On Wed, 24 Mar 2010 23:11:52 +0100 lodan <lo...@lodan.eu> wrote: > > dspamit is a small script I grabbed here > http://dspamwiki.expass.de/dspamit_wrapper, I changed some things but > the problem does not come from here since it's only called by my > postfix and it works fine. > > Dovecot uses the dovecot user, dspam the dspam user (and postfix the > postfix user). I'm running the whole thing in a vserver. > Is your dovecot user allowed to execute /usr/bin/dspam? What is the permission on /usr/bin/dspam? Could you post the output of "ls -lah /usr/bin/dspam"?
> dspam --version: > > DSPAM Anti-Spam Suite 3.9.0 (agent/library) > > Copyright (c) 2002-2009 DSPAM Project > http://dspam.sourceforge.net. > > DSPAM may be copied only under the terms of the GNU General Public > License, a copy of which can be found with the DSPAM distribution kit. > > Configuration parameters: '--prefix=/usr' '--sysconfdir=/etc/dspam' > '--localstatedir=/var' '--disable-trusted-user-security' > IMHO you should enable trusted user security. It's not wise to disable such an important security option. > '--enable-delivery-to-stdout' > This option is not used any more. '--with-dspam-owner=dspam' > '--with-dspam-group=dspam' '--enable-daemon' '--enable-virtual-users' > '--with-mysql-includes=/usr/include/mysql' > '--with-mysql-libraries=/usr/lib/mysql' > '--with-storage-driver=mysql_drv,libdb4_drv,pgsql_drv,sqlite3_drv,hash_drv' > Berkeley DB as a storage backend does not exist any more in DSPAM since a long time. > '--with-dspam-home=/var/lib/dspam' '--with-logdir=/var/log/dspam' > '--enable-preferences-extension' '--enable-large-scale' > 'CFLAGS=-march=i686 -mtune=generic -O2 -pipe' > 'LDFLAGS=-Wl,--hash-style=gnu -Wl,--as-needed' 'CXXFLAGS=-march=i686 > -mtune=generic -O2 -pipe' > > > Dovecot and dovecot-antispam configuration: > > protocols = pop3s imaps managesieve > protocol imap { > ssl_listen = *:143 *:993 > ssl_cert_file = /etc/ssl/mail/cacert.pem > ssl_key_file = /etc/ssl/mail/cakey.pem > ssl_key_password = ******************* > } > protocol pop3 { > ssl_listen = *:110 *:995 > ssl_cert_file = /etc/ssl/mail/cacert.pem > ssl_key_file = /etc/ssl/mail/cakey.pem > ssl_key_password = ******************* > } > protocol managesieve { > ssl_listen = *:2000 > ssl_cert_file = /etc/ssl/mail/cacert.pem > ssl_key_file = /etc/ssl/mail/cakey.pem > ssl_key_password = ******************* > managesieve_logout_format = bytes ( in=%i : out=%o ) > } > disable_plaintext_auth = yes > shutdown_clients = yes > ssl = yes > ssl_parameters_regenerate = 500 > ssl_cipher_list = ALL:!LOW:!SSLv2 > login_chroot = yes > mail_location = maildir:~/Maildir > mail_privileged_group = mail > mail_full_filesystem_access = no > mail_debug = yes > first_valid_uid = 70000 > Who is UID 70000? > first_valid_gid = 70000 > Who is GID 70000? > protocol imap { > mail_plugins = antispam > } > protocol lda { > postmaster_address = postmas...@lodan.eu > mail_plugins = sieve > } > auth_username_chars = > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > auth_worker_max_count = 10 auth_failure_delay = 2 > auth default { > mechanisms = plain login cram-md5 > passdb sql { > args = /etc/dovecot/dovecot-sql.conf > } > userdb sql { > args = /etc/dovecot/dovecot-sql.conf > } > user = root > socket listen { > master { > mode = 0600 > } > client { > path = /var/spool/postfix/private/auth > mode = 0660 > user = postfix > group = postfix > } > } > } > plugin { > sieve=~/.dovecot.sieve > sieve_dir=~/sieve > antispam_signature = X-DSPAM-Signature > antispam_signature_missing = error > antispam_trash = Trash > antispam_spam = SPAM > antispam_unsure = CHECK > antispam_allow_append_to_spam = yes > antispam_dspam_binary = /usr/bin/dspam > antispam_dspam_args = --deliver=;--user;%u > Since you seem to run daemon mode it would be faster for you to call either dspamc: antispam_dspam_binary = /usr/bin/dspamc or call client mode: antispam_dspam_binary = /usr/bin/dspam antispam_dspam_args = --client;--deliver=;--user;%u > antispam_dspam_result_header = X-DSPAM-Result > } > > > Dspam configuration: > > Home /var/lib/dspam > StorageDriver /usr/lib/dspam/libpgsql_drv.so > TrustedDeliveryAgent "/usr/local/lib/dspam/deliver -d %u" > UntrustedDeliveryAgent "/usr/local/lib/dspam/deliver -d %u" > QuarantineAgent "/usr/local/lib/dspam/deliver -m SPAM -d %u" > What is this deliver application? Is it a script or a binary? If it is a script then please post it. > EnablePlusedDetail on > OnFail error > Trust root > Trust dspam > Trust dovecot > Trust postfix > Trust daemon > Trust nobody > If I understood your dovecot configuration then you miss here one entry: Trust mail > TrainingMode teft > If you can then don't use TEFT. It's to heavy and in the long run it yields to worse results then using something like TOE (or even TUM). > TestConditionalTraining on > Feature whitelist > Algorithm graham burton > Tokenizer chain > If you can then switch this simple chain to something more sophisticated like OSB > PValue bcr > WebStats on > Preference "trainingMode=TEFT" > See above. > Preference "spamAction=quarantine" > Preference "spamSubject=[SPAM]" > Preference "statisticalSedation=5" > Preference "enableBNR=on" > Preference "enableWhitelist=on" > Preference "signatureLocation=headers" > Preference "tagSpam=on" > Preference "tagNonspam=off" > Preference "showFactors=on" > Preference "optIn=off" > Preference "optOut=off" > Preference "whitelistThreshold=10" > Preference "makeCorpus=off" > Preference "storeFragments=off" > Preference "localStore=" > Preference "processorBias=on" > Preference "fallbackDomain=off" > Preference "trainPristine=off" > Preference "optOutClamAV=off" > Preference "ignoreRBLLookups=off" > Preference "RBLInoculate=off" > AllowOverride enableBNR > AllowOverride enableWhitelist > AllowOverride fallbackDomain > AllowOverride ignoreGroups > AllowOverride ignoreRBLLookups > AllowOverride localStore > AllowOverride makeCorpus > AllowOverride optIn > AllowOverride optOut > AllowOverride optOutClamAV > AllowOverride processorBias > AllowOverride RBLInoculate > AllowOverride showFactors > AllowOverride signatureLocation > AllowOverride spamAction > AllowOverride spamSubject > AllowOverride statisticalSedation > AllowOverride storeFragments > AllowOverride tagNonspam > AllowOverride tagSpam > AllowOverride trainPristine > AllowOverride trainingMode > AllowOverride whitelistThreshold > AllowOverride dailyQuarantineSummary > PgSQLServer 127.0.0.1 > PgSQLPort 5432 > PgSQLUser dspam > PgSQLPass ***************** > PgSQLDb dspam > PgSQLConnectionCache 3 > HashRecMax 98317 > HashAutoExtend on > HashMaxExtents 0 > HashExtentSize 49157 > HashPctIncrease 10 > HashMaxSeek 10 > HashConnectionCache 10 > ExtLookup off > Notifications off > PurgeSignatures 14 > PurgeNeutral 90 > PurgeUnused 90 > PurgeHapaxes 30 > PurgeHits1S 15 > PurgeHits1I 15 > LocalMX 127.0.0.1 > SystemLog on > UserLog on > Opt out > ServerPID /var/run/dspam/dspam.pid > ServerMode standard > ServerDomainSocketPath "/var/run/dspam/dspam.sock" > ClientHost /tmp/dspam.sock > ProcessorURLContext on > ProcessorBias on > StripRcptDomain off > > > Regards > -- Kind Regards from Switzerland, Stevan Bajić > > On Wed, 24 Mar 2010 22:29:56 +0100, > Stevan Bajić <ste...@bajic.ch> wrote: > > > On Wed, 24 Mar 2010 17:04:29 +0100 > > lodan <lo...@lodan.eu> wrote: > > > > > > > > Hi, > > > > > Hello, > > > > > > > I'm using dspam 3.9.0 with dovecot-antispam (dspam-exec backend) > > > and a custom version of dspamit > > > > > never heard before of dspamit. What is it? > > > > > > > for incoming messages. Everything works fine, > > > excepted the dovecot-antispam plugin: when I try to move a mail to > > > the spam folder, the dspam binary says "Unable to determine the > > > runtime user". I tried to compile dspam with > > > --disable-trusted-user-security but the error is still here. What > > > am I doing wrong? > > > > > Post more configuration options. Under which user is Dovecot running? > > Post Dovecot configuration and dovecot-antispam configuration. Post > > your dspam.conf. Post the output of "dspam --version". > > > > > > > Thanks for your help > > > Regards > > > > ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
