On 26.08.2012 16:35, Fernando Maule wrote:
>
> Hello all
Ciao Fernando,
> I am actually testing dspam because i need a more scalable
> solution than spamassassin.
> my actual setup is debian, postfix 2.7.1, dspam 3.10.2, dovecot,
> postfixadmin, mysql db.
>
> the uid of the virtual_uids table is auto_increment, and i've created a
> post-mailbox-add on postfixadmin to insert a new uid every time a new
> mailbox is created
This is okay but what is your policy regarding filtering? Opt In or Opt Out?
I would suggest you run "Opt In" and use the preference extension and
then add the preference "optIn on" and "optOut off"
The script I use for mailbox postcreation is:
-----------------------------------
#!/bin/sh
# $Id: postfixadmin-mailbox-postcreation.sh,v 1.00 2009/06/29 00:57:14
sbajic Exp $
#
# Copyright 2009 Stevan Bajic <ste...@bajic.ch>
# Distributed under the terms of the GNU Affero General Public License v3
#=========================================================================
# Script for for adding a Maildir to a IMAP virtual mail hierarchy.
#
# arg1: username
# arg2: domain
# arg3: maildir
# arg4: quota
#
# The script only looks at argument 3, assuming that it
# indicates the relative name of a maildir, such as
# "somedomain.com/peter/".
#
# This script should be run as the user which owns the maildirs. If
# the script is actually run by the apache user (e.g. through PHP),
# then you could use "sudo" to grant apache the rights to run
# this script as the relevant user.
# Assume this script has been saved as
# /usr/local/bin/postfixadmin-mailbox-postcreation.sh and has been
# made executable. Now, an example /etc/sudoers line:
# apache ALL=(courier) NOPASSWD:
/usr/local/bin/postfixadmin-mailbox-postcreation.sh
# The line states that the apache user may run the script as the
# user "courier" without providing a password.
#=========================================================================
# Change this to where you keep your virtual mail users' maildirs.
basedir="/var/spool/mail";
# Change this to the uid used for creating your virtual users' maildir
uid="mail";
# Change this to the gid used for creating your virtual users' maildir
gid="mail";
if [ ! -e "${basedir}" ]; then
echo "basedir '${basedir}' does not exist; bailing out.";
exit 1;
fi
if [ `echo "${3}" | fgrep '..'` ]; then
echo "An argument contained a double-dot sequence; bailing out.";
exit 1;
fi
maildir="${basedir}/${3}";
parent=`dirname "${maildir}"`;
if [ ! -d "${parent}" ]; then
if [ -e "${parent}" ]; then
echo "Strange - directory '${parent}' exists, but is
not a directory.";
echo "Bailing out.";
exit 1;
else
mkdir -p "${parent}";
if [ ${?} -ne 0 ]; then
echo "mkdir -p '${parent}' returned non-zero;
bailing out.";
exit 1;
fi
fi
fi
subdir=`echo "${1}" | sed 's/@.*//'`;
maildir_paths="${maildir}/cur ${maildir}/new ${maildir}/tmp";
foo="${basedir}"
for bar in $(echo ${3} | sed "s:/: :g")
do
foo="${foo}/${bar}";
maildir_paths="${maildir_paths} ${foo}";
done
# Additional folders
for foo in Drafts Queue Junk Sent
do
maildir_paths="${maildir_paths} ${maildir}/.${foo}
${maildir}/.${foo}/cur ${maildir}/.${foo}/new ${maildir}/.${foo}/tmp";
done
##
## Opt-In user into DSPAM
##
if (echo "${1}" | grep -q '\@'); then
dspam_user="${1}";
else
dspam_user="${1}@${2}";
fi
dspam_admin add preference ${dspam_user} optIn on >/dev/null 2>&1;
dspam_admin change preference ${dspam_user} optIn on >/dev/null 2>&1;
dspam_admin add preference ${dspam_user} optOut off >/dev/null 2>&1;
dspam_admin change preference ${dspam_user} optOut off >/dev/null 2>&1;
###
if [ -d "${maildir}" ]; then
echo "Directory '${maildir}' already exists! Bailing out";
exit 1;
else
umask 007;
mkdir -p ${maildir_paths};
chmod u+rwx,g+rwx,o-rwx ${maildir_paths};
chown ${uid}:${gid} ${maildir_paths};
fi
if [ ! -d "${maildir}" ]; then
echo "Could not create maildir directory structure.";
echo "Bailing out.";
exit 1;
fi
exit 0;
-----------------------------------
The script might look crazy but I try to avoid external dependency so
all this maildir create stuff is done in pure shell. If I would force
the bash shell then I could even avoid using grep and sed.
> I have dspam configured as a transport
>
> dspam unix - n n - - pipe
> flags=Ru user=dspam argv=/usr/bin/dspam --client --deliver=innocent
> --user ${recipient} --mail-from=${sender}
I have made bad experience in the past when calling the binary and not
using the client/server mode. I know that the kind of issues I had in
the past (many, many years ago) do not exist any more, but I now prefer
using client/server mode than calling directly the binary.
> and i use check_client_access pcre in smtpd_client restrictions.
>
> /var/spool/dspam/group contains (and the Home in dspam.conf is correct)
> global:shared:*
>
> There is a virtual uid on mysql dspam database named "global" with uid
> 1, that i have trained with "dspam_train global spam ham" using some
> spamasssin spam.
The SA public corpus? With that you will not get very far. Getting corpi
with spam is ultra easy ( for example: http://www.untroubled.org/spam/ )
but getting ham is harder. So if you have a lot of ham laying around
then I would suggest you to do more training with that ham data and use
for spam data the stuff you download from the above link.
> I have just one virtual user, "t...@lanserver.it" for testing.
>
> dspam actually *works*, but it seems i'm unable to get the global group
> work. I tried with merge and with shared but no way - even the debug
> doesn't show me that the user is being "associated" to that group
>
> The stats are correct for the global group:
>
> global TP: 2350 TN: 485 FP: 15 FN: 201 SC: 0
> NC: 0
> t...@lanserver.it TP: 0 TN: 3 FP: 0 FN: 0 SC: 0
> NC: 0
>
> Did I do something wrong? Misunderstood something?
Don't know. Hard to tell with the information you provided. What would
help is to post your dspam.conf.
And another info you could provide to us is what you try to accomplish
with groups? Do you want to accelerate accuracy? Do you want to minimize
learning? etc, etc, etc.... what is your goal?
PS: I am from now on offline for about 14 days. I hope others on the
list will help you.
> attached is a dspam debug log of a test email.
>
> Thanks!
> Fernando
>
>
>
>
> 20149: [08/23/2012 00:33:16] using database handle id 2
> 20149: [08/23/2012 00:33:16] handle locked
> 20149: [08/23/2012 00:33:16] DSPAM Instance Startup
> 20149: [08/23/2012 00:33:16] input args: dspam --deliver=innocent -d %u
> 20149: [08/23/2012 00:33:16] pass-thru args: -d %u
> 20149: [08/23/2012 00:33:16] processing user t...@lanserver.it
> 20149: [08/23/2012 00:33:16] uid = 104, euid = 104, gid = 110, egid = 110
> 20149: [08/23/2012 00:33:16] loading preferences for user t...@lanserver.it
> 20149: [08/23/2012 00:33:16] _mysql_drv_getpwnam: successful returning
> struct for name: t...@lanserver.it
> 20149: [08/23/2012 00:33:16] Loading preferences for uid 2
> 20149: [08/23/2012 00:33:16] Loading preferences for uid 0
> 20149: [08/23/2012 00:33:16] Loading preferences for uid 0
> 20149: [08/23/2012 00:33:16] default preferences empty. reverting to
> dspam.conf preferences.
> 20149: [08/23/2012 00:33:16] Loading preferences from dspam.conf
> 20149: [08/23/2012 00:33:16] using
> /var/spool/dspam/opt-in/lanserver.it/test.dspam as path
> 20149: [08/23/2012 00:33:16] using
> /var/spool/dspam/opt-out/lanserver.it/test.nodspam as path
> 20149: [08/23/2012 00:33:16] sedation level set to: 5
> 20149: [08/23/2012 00:33:16] _mysql_drv_getpwnam: successful returning
> struct for name: t...@lanserver.it
> 20149: [08/23/2012 00:33:16] Connecting to 127.0.0.1:3310 for virus check
> 20149: [08/23/2012 00:33:16] Connecting to 127.0.0.1:1525 for virus
> stream transmission
> 20149: [08/23/2012 00:33:16] _mysql_drv_getpwnam returning cached name
> t...@lanserver.it.
> 20149: [08/23/2012 00:33:16] Loading 5 BNR patterns
> 20149: [08/23/2012 00:33:16] _mysql_drv_getpwnam returning cached name
> t...@lanserver.it.
> 20149: [08/23/2012 00:33:16] Whitelist threshold: 10
> 20149: [08/23/2012 00:33:16] [graham] [0.010000] From*Fernando Maule
> <fernando.ma...@c3k.it> (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [burton] [0.010000] From*Fernando Maule
> <fernando.ma...@c3k.it> (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [graham] [0.010000]
> From*Fernando+#+#+c3k.it (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [burton] [0.010000]
> From*Fernando+#+#+c3k.it (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [graham] [0.010000] From*Fernando+Maule
> (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [burton] [0.010000] From*Fernando+Maule
> (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [graham] [0.010000]
> From*Fernando+#+fernando.maule (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [burton] [0.010000]
> From*Fernando+#+fernando.maule (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [graham] [0.010000]
> From*fernando.maule+c3k.it (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [burton] [0.010000]
> From*fernando.maule+c3k.it (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [graham] [0.010000] From*Maule+#+c3k.it
> (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [burton] [0.010000] From*Maule+#+c3k.it
> (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [graham] [0.010000]
> From*Maule+fernando.maule (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [burton] [0.010000]
> From*Maule+fernando.maule (1frq, 0s, 3i)
> 20149: [08/23/2012 00:33:16] [graham] [0.010000] To*test+lanserver.it
> (1frq, 0s, 5i)
> 20149: [08/23/2012 00:33:16] [burton] [0.010000] To*test+lanserver.it
> (1frq, 0s, 5i)
> 20149: [08/23/2012 00:33:16] [graham] [0.400000]
> Return-Path*fernando.maule+c3k.it (1frq, 0s, 1i)
> 20149: [08/23/2012 00:33:16] [burton] [0.400000]
> Return-Path*fernando.maule+c3k.it (1frq, 0s, 1i)
> 20149: [08/23/2012 00:33:16] Graham-Bayesian Probability: 0.000000
> Samples: 9
> 20149: [08/23/2012 00:33:16] Burton-Bayesian Probability: 0.000000
> Samples: 9
> 20149: [08/23/2012 00:33:16] no factors specified; using default
> 20149: [08/23/2012 00:33:16] Result Confidence: 0.99
> 20149: [08/23/2012 00:33:16] _mysql_drv_getpwnam returning cached name
> t...@lanserver.it.
> 20149: [08/23/2012 00:33:16] Control: [10 10] [10 11] Delta: [0 1]
> 20149: [08/23/2012 00:33:16] total processing time: 0.00217s
> 20149: [08/23/2012 00:33:16] _mysql_drv_getpwnam returning cached name
> t...@lanserver.it.
> 20149: [08/23/2012 00:33:16] saving signature as 50355e2c201498137652470
> 20149: [08/23/2012 00:33:16] _mysql_drv_getpwnam returning cached name
> t...@lanserver.it.
> 20149: [08/23/2012 00:33:16] libdspam returned probability of 0.000000
> 20149: [08/23/2012 00:33:16] message result: NOT SPAM
> 20149: [08/23/2012 00:33:16] _mysql_drv_getpwnam returning cached name
> t...@lanserver.it.
> 20149: [08/23/2012 00:33:16] delivering message
> 20149: [08/23/2012 00:33:16] Establishing connection to 127.0.0.1:10026
> 20149: [08/23/2012 00:33:16] Connection established
> 20149: [08/23/2012 00:33:16] DSPAM Instance Shutdown. Exit Code: 0
> 20149: [08/23/2012 00:33:16] checking trusted user list for dspam(104)
>
>
>
>
>
>
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Dspam-user mailing list
> Dspam-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/dspam-user
>
--
Kind Regards from Switzerland,
Stevan Bajić
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Dspam-user mailing list
Dspam-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspam-user
