On Tue, 01 Mar 2011 12:42:05 +0100, Tom Hendrikx wrote:
> Hi,
>
> Dovecot-antispam plugin is a better solution indeed. I use his too.
>
> I'm not sure why dovecot-antispam plugin does not work when using the
> dspam backend config. Finding out what is causing this, was still on
> my
> todo-list.
>
I did for a friend the configuration that works. The only problem so
far is that the dovecot-antispam plugin has issues if you use dovecot >=
2.0. So you need patching to get it working under dovecot >2.0 or you
need to use the fork for 2.0.
> For the moment, I abuse the sendmail/mailtrain backend for calling
> dspam. Configuration looks like this in my setup:
>
> $ cat /etc/dovecot/conf.d/91-antispam.conf
> plugin {
> antispam_backend = mailtrain
> antispam_mail_sendmail = /usr/bin/dspamc
> antispam_mail_sendmail_args = --source=error;--deliver=;--user;%u
> antispam_mail_notspam = --class=innocent
> antispam_mail_spam = --class=spam
> antispam_mail_tmpdir = /tmp
> antispam_signature = X-DSPAM-Signature
> antispam_signature_missing = move
> antispam_spam_pattern_ignorecase = Junk;Junk.*
> antispam_trash_pattern_ignorecase = Trash;Deleted Items;Deleted
> Messages
>
This is the configuration that I used for him:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Selects the specific backend to be used for spam system training
antispam_backend = dspam
# Specifies whether to allow appending mails to the spam folder
# from the unknown source. Optional, default = NO.
antispam_allow_append_to_spam = NO
# Specifies whether to skip the leading "From " line of the mail
# piped to the backend processor. Optional, default = NO.
antispam_skip_from_line = NO
# semicolon-separated list of spam folders
antispam_spam = Spam;spam;SPAM;Junk;junk;JUNK;Junk-E-Mail;Junk
Mail;junk mail;Junk Mails;junk mails;Unerw&APw-nschte Mails
# semicolon-separated list of Trash folders (default unset i.e. none)
antispam_trash = Trash;trash;Deleted;deleted;Deleted Items;Deleted
Messages;Gel&APY-scht;Gel&APY-schte Elemente
# semicolon-separated list of unsure folders (default unset i.e.
none)
#antispam_unsure =
# mail signature (used with any backend requiring a signature)
antispam_signature = X-DSPAM-Signature
# specifies what to do if the signature header is missing. Possible
# values: "move" (move the mail silently without training), "error"
# (display an error stating that the signature header is missing).
# Optional, default = "error".
antispam_signature_missing = error
# specifies the path to the dspam client binary.
# Optional, default = "/usr/bin/dspam".
antispam_dspam_binary = /usr/bin/dspam
# list of command line arguments to the dspam binary. Must include
# one "%%s" in order to be replaced with the signature value.
# Optional, default = "--source=error;--signature=%%s".
antispam_dspam_args =
--user;%Lu;--deliver=;--source=error;--signature=%%s
# command line argument to specify that mail should be reclassified
# as SPAM. Optional, default = "--class=spam".
antispam_dspam_spam = --class=spam
# command line argument to specify that mail should be reclassified
# as not SPAM. Optional, default = "--class=innocent".
antispam_dspam_notspam = --class=innocent
# specifies the mail header name to derive the classification result.
# Optional, default = NONE.
antispam_dspam_result_header = X-DSPAM-Result
# specifies the list of classification results to avoid retraining
# for. Optional, default = NONE.
antispam_dspam_result_blacklist = Virus;Blocklisted;Blacklisted
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
@Tom: Since I know that you are using Gentoo... let me know if you
need/want a Ebuild for the dovecot-antispam plugin that works without
issues under dovecot >= 2.x
> Adapt to your liking, of course.
>
> Regards,
> Tom
>
--
Kind Regards from Switzerland,
Stevan Bajić
> On 01/03/11 12:15, Robert Z wrote:
>> Great explanation Tom. One more question if you dont mind. What
>> would
>> be the correct way to use header signatures when training ? I want
>> to
>> use Dovecot-antispam for this. I have attached my dovecot.conf, as
>> anitispam will not pipe to Dspam for training when I move mail to
>> the
>> "Spam" folder. Robert ----- Original Message ----
>>
>>> From: Tom Hendrikx To: dspam-user@lists.sourceforge.net [3] Sent:
>>> Tue, March 1, 2011 2:27:53 AM Subject: Re: [Dspam-user] Can NOT get
>>> Dspam to retrain, DSPAM refuses to find the X-DSPAM-Signature in
>>> the
>>> header On 01/03/11 10:28, Robert Z wrote:
>>>
>>>> Here is my master.cf and main.cf. I am currently training through
>>>> s...@domain.com [1]. The only thing I can think of that is causing
>>>> this issue is that postfix or
>>
>>>> dspam is stripping the Dspam headers when I send to train at
>>>> s...@domain.com [4]. Thanks for the help Robert
>>> Hi, If you are retraining by forwarding, you need to to put the
>>> signature in the body. When you forward a message with your MUA to
>>> s...@example.com [5], the MUA sends a new message with your
>>> 'problematic' email either as an attachment or inline. The new
>>> message has no DSPAM header. 'As an attachment' means that the
>>> to-be-detected signature is a header in an attachment to the
>>> message
>>> that you send to DSPAM, not in the message's header itself: DSPAM
>>> does not see this. When the problematic e-mail is forwarded inline,
>>> typically all headers are removed by the MUA: only the message body
>>> of the email is included in the new message. When the signature is
>>> in
>>> the body, and your MUA forwards inline, the signature is still in
>>> the
>>> body of the new message, so that should work. For attached messages
>>> it might also work (not sure). For some MUAs, 'bouncing' the
>>> message
>>> to the s...@example.com [6] might work as this leaves headers
>>> intact
>>> (for those rare MUAs that still support bouncing). Conclusion: when
>>> retraining is based on forwarding a misclassified message to some
>>> mail address destined for dspam processing, make sure that the
>>> signature is in the body. Kind regards, Tom
>>
>
------------------------------------------------------------------------------
>> Free Software Download: Index, Search & Analyze Logs and other IT
>> data
>> in Real-Time with Splunk. Collect, index and harness all the fast
>> moving IT data generated by your applications, servers and devices
>> whether physical, virtual or in the cloud. Deliver compliance at
>> lower
>> cost and gain new business insights.
>> http://p.sf.net/sfu/splunk-dev2dev
>> [7] _______________________________________________ Dspam-user
>> mailing
>> list Dspam-user@lists.sourceforge.net [8]
>> https://lists.sourceforge.net/lists/listinfo/dspam-user [9]
Links:
------
[1] mailto:s...@domain.com
[2] mailto:t...@whyscream.net
[3] mailto:dspam-user@lists.sourceforge.net
[4] mailto:s...@domain.com
[5] mailto:s...@example.com
[6] mailto:s...@example.com
[7] http://p.sf.net/sfu/splunk-dev2dev
[8] mailto:Dspam-user@lists.sourceforge.net
[9] https://lists.sourceforge.net/lists/listinfo/dspam-user
------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in
Real-Time with Splunk. Collect, index and harness all the fast moving IT data
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business
insights. http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________
Dspam-user mailing list
Dspam-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspam-user
