Hi List,
I'm new here and have a question about dspam with clamav. We use dspam to do
the spam filtering and also use dspam to call clamav. Spam filtering works fine
but when a virus is detected something goes wrong:
Aug 27 11:56:42 chuck dspam[7760]: [ID 930983 mail.warning] virus warning:
infected message from 209.85.213.172
Aug 27 11:56:42 chuck postfix/pipe[7759]: [ID 197553 mail.info] 096F78C8B:
to=<martijn_redknot...@chuck.redknot.nl>, orig_to=<mart...@redknot.nl>,
relay=dspam, delay=0.47, delays=0.16/0.02/0/0.29, dsn=5.3.0, status=bounced
(Command died with status 255: "/opt/redknot/bin/dspam")
>From the above logs I can't tell what is going wrong, and this dspam.debug log
>also doesn't really help me allot:
7760: [08/27/2010 11:56:42] DSPAM Instance Startup
7760: [08/27/2010 11:56:42] input args: /opt/redknot/bin/dspam --client
--deliver=innocent,spam --user martijn_redknot.nl --mode=tum
--mail-from=martijndemun...@gmail.com
7760: [08/27/2010 11:56:42] pass-thru args: /opt/redknot/sbin/sendmail
7760: [08/27/2010 11:56:42] processing user martijn_redknot.nl
7760: [08/27/2010 11:56:42] uid = 60030, euid = 60030, gid = 60030, egid = 60030
7760: [08/27/2010 11:56:42] loading preferences for user martijn_redknot.nl
7760: [08/27/2010 11:56:42] _pgsql_drv_getpwnam: successful returning struct
for name: martijn_redknot.nl
7760: [08/27/2010 11:56:42] Loading preferences for uid 6
7760: [08/27/2010 11:56:42] Loading preferences for uid 0
7760: [08/27/2010 11:56:42] Loading preferences for uid 0
7760: [08/27/2010 11:56:42] default preferences empty. reverting to dspam.conf
preferences.
7760: [08/27/2010 11:56:42] Loading preferences from dspam.conf
7760: [08/27/2010 11:56:42] using /home/redknot.nl/homes/martijn/.dspam as path
7760: [08/27/2010 11:56:42] using /home/redknot.nl/homes/martijn/.nodspam as
path
7760: [08/27/2010 11:56:42] sedation level set to: 5
7760: [08/27/2010 11:56:42] _pgsql_drv_getpwnam: successful returning struct
for name: martijn_redknot.nl
7760: [08/27/2010 11:56:42] Connecting to 127.0.0.1:3310 for virus check
7760: [08/27/2010 11:56:42] Connecting to 127.0.0.1:1439 for virus stream
transmission
7760: [08/27/2010 11:56:42] _pgsql_drv_getpwnam returning cached name
martijn_redknot.nl.
7760: [08/27/2010 11:56:42] saving signature as 4c778bda77601259822065
7760: [08/27/2010 11:56:42] _pgsql_drv_getpwnam returning cached name
martijn_redknot.nl.
7760: [08/27/2010 11:56:42] libdspam returned probability of 1.000000
7760: [08/27/2010 11:56:42] message result: SPAM
7760: [08/27/2010 11:56:42] _pgsql_drv_getpwnam returning cached name
martijn_redknot.nl.
7760: [08/27/2010 11:56:42] DSPAM Instance Shutdown. Exit Code: 0
This is my dspam.conf:
Home /opt/redknot/var/dspam
StorageDriver /opt/redknot/lib/dspam/libpgsql_drv.so
DeliveryHost 127.0.0.1
DeliveryPort 10026
DeliveryIdent localhost
DeliveryProto SMTP
EnablePlusedDetail on
OnFail error
Trust root
Trust dspam
TrainingMode toe
TestConditionalTraining on
Feature whitelist
Algorithm graham burton
Tokenizer chain
PValue bcr
WebStats on
ImprobabilityDrive on
PgSQLServer chuck.redknot.nl
PgSQLPort 5432
PgSQLUser dspam
PgSQLPass Islpombds
PgSQLDb dspam
PgSQLConnectionCache 3
LocalMX 127.0.0.1
TrustedDeliveryAgent /opt/redknot/sbin/sendmail
SystemLog on
UserLog on
Opt out
ServerHost 127.0.0.1
ServerPort 10025
ServerQueueSize 32
ServerPID /opt/redknot/var/dspam/run/dspam.pid
ServerMode standard
ServerIdent "chuck.redknot.nl"
ProcessorURLContext on
ProcessorBias on
StripRcptDomain off
Debug *
DebugOpt process
Preference "trainingMode=TOE" # { TOE | TUM | TEFT | NOTRAIN } ->
default:teft
Preference "spamAction=deliver" # { quarantine | tag | deliver } ->
default:quarantine
Preference "spamSubject=[SPAM]" # { string } -> default:[SPAM]
Preference "statisticalSedation=5" # { 0 - 10 } -> default:0
Preference "enableBNR=on" # { on | off } -> default:off
Preference "enableWhitelist=on" # { on | off } -> default:on
Preference "signatureLocation=headers" # { message | headers } ->
default:message
Preference "tagSpam=off" # { on | off }
Preference "tagNonspam=off" # { on | off }
Preference "showFactors=off" # { on | off } -> default:off
Preference "optIn=off" # { on | off }
Preference "optOut=off" # { on | off }
Preference "whitelistThreshold=10" # { Integer } -> default:10
Preference "makeCorpus=off" # { on | off } -> default:off
Preference "storeFragments=off" # { on | off } -> default:off
Preference "localStore=" # { on | off } -> default:username
Preference "processorBias=on" # { on | off } -> default:on
Preference "fallbackDomain=off" # { on | off } -> default:off
Preference "trainPristine=off" # { on | off } -> default:off
Preference "optOutClamAV=off" # { on | off } -> default:off
Preference "ignoreRBLLookups=off" # { on | off } -> default:off
Preference "RBLInoculate=off" # { on | off } -> default:off
AllowOverride optOut
AllowOverride optOutClamAV
ClamAVPort 3310
ClamAVHost 127.0.0.1
ClamAVResponse reject
and the output of postconf -n:
alias_maps = dbm:/etc/opt/redknot/postfix/aliases
config_directory = /etc/opt/redknot/postfix
content_filter = dspam:dpsam
disable_vrfy_command = yes
home_mailbox = Maildir/
mailbox_command = /opt/redknot/libexec/dovecot/deliver -a "$RECIPIENT" -m
"$EXTENSION" -s
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = chuck.redknot.nl
myhostname = chuck.redknot.nl
recipient_delimiter = +
smtpd_banner = $myhostname ESMTP
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_proxy_filter = 127.0.0.1:10027
smtpd_proxy_options = speed_adjust
smtpd_recipient_restrictions = reject_non_fqdn_helo_hostname,
reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_unauth_destination, reject_rbl_client virbl.dnsbl.bit.nl,
check_policy_service inet:localhost:10029, check_policy_service
inet:localhost:10030, check_policy_service inet:localhost:10031, permit
smtpd_tls_cert_file = /etc/opt/redknot/ssl/chuck.redknot.nl.cer
smtpd_tls_key_file = /etc/opt/redknot/ssl/chuck.redknot.nl.key
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
virtual_alias_maps = dbm:/etc/opt/redknot/postfix/virtual
and the master.cf file:
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
dspam unix - n n - 10 pipe
flags=Rhqu user=dspam argv=/opt/redknot/bin/dspam --client
--deliver=innocent,spam --user ${mailbox} --mode=tum --mail-from=${sender}
### spf policy service
localhost:10029 inet n n n - 0 spawn
user=nobody argv=/usr/bin/policyd-spf
### mail returning from dspam
localhost:10026 inet n - n - 10 smtpd
-o content_filter=
-o smtpd_proxy_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
### mail returning from dcc
localhost:10028 inet n - n - 10 smtpd
-o smtpd_proxy_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users
worldwide. Take advantage of special opportunities to increase revenue and
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________
Dspam-user mailing list
Dspam-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspam-user
