ls -lah /usr/bin/dspam: -rwxr-xr-x 1 root root 80K 24 mars 16:44 /usr/bin/dspam
I disabled trusted user security to test if it changed something, but there is still the "Unable to determine the runtime user" error. Other compilation options are the default setting from the package. Users and groupd with gid/gid of 70000 and up are created by vmm (http://vmm.localdomain.org/VMMWiki). I'll change my configuration to call the client, it's a first setup so it's not definitive. /usr/local/lib/dspam/deliver is a copy of dovecot deliver binary. I added mail to the trusted users list, but it does not change anything. I'll change training modes later, thanks for your advices. Best regards On Wed, 24 Mar 2010 23:53:43 +0100, Stevan Bajić <ste...@bajic.ch> wrote: > On Wed, 24 Mar 2010 23:11:52 +0100 > lodan <lo...@lodan.eu> wrote: > > > > > dspamit is a small script I grabbed here > > http://dspamwiki.expass.de/dspamit_wrapper, I changed some things > > but the problem does not come from here since it's only called by my > > postfix and it works fine. > > > > Dovecot uses the dovecot user, dspam the dspam user (and postfix the > > postfix user). I'm running the whole thing in a vserver. > > > Is your dovecot user allowed to execute /usr/bin/dspam? What is the > permission on /usr/bin/dspam? Could you post the output of "ls > -lah /usr/bin/dspam"? > > > > dspam --version: > > > > DSPAM Anti-Spam Suite 3.9.0 (agent/library) > > > > Copyright (c) 2002-2009 DSPAM Project > > http://dspam.sourceforge.net. > > > > DSPAM may be copied only under the terms of the GNU General Public > > License, a copy of which can be found with the DSPAM distribution > > kit. > > > > Configuration parameters: '--prefix=/usr' '--sysconfdir=/etc/dspam' > > '--localstatedir=/var' '--disable-trusted-user-security' > > > IMHO you should enable trusted user security. It's not wise to > disable such an important security option. > > > > '--enable-delivery-to-stdout' > > > This option is not used any more. > > > '--with-dspam-owner=dspam' > > '--with-dspam-group=dspam' '--enable-daemon' > > '--enable-virtual-users' '--with-mysql-includes=/usr/include/mysql' > > '--with-mysql-libraries=/usr/lib/mysql' > > '--with-storage-driver=mysql_drv,libdb4_drv,pgsql_drv,sqlite3_drv,hash_drv' > > > Berkeley DB as a storage backend does not exist any more in DSPAM > since a long time. > > > > '--with-dspam-home=/var/lib/dspam' '--with-logdir=/var/log/dspam' > > '--enable-preferences-extension' '--enable-large-scale' > > 'CFLAGS=-march=i686 -mtune=generic -O2 -pipe' > > 'LDFLAGS=-Wl,--hash-style=gnu -Wl,--as-needed' 'CXXFLAGS=-march=i686 > > -mtune=generic -O2 -pipe' > > > > > > Dovecot and dovecot-antispam configuration: > > > > protocols = pop3s imaps managesieve > > protocol imap { > > ssl_listen = *:143 *:993 > > ssl_cert_file = /etc/ssl/mail/cacert.pem > > ssl_key_file = /etc/ssl/mail/cakey.pem > > ssl_key_password = ******************* > > } > > protocol pop3 { > > ssl_listen = *:110 *:995 > > ssl_cert_file = /etc/ssl/mail/cacert.pem > > ssl_key_file = /etc/ssl/mail/cakey.pem > > ssl_key_password = ******************* > > } > > protocol managesieve { > > ssl_listen = *:2000 > > ssl_cert_file = /etc/ssl/mail/cacert.pem > > ssl_key_file = /etc/ssl/mail/cakey.pem > > ssl_key_password = ******************* > > managesieve_logout_format = bytes ( in=%i : out=%o ) > > } > > disable_plaintext_auth = yes > > shutdown_clients = yes > > ssl = yes > > ssl_parameters_regenerate = 500 > > ssl_cipher_list = ALL:!LOW:!SSLv2 > > login_chroot = yes > > mail_location = maildir:~/Maildir > > mail_privileged_group = mail > > mail_full_filesystem_access = no > > mail_debug = yes > > first_valid_uid = 70000 > > > Who is UID 70000? > > > > first_valid_gid = 70000 > > > Who is GID 70000? > > > > protocol imap { > > mail_plugins = antispam > > } > > protocol lda { > > postmaster_address = postmas...@lodan.eu > > mail_plugins = sieve > > } > > auth_username_chars = > > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > > auth_worker_max_count = 10 auth_failure_delay = 2 > > auth default { > > mechanisms = plain login cram-md5 > > passdb sql { > > args = /etc/dovecot/dovecot-sql.conf > > } > > userdb sql { > > args = /etc/dovecot/dovecot-sql.conf > > } > > user = root > > socket listen { > > master { > > mode = 0600 > > } > > client { > > path = /var/spool/postfix/private/auth > > mode = 0660 > > user = postfix > > group = postfix > > } > > } > > } > > plugin { > > sieve=~/.dovecot.sieve > > sieve_dir=~/sieve > > antispam_signature = X-DSPAM-Signature > > antispam_signature_missing = error > > antispam_trash = Trash > > antispam_spam = SPAM > > antispam_unsure = CHECK > > antispam_allow_append_to_spam = yes > > antispam_dspam_binary = /usr/bin/dspam > > antispam_dspam_args = --deliver=;--user;%u > > > Since you seem to run daemon mode it would be faster for you to call > either dspamc: antispam_dspam_binary = /usr/bin/dspamc > > or call client mode: > antispam_dspam_binary = /usr/bin/dspam > antispam_dspam_args = --client;--deliver=;--user;%u > > > > antispam_dspam_result_header = X-DSPAM-Result > > } > > > > > > Dspam configuration: > > > > Home /var/lib/dspam > > StorageDriver /usr/lib/dspam/libpgsql_drv.so > > TrustedDeliveryAgent "/usr/local/lib/dspam/deliver -d %u" > > UntrustedDeliveryAgent "/usr/local/lib/dspam/deliver -d %u" > > QuarantineAgent "/usr/local/lib/dspam/deliver -m SPAM -d %u" > > > What is this deliver application? Is it a script or a binary? If it > is a script then please post it. > > > > EnablePlusedDetail on > > OnFail error > > Trust root > > Trust dspam > > Trust dovecot > > Trust postfix > > Trust daemon > > Trust nobody > > > If I understood your dovecot configuration then you miss here one > entry: Trust mail > > > > > TrainingMode teft > > > If you can then don't use TEFT. It's to heavy and in the long run it > yields to worse results then using something like TOE (or even TUM). > > > > TestConditionalTraining on > > Feature whitelist > > Algorithm graham burton > > Tokenizer chain > > > If you can then switch this simple chain to something more > sophisticated like OSB > > > > PValue bcr > > WebStats on > > Preference "trainingMode=TEFT" > > > See above. > > > > Preference "spamAction=quarantine" > > Preference "spamSubject=[SPAM]" > > Preference "statisticalSedation=5" > > Preference "enableBNR=on" > > Preference "enableWhitelist=on" > > Preference "signatureLocation=headers" > > Preference "tagSpam=on" > > Preference "tagNonspam=off" > > Preference "showFactors=on" > > Preference "optIn=off" > > Preference "optOut=off" > > Preference "whitelistThreshold=10" > > Preference "makeCorpus=off" > > Preference "storeFragments=off" > > Preference "localStore=" > > Preference "processorBias=on" > > Preference "fallbackDomain=off" > > Preference "trainPristine=off" > > Preference "optOutClamAV=off" > > Preference "ignoreRBLLookups=off" > > Preference "RBLInoculate=off" > > AllowOverride enableBNR > > AllowOverride enableWhitelist > > AllowOverride fallbackDomain > > AllowOverride ignoreGroups > > AllowOverride ignoreRBLLookups > > AllowOverride localStore > > AllowOverride makeCorpus > > AllowOverride optIn > > AllowOverride optOut > > AllowOverride optOutClamAV > > AllowOverride processorBias > > AllowOverride RBLInoculate > > AllowOverride showFactors > > AllowOverride signatureLocation > > AllowOverride spamAction > > AllowOverride spamSubject > > AllowOverride statisticalSedation > > AllowOverride storeFragments > > AllowOverride tagNonspam > > AllowOverride tagSpam > > AllowOverride trainPristine > > AllowOverride trainingMode > > AllowOverride whitelistThreshold > > AllowOverride dailyQuarantineSummary > > PgSQLServer 127.0.0.1 > > PgSQLPort 5432 > > PgSQLUser dspam > > PgSQLPass ***************** > > PgSQLDb dspam > > PgSQLConnectionCache 3 > > HashRecMax 98317 > > HashAutoExtend on > > HashMaxExtents 0 > > HashExtentSize 49157 > > HashPctIncrease 10 > > HashMaxSeek 10 > > HashConnectionCache 10 > > ExtLookup off > > Notifications off > > PurgeSignatures 14 > > PurgeNeutral 90 > > PurgeUnused 90 > > PurgeHapaxes 30 > > PurgeHits1S 15 > > PurgeHits1I 15 > > LocalMX 127.0.0.1 > > SystemLog on > > UserLog on > > Opt out > > ServerPID /var/run/dspam/dspam.pid > > ServerMode standard > > ServerDomainSocketPath "/var/run/dspam/dspam.sock" > > ClientHost /tmp/dspam.sock > > ProcessorURLContext on > > ProcessorBias on > > StripRcptDomain off > > > > > > Regards > > ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
