Pour ajouter des whitelists et blacklists à Rspamd, il faut modifier le fichier /etc/rspamd/local.d/metrics.conf en lui mettant :
group "local" {
  symbol "LOCAL_BL_IP" {
    weight = 3;
    description = "Sender ip listed in local ip blacklist";
  }

  symbol "LOCAL_BL_FROM" {
    weight = 3;
    description = "Sender from listed in local from blacklist";
  }

  symbol "LOCAL_BL_RCPT" {
    weight = 3;
    description = "Recipient listed in local rcpt blacklist";
  }

  symbol "LOCAL_WL_IP" {
    weight = -5;
    description = "Sender ip listed in local ip whitelist";
  }

  symbol "LOCAL_WL_FROM" {
    weight = -5;
    description = "Sender from listed in local from whitelist";
  }

  symbol "LOCAL_WL_RCPT" {
    weight = -5;
    description = "Recipient listed in local rcpt whitelist";
  }
}

Ensuite créer le fichier /etc/rspamd/local.d/multimap.conf contenant :
# ip - matches source IP of message (radix map)
# from - matches envelope from (or header From if envelope from is absent)
# rcpt - matches any of envelope rcpt or header To if envelope info is missing
# header - matches any header specified (must have header = "Header-Name" configuration attribute)
# dnsbl - matches source IP against some DNS blacklist (consider using RBL module for this)
local_bl_ip {
   type = "ip";
   map = "$CONFDIR/local.d/local_bl_ip.map.inc";
   symbol = "LOCAL_BL_IP";
   description = "Local ip blacklist";
}
local_bl_from {
  type = "from";
  map = "$CONFDIR/local.d/local_bl_from.map.inc";
  symbol = "LOCAL_BL_FROM";
  description = "Local from blacklist";
}
local_bl_rcpt {
  type = "rcpt";
  map = "$CONFDIR/local.d/local_bl_rcpt.map.inc";
  symbol = "LOCAL_BL_RCPT";
  description = "Local rcpt blacklist";
}
local_wl_ip {
  type = "ip";
  map = "$CONFDIR/local.d/local_wl_ip.map.inc";
  symbol = "LOCAL_WL_IP";
  description = "Local ip whitelist";
}
local_wl_from {
  type = "from";
  map = "$CONFDIR/local.d/local_wl_from.map.inc";
  symbol = "LOCAL_WL_FROM";
  description = "Local from whitelist";
}
local_wl_rcpt {
  type = "rcpt";
  map = "$CONFDIR/local.d/local_wl_rcpt.map.inc";
  symbol = "LOCAL_WL_RCPT";
  description = "Local rcpt whitelist";
}

Enfin créer les fichiers de map. La doc signale que ces fichiers ne doivent pas être vides :
/etc/rspamd/local.d/local_bl_ip.map.inc
# Local ip blacklist
/etc/rspamd/local.d/local_bl_from.map.inc
# Local from blacklist
/etc/rspamd/local.d/local_bl_rcpt.map.inc
# Local rcpt blacklist
/etc/rspamd/local.d/local_wl_ip.map.inc
# Local ip whitelist
/etc/rspamd/local.d/local_wl_from.map.inc
# Local "from" whitelist
/etc/rspamd/local.d/local_wl_rcpt.map.inc
# Local rcpt whitelist

Penser à recharger le service : service rspamd restart