multi-user.target
+```
+Enable and start:
+```bash
+sudo systemctl enable spamscanner
+sudo systemctl start spamscanner
+```
+#### Client Example
+```bash
+# Send email to TCP server and get JSON response
+cat email.eml | nc localhost 7830
+```
+---
 ## Performance
 ### Benchmarks
@@ -1276,3 +1798,8 @@ npm run test-coverage
 ---
 > Made with ❤️ by the [Forward Email](https://forwardemail.net) team
+##
+<a href="#"><img src="https://raw.githubusercontent.com/spamscanner/spamscanner/master/media/footer.png" alt="#" /></a>