Weird:
# dspam_admin list preference be...@scionaviation.com
# dspam_admin aggregate preference be...@scionaviation.com
spamAction=quarantine
signatureLocation=message
showFactors=on
spamSubject=SPAM
My users all sign in with their email addresses.
While I have a local preferences file, maybe dspam isn't reading it but is
instead looking in mysql. If so ...
mysql> select * FROM dspam_preferences;
Empty set (0.00 sec)
That could be why list preference comes up empty. How much does that matter
though if the aggregate preferences show quarantine?
I started it up as dspam --daemon --debug and I got a spam right away. Here's
what it said:
32368: [12/21/2011 14:42:11] No QuarantineAgent option found. Using standard
quarantine.
32368: [12/21/2011 14:42:11] using database handle id 0
32368: [12/21/2011 14:42:11] handle locked
32368: [12/21/2011 14:42:11] DSPAM Instance Startup
32368: [12/21/2011 14:42:11] input args: dspam --deliver=innocent
32368: [12/21/2011 14:42:11] pass-thru args: /usr/bin/procmail
32368: [12/21/2011 14:42:11] processing user be...@scionaviation.com
32368: [12/21/2011 14:42:11] uid = 0, euid = 0, gid = 0, egid = 115
32368: [12/21/2011 14:42:11] loading preferences for user
be...@scionaviation.com
32368: [12/21/2011 14:42:11] Loading preferences for uid 1
32368: [12/21/2011 14:42:11] Loading preferences for uid 0
32368: [12/21/2011 14:42:11] Loading preferences for uid 0
32368: [12/21/2011 14:42:11] default preferences empty. reverting to dspam.conf
preferences.
32368: [12/21/2011 14:42:11] Loading preferences from dspam.conf
32368: [12/21/2011 14:42:11] using
/var/spool/dspam/opt-in/scionaviation.com/betsy.dspam as path
32368: [12/21/2011 14:42:11] using
/var/spool/dspam/opt-out/scionaviation.com/betsy.nodspam as path
32368: [12/21/2011 14:42:11] sedation level set to: 0
32368: [12/21/2011 14:42:11] Whitelist threshold: 10
[SNIP SPAM ANALYSIS]
32368: [12/21/2011 14:42:11] Graham-Bayesian Probability: 1.000000 Samples: 15
32368: [12/21/2011 14:42:11] Burton-Bayesian Probability: 1.000000 Samples: 27
32368: [12/21/2011 14:42:11] using Graham factors
32368: [12/21/2011 14:42:11] Result Confidence: 0.99
32368: [12/21/2011 14:42:11] Control: [10 10] [11 10] Delta: [1 0]
32368: [12/21/2011 14:42:11] saving signature as 4ef244a3323682082510379
32368: [12/21/2011 14:42:11] libdspam returned probability of 1.000000
32368: [12/21/2011 14:42:11] message result: SPAM
32368: [12/21/2011 14:42:11] DSPAM Instance Shutdown. Exit Code: 0
What should I set QuarantineAgent to (if anything)?
I checked /var/log/mail.info to see if it said anything about delivering the
message by pulling the from address from dspam's system.log and then searching
for it in mail.info. All I see is my greylisting info (which the message
passed).
In /var/log/mail.err I have:
Dec 20 14:23:33 s1 deliver(www-data): mkdir(/var/www/Maildir/cur) failed:
Permission denied
Dec 20 22:52:26 s1 dspam[7142]: Unable to attach DSPAM context. Retrying.
Dec 21 08:22:00 s1 dspam[7142]: Unable to attach DSPAM context. Retrying.
Dec 21 14:14:14 s1 dspam[7142]: Unable to attach DSPAM context. Retrying.
Is any of this useful?
Thanks,
Troy
On Wed, 21 Dec 2011 14:34:01 -0600
Troy Ayers <dspam1...@wcta.net> wrote:
> does
> "dspam_admin list preference $USER"
> show the same as what you have in your user.prefs?
>
> For that matter how about
> "dspam_admin aggregate preference $USER"?
>
> As far as I thought I knew, user prefs override the default user
> prefs, as well as the preferences specified on the command line.
>
> Hopefully someone has a better option, but all I can think of now is
> to turn on debugging and see what the dspam.debug shows.
>
>
> On 12/21/2011 12:26 PM, Troy Vitullo wrote:
> > Thanks for getting back to me. Now that we have Troys helping Troys
> > the world is in big trouble.
> :D
> -Troy
> >
> > The only config I have in /etc/dspam/dspam.d/ is my mysql conf. I
> > checked just in case and it has no spamAction setting in there.
> >
> > I checked the user's settings and she has spamAction=quarantine.
> > Here's her full config
> > from /var/spool/dspam/data/[domain]/[user]/[user].prefs
> >
> > trainingMode=TEFT
> > spamAction=quarantine
> > spamSubject=[SPAM]
> > statisticalSedation=0
> > enableBNR=on
> > optIn=off
> > optOut=off
> > showFactors=off
> > enableWhitelist=on
> > signatureLocation=message
> >
> > /etc/dspam/default.prefs also has a spamAction of quarantine.
> >
> > I think it's some basic setting I don't have turned on that enables
> > dspam to quarantine.
> >
> > Here's what a spam looks like in the log:
> >
> > 1324488427 S "OrGreenic Natural
> > Cookware"<orgree...@securegridbackups.com>
> > 4ef216eb71421784485046 Cook Without Oil, Butter or Grease with
> > OrGreenic! 0.076892 [user's email]
> > Tagged<7111466088970171208.1324957292a854a2686c7ee87e375c97.651008...@server.securegridbackups.com>
> >
> > Thanks,
> >
> > Troy
> >
> > On Wed, 21 Dec 2011 12:06:02 -0600
> > Troy Ayers<dspam1...@wcta.net> wrote:
> >
> >> Troy,
> >>
> >> Perhaps the user has their own override for spamaction since that
> >> is allowed in dspam.conf? AllowOverride spamAction spamSubject
> >>
> >>
> >> Also, The last line of you dspam.conf is:
> >> Include /etc/dspam/dspam.d/
> >> So perhaps inspect the contents of that directory, see if there is
> >> another Preference "spamAction=
> >> in there? I don't recall if dspam takes the first or last instance
> >> if you have something defined more than once, I presume it takes
> >> the last.
> >>
> >> -Troy
> >>
> >>
> >>
> >> On 12/21/2011 7:57 AM, Troy Vitullo wrote:
> >>> Hi,
> >>>
> >>> I have a fairly simple dspam set up, but I'm missing a key piece
> >>> of it.
> >>>
> >>> I've set dspam up to quarantine suspect messages but it's sending
> >>> them anyway (with a [SPAM] tag attached to them.) Here's my
> >>> relevant config settings in /etc/dspam/dspam.conf:
> >>>
> >>> ServerParameters "--deliver=innocent"
> >>> ServerIdent "localhost.localdomain"
> >>>
> >>> Here's what I have in /etc/postfix/master.cf:
> >>>
> >>> smtp inet n - n - - smtpd
> >>> -o
> >>> content_filter=lmtp:unix:/var/spool/postfix/var/run/dspam.sock
> >>> 127.0.0.1:10026 inet n - - - - smtpd -o
> >>> content_filter= -o
> >>> receive_override_options=no_unknown_recipient_checks,no_header_body_checks
> >>> -o smtpd_helo_restrictions= -o smtpd_client_restrictions=
> >>> -o smtpd_sender_restrictions=
> >>> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> >>> -o mynetworks=127.0.0.0/8
> >>> -o smtpd_authorized_xforward_hosts=127.0.0.0/8
> >>>
> >>> postfix uses dovecot as an external delivery method to deliver
> >>> mail:
> >>>
> >>> dovecot unix - n n - - pipe
> >>> flags=DRhu user=dovecot argv=/usr/lib/dovecot/deliver -d
> >>> ${recipient}
> >>>
> >>> I added this:
> >>> dspam unix - n n - 10 pipe
> >>> flags=Ru user=dspam argv=/usr/bin/dspam --deliver=innocent
> >>> --user $recipient -i -f $sender -- $recipient
> >>>
> >>> underneath but it looks like it still forwards spam instead of
> >>> quarantining it.
> >>>
> >>> The whole system was set up by somebody a lot smarter than I am,
> >>> and I'm trying to tack dspam onto the end of it, so thanks for
> >>> humoring a newb.
> >>>
> >>> Full dspam config:
> >>>
> >>> Home /var/spool/dspam
> >>> StorageDriver /usr/lib/dspam/libmysql_drv.so
> >>> TrustedDeliveryAgent "/usr/bin/procmail"
> >>> DeliveryHost 127.0.0.1
> >>> DeliveryPort 10026
> >>> DeliveryIdent localhost
> >>> DeliveryProto SMTP
> >>> OnFail error
> >>> Trust root
> >>> Trust dspam
> >>> Trust mail
> >>> Trust mailnull
> >>> Trust smmsp
> >>> Trust daemon
> >>> Debug *
> >>> TrainingMode teft
> >>> TestConditionalTraining on
> >>> Feature chained
> >>> Feature whitelist
> >>> Algorithm graham burton
> >>> PValue graham
> >>> Preference "spamAction=quarantine"
> >>> Preference "signatureLocation=message" # 'message' or 'headers'
> >>> Preference "showFactors=on"
> >>> Preference "spamSubject=SPAM"
> >>> AllowOverride trainingMode
> >>> AllowOverride spamAction spamSubject
> >>> AllowOverride statisticalSedation
> >>> AllowOverride enableBNR
> >>> AllowOverride enableWhitelist
> >>> AllowOverride signatureLocation
> >>> AllowOverride showFactors
> >>> AllowOverride optIn optOut
> >>> AllowOverride whitelistThreshold
> >>> HashRecMax 98317
> >>> HashAutoExtend on
> >>> HashMaxExtents 0
> >>> HashExtentSize 49157
> >>> HashMaxSeek 100
> >>> HashConnectionCache 10
> >>> Notifications off
> >>> PurgeSignatures 14 # Stale signatures
> >>> PurgeNeutral 90 # Tokens with neutralish probabilities
> >>> PurgeUnused 90 # Unused tokens
> >>> PurgeHapaxes 30 # Tokens with less than 5 hits
> >>> (hapaxes) PurgeHits1S 15 # Tokens with only 1 spam hit
> >>> PurgeHits1I 15 # Tokens with only 1 innocent hit
> >>> LocalMX 127.0.0.1
> >>> SystemLog on
> >>> UserLog on
> >>> Opt out
> >>> TrackSources spam
> >>> ParseToHeaders full
> >>> ChangeModeOnParse on
> >>> ChangeUserOnParse off
> >>> ServerPID /var/run/dspam.pid
> >>> ServerMode auto
> >>> ServerPass.Relay1 "secret"
> >>> ServerParameters "--deliver=innocent"
> >>> ServerIdent "localhost.localdomain"
> >>> ServerDomainSocketPath "/var/spool/postfix/var/run/dspam.sock"
> >>> ClientHost /var/spool/postfix/var/run/dspam.sock
> >>> ClientIdent "secret@Relay1"
> >>> ProcessorBias on
> >>> Include /etc/dspam/dspam.d/
> >>>
> >>> Troy
> >>>
> >>> ------------------------------------------------------------------------------
> >>> Write once. Port to many.
> >>> Get the SDK and tools to simplify cross-platform app development.
> >>> Create new or port existing apps to sell to consumers worldwide.
> >>> Explore the Intel AppUpSM program developer opportunity.
> >>> appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev
> >>> _______________________________________________
> >>> Dspam-user mailing list
> >>> Dspam-user@lists.sourceforge.net
> >>> https://lists.sourceforge.net/lists/listinfo/dspam-user
> >>>
> >>>
> >>
> >>
> >> ------------------------------------------------------------------------------
> >> Write once. Port to many.
> >> Get the SDK and tools to simplify cross-platform app development.
> >> Create new or port existing apps to sell to consumers worldwide.
> >> Explore the Intel AppUpSM program developer opportunity.
> >> appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev
> >> _______________________________________________
> >> Dspam-user mailing list
> >> Dspam-user@lists.sourceforge.net
> >> https://lists.sourceforge.net/lists/listinfo/dspam-user
> >>
> >>
> >>
> >>
> > ------------------------------------------------------------------------------
> > Write once. Port to many.
> > Get the SDK and tools to simplify cross-platform app development.
> > Create new or port existing apps to sell to consumers worldwide.
> > Explore the Intel AppUpSM program developer opportunity.
> > appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev
> > _______________________________________________
> > Dspam-user mailing list
> > Dspam-user@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/dspam-user
> >
> >
>
>
>
> ------------------------------------------------------------------------------
> Write once. Port to many.
> Get the SDK and tools to simplify cross-platform app development.
> Create new or port existing apps to sell to consumers worldwide.
> Explore the Intel AppUpSM program developer opportunity.
> appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev
> _______________________________________________
> Dspam-user mailing list
> Dspam-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/dspam-user
>
> !DSPAM:4ef23b3371421186694290!
>
>
------------------------------------------------------------------------------
Write once. Port to many.
Get the SDK and tools to simplify cross-platform app development. Create
new or port existing apps to sell to consumers worldwide. Explore the
Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join
http://p.sf.net/sfu/intel-appdev
_______________________________________________
Dspam-user mailing list
Dspam-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspam-user
