Hi,
I've been meaning to try dspam for a while but always have been hesitant to try
because of somewhat confusing documentation, but finally I tried it today, and
it seems to work, barely.
Before I have dspam, my mail server setup is running:
smtp -> dkim-filter -> dovecot with sieve plugin (virtual user with
psql)
By having dspam, I imagine, I would have it somewhat like this:
smtp -> dkim-filter -> dspam -> dovecot with sieve plugin
Before I talk about my problems, let me show my configurations:
The server itself is running on:
- Ubuntu 8.04 LTS
- Dspam 3.6.8 installed via Ubuntu repo
- Postfix 2.5.1
- Dovecot 1.0.10
- dkim-filter 2.5.4
in /etc/dspam/dspam.conf, I have:
StorageDriver /usr/lib/dspam/libpgsql_drv.so
TrustedDeliveryAgent "/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}"
UntrustedDeliveryAgent "/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}"
DeliveryHost 127.0.0.1
DeliveryPort 10026
DeliveryIdent localhost
DeliveryProto SMTP
OnFail error
Trust root
Trust dspam
Trust vmail
Trust postfix
Trust dovecot
TrainingMode teft
TestConditionalTraining on
Feature chained
Feature whitelist
Algorithm graham burton
PValue graham
SupressWebStats on
Preference "spamAction=tag"
Preference "signatureLocation=headers" # 'message' or 'headers'
Preference "showFactors=off"
Preference "spamSubject=[SPAM]"
ServerMode auto
ServerParameters "--deliver=innocent"
ServerIdent "localhost.localdomain"
ServerDomainSocketPath "/var/spool/postfix/var/run/dspam.sock"
in /etc/dspam/dspam.d/pgsql.conf, I have:
PgSQLServer 127.0.0.1
#PgSQLPort 5432
PgSQLUser ...
PgSQLPass ...
PgSQLDb ...
PgSQLUIDInSignature on
PgSQLVirtualTable dspam_virtual_uids
PgSQLVirtualUIDField uid
PgSQLVirtualUsernameField username
with this setup, dspam is running fine.
Then, I hooked it up to Postfix by having these...
master.cf:
smtp inet n - - - - smtpd
-o content_filter=lmtp:unix:/var/run/dspam.sock
[..... and right before the dovecot line, I have:]
dspam unix - n n - - pipe
flags=Ru user=dspam argv=/usr/bin/dspam
--client
--deliver=innocent,spam
--user ${recipient}
--mail-from=${sender}
localhost:10026 inet n - n - - smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
dspam-retrain unix - n n - 10 pipe
flags=Rhq user=dspam argv=/usr/bin/dspamc --client --mode=teft
--class=${nexthop} --source=error --u ser ${sender}
some additions to main.cf:
virtual_mailbox_maps = pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.cf
hash:/etc/postfix/dspam_aliases
transport_maps = hash:/etc/postfix/transport
dspam_destination_recipient_limit = 1
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
check_recipient_access pcre:/etc/postfix/dspam_filter_access
permit
my /etc/postfix/dspam_aliases:
s...@mydomain.com x
nos...@mydomain.com x
my /etc/postfix/transport:
s...@mydomain.com dspam-retrain:spam
nos...@mydomain.com dspam-retrain:innocent
my /etc/postfix/dspam_filter_access:
/./ FILTER dspam:dspam
Again, with these setups, both dspam and postfix can run, but not without its
problems. Hence, my questions :)
1. Whenever there's an incoming mail, I think I perceive it as mail being
transferred to smtp, gets redirected to dspam, then reinjected to smtp, then
dovecot for delivery. my /var/log/mail.log looks like this:
Aug 25 15:22:59 myhostname postfix/smtpd[24554]: connect from
web55008.mail.re4.yahoo.com[206.190.58.142]
Aug 25 15:23:03 myhostname postfix/smtpd[24554]: NOQUEUE: filter: RCPT
from web55008.mail.re4.yahoo.com[206.190.58.142]: <rez...@mydomain.com>:
Recipient address triggers FILTER dspam:dspam;
from=<rez...@yahoo.com> to=<rez...@mydomain.com> proto=SMTP
helo=<web55008.mail.re4.yahoo.com>
Aug 25 15:23:03 myhostname postfix/smtpd[24554]: 4923E11C368:
client=web55008.mail.re4.yahoo.com[206.190.58.142]
Aug 25 15:23:05 myhostname postfix/cleanup[24568]: 4923E11C368:
message-id=<420173.20101...@web55008.mail.re4.yahoo.com>
Aug 25 15:23:05 myhostname dkim-filter[22819]: 4923E11C368 external
host web55008.mail.re4.yahoo.com attempted to send as yahoo.com
Aug 25 15:23:06 myhostname dkim-filter[22819]: 4923E11C368: bad
signature data
Aug 25 15:23:06 myhostname postfix/qmgr[24572]: 4923E11C368:
from=<rez...@yahoo.com>, size=1908, nrcpt=1 (queue active)
Aug 25 15:23:07 myhostname postfix/smtpd[24554]: disconnect from
web55008.mail.re4.yahoo.com[206.190.58.142]
Aug 25 15:23:08 myhostname postfix/smtpd[24579]: connect from
myhostname.mydomain.com[127.0.0.1]
Aug 25 15:23:08 myhostname postfix/smtpd[24579]: 566A011C3A4:
client=myhostname.mydomain.com[127.0.0.1]
Aug 25 15:23:08 myhostname postfix/cleanup[24568]: 566A011C3A4:
message-id=<420173.20101...@web55008.mail.re4.yahoo.com>
Aug 25 15:23:08 myhostname postfix/qmgr[24572]: 566A011C3A4:
from=<rez...@yahoo.com>, size=2381, nrcpt=1 (queue active)
Aug 25 15:23:08 myhostname postfix/smtpd[24579]: disconnect from
myhostname.mydomain.com[127.0.0.1]
Aug 25 15:23:08 myhostname postfix/pipe[24573]: 4923E11C368:
to=<rez...@mydomain.com>, relay=dspam, delay=6.9, delays=5.3/0.01/0/1.6,
dsn=2.0.0, status=sent (delivered via dspam service)
Aug 25 15:23:08 myhostname postfix/qmgr[24572]: 4923E11C368: removed
Aug 25 15:23:08 myhostname postfix/pipe[24581]: 566A011C3A4:
to=<rez...@mydomain.com>, relay=dovecot, delay=0.35, delays=0.15/0.01/0/0.19,
dsn=2.0.0, status=sent (delivered via dovecot service)
Aug 25 15:23:08 myhostname postfix/qmgr[24572]: 566A011C3A4: removed
So it looks like the incoming mail is received a few times.. Is this normal?
Would this cause a "bottleneck" when there are lots of incoming mail at the
same time? Do you guys have any better solution?
2. I still can't seem to get dspam-retrain to work whenever I forward an
uncaught spam message to s...@mydomain.com. When I forward the message, I
would get:
Aug 25 16:31:25 myhostname postfix/qmgr[24572]: E13E511C3A4:
from=<rez...@mydomain.com>, size=2854, nrcpt=1 (queue active)
Aug 25 16:31:25 myhostname dspam[24476]: Unable to find a valid
signature. Aborting.
Aug 25 16:31:25 myhostname dspam[24476]: process_message returned error
-5. dropping message.
Aug 25 16:31:25 myhostname postfix/lmtp[26099]: E13E511C3A4:
to=<s...@mydomain.com>, relay=myhostname.mydomain.com[/var/run/dspam.sock],
delay=1, delays=0.92/0.01/0/0.08, dsn=2.6.0, status=sent (250 2.6.0
<s...@mydomain.com> Message accepted for delivery)
But, when I looked at the header of the message I was forwarding, it had a
"X-DSPAM-Signature". But why didn't it see it as a valid signature?
3. The last thing I notice is, whenever there's a warning or error (like the
message above, or if there's a ehlo required error), dspam would spit something
like this on stdout:
WARNING: nonstandard use of \\ in a string literal
LINE 1: ... '2,4c74dee8244761101518019', 3492, CURRENT_DATE,
'\\000\\00...
^
HINT: Use the escape string syntax for backslashes, e.g., E'\\'.
I assume it was caused by the pgsql_objects.sql but I have no idea how to fix
them.
I hope I gave enough information on where I'm having problems with, and I
really appreciate your help to assist me to sort out my problems.
Thank you,
Reza------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users
worldwide. Take advantage of special opportunities to increase revenue and
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________
Dspam-user mailing list
Dspam-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspam-user
