Hello everyone,
I am a new user of DSPAM 3.6.8 install on Fedora 6.
While DSPAM itself is uncannily accurate when classifying
spam (after training a mere dozen of spams or so it made no
errors at all so far! wicked! thanks, JZ!) operation, I have
a problem with functioning of quarantine.
After pressing Deliver Checked button in webui, browser
hangs there forever, and I have found the reason for it in
/var/log/maillog:
Jan 24 19:47:31 orchidea dspam[29321]: Got error -5 in response to message
data: 354 Enter mail, end with "." on a line by itself^M
Jan 24 19:49:22 orchidea dspam[3594]: Delivery failed completely
Jan 24 19:49:24 orchidea last message repeated 5 times
Jan 24 19:52:31 orchidea dspam[29321]: Delivery failed completely
googling for it == no clues...
orchidea (192.168.1.1) /usr/local/var/dspam/data/mark % ps auxw | grep dspam
root 3594 0.0 3.1 79836 3944 ? Sl 02:09 0:02
/usr/local/bin/dspam --daemon --debug
root 29321 0.0 1.6 6440 1992 ? S 19:42 0:00
/usr/local/bin/dspam --deliver=innocent --class=innocent --source=error --user
mark -d %u
The above dspam --deliver=innocent process has been hanging
for several minutes, most probably retrying delivery again
and again as maillog shows.
This ended up prety badly: system.log shows the mail in
question as Delivered
1169664563 I [EMAIL PROTECTED] (root) 45b7aa3335941472616566
time to refill 3 0.175382
mark Delivered <[EMAIL PROTECTED]>
..but ~/Maildir/new doesn't contain this mail, it has been
lost (Exim log doesn't show the delivery either).
Overally, I had a lot of problems to get DSPAM working on
Fedora 6 for some reason: dspam --daemon kept dying on
scanning of first mail (every time) without doing the
assinine thing, i.e. setting suid root on dspam binary.
Even so, DSPAM daemon could not operate until I explicitly
set the following rights on $DSPAMHOME/data:
orchidea (192.168.1.1) /usr/local/var/dspam/data/mark % ls -l
total 116
-rw-rw-r-- 1 mark apache 14870 Jan 24 20:19 mark.log
-rw-rw-r-- 1 mark apache 57232 Jan 24 19:23 mark.mbox
-rw-rw-r-- 1 mark apache 5 Jan 24 19:15 mark.mbox.size
-rw-rw-r-- 1 mark apache 0 Jan 24 19:15 mark.mbox.stamp
-rw-rw-r-- 1 mark apache 175 Jan 23 22:17 mark.prefs
-rw-r--r-- 1 apache apache 0 Jan 24 18:49 mark.retrain.log
-rw-rw-r-- 1 mark apache 0 Jan 23 22:17 mark.rstats
-rw-rw-r-- 1 mark apache 14 Jan 24 20:19 mark.stats
-rw-r--r-- 1 root root 26110 Jan 24 18:44 test-spam.mbox
History is working and retraining is working, but Quarantine
isn't.
Details of the setup:
=====================================
DSPAM build:
orchidea (192.168.1.1) ~/dspam % cat build
make distclean
./configure --with-delivery-agent="/usr/sbin/exim -oMr spam-scanned" \
--enable-daemon \
--with-storage-driver=mysql_drv \
--with-mysql-includes=/usr/include/mysql \
--with-mysql-libraries=/usr/lib/mysql \
make
make install
service dspam restart
=====================================
MySQL db setup:
orchidea (192.168.1.1) ~/dspam % cat mysql-db-create
create database dspam;
create user dspam identified by '****';
grant all privileges on dspam.* to [EMAIL PROTECTED]
identified by '****';
use dspam;
source ./src/tools.mysql_drv/mysql_objects-speed.sql
source ./src/tools.mysql_drv/virtual_users.sql
======================================
/usr/local/etc/dspam.conf:
orchidea (192.168.1.1) ~/dspam % cat /etc/dspam.conf | grep -v "#" | gawk '/./'
Home /usr/local/var/dspam
StorageDriver /usr/local/lib/libmysql_drv.so
TrustedDeliveryAgent "/usr/sbin/exim -oMr spam-scanned"
DeliveryHost 127.0.0.1
DeliveryPort 24
DeliveryIdent localhost
DeliveryProto LMTP
OnFail error
Trust root
Trust mail
Trust mailnull
Trust smmsp
Trust daemon
Trust exim
Trust apache
Trust nobody
Trust majordomo
TrainingMode teft
TestConditionalTraining on
Feature chained
Feature whitelist
Algorithm graham burton
PValue graham
Preference "spamAction=quarantine"
Preference "showFactors=on"
AllowOverride trainingMode
AllowOverride spamAction spamSubject
AllowOverride statisticalSedation
AllowOverride enableBNR
AllowOverride enableWhitelist
AllowOverride signatureLocation
AllowOverride showFactors
AllowOverride optIn optOut
AllowOverride whitelistThreshold
MySQLServer /var/lib/mysql/mysql.sock
MySQLUser dspam
MySQLPass ***
MySQLDb dspam
MySQLCompress true
MySQLConnectionCache 10
HashRecMax 98317
HashAutoExtend on
HashMaxExtents 0
HashExtentSize 49157
HashMaxSeek 100
HashConnectionCache 10
Notifications off
LocalMX 127.0.0.1
SystemLog on
UserLog on
Opt out
ServerPort 24
ServerQueueSize 32
ServerPID /var/run/dspam.pid
ServerMode standard
ServerParameters "--deliver=innocent -d %u"
ServerIdent "localhost.localdomain"
ClientHost 127.0.0.1
ClientPort 24
ProcessorBias on
===================================
/etc/exim/exim.conf:
orchidea (192.168.1.1) ~/dspam % cat /etc/exim/exim.conf | grep -v "#" | gawk
'/./'
primary_hostname = inet.btw2.pl
domainlist local_domains = btw2.pl : btw2.eu : localhost : localhost.localdomain
domainlist relay_to_domains = btw2.pl : btw2.pl
hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16
smtp_banner = ESMTP inet.btw2.pl
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
av_scanner = clamd:/var/run/clamd.exim/clamd.sock
tls_advertise_hosts = *
tls_certificate = /etc/pki/tls/certs/exim.pem
tls_privatekey = /etc/pki/tls/private/exim.pem
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
qualify_domain = btw2.pl
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2h
timeout_frozen_after = 5d
auth_advertise_hosts = *
begin acl
acl_check_rcpt:
accept hosts = :
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : [EMAIL PROTECTED]/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : [EMAIL PROTECTED] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
accept hosts = +relay_from_hosts
control = submission
accept authenticated = *
control = submission
require message = relay not permitted
domains = +local_domains : +relay_domains
require verify = recipient
deny dnslists = list.dsbl.org
log_message = BLOKOWANIE PRZEZ RBL list.dsbl.org $tod_log
!authenticated = *
deny dnslists = sbl.spamhaus.org
log_message = BLOKOWANIE PRZEZ RBL sbl.spamhaus.org $tod_log
!authenticated = *
deny dnslists = opm.blitzed.org
log_message = BLOKOWANIE PRZEZ RBL opm.blitzed.org $tod_log
!authenticated = *
deny dnslists = blackholes.mail-abuse.org
log_message = BLOKOWANIE PRZEZ RBL blackholes.mail-abuse.org $tod_log
!authenticated = *
accept
acl_check_data:
deny malware = *
message = This message contains a virus ($malware_name).
accept
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match \
{${lc:$mime_filename}} \
{\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
{1}{0}}
accept
begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
################### DSPAM ###################
spamscan:
no_verify
condition = "${if and {{!def:h_X-Spam-Flag:} {!def:h_X-FILTER-DSPAM:} {
<= {$message_size}{512k}} } {1}{0}}"
headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
driver = accept
transport = spamcheck
################### DSPAM ###################
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
check_local_user
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify
localuser:
driver = accept
check_local_user
transport = maildir_local_delivery
cannot_route_message = Unknown user
begin transports
remote_smtp:
driver = smtp
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
################### DSPAM ###################
spamcheck:
driver = pipe
command = /usr/sbin/exim -oMr ds -bS
transport_filter = /usr/local/bin/dspam --stdout --deliver=innocent --debug
--user ${local_part}
use_bsmtp = true
user = mail
group = mail
message_prefix = ""
message_suffix = ""
home_directory = "/usr/local/var/dspam"
current_directory = "/usr/local/var/dspam"
return_path_add = false
log_output = true
return_fail_output = true
################### DSPAM ###################
local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0660
maildir_local_delivery:
driver = appendfile
group = mail
maildir_format = true
create_directory = true
directory = /home/${local_part}/Maildir/
mode_fail_narrower = false
delivery_date_add = true
envelope_to_add = true
return_path_add = true
mode = 0660
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
LOGIN:
driver = plaintext
server_set_id = $auth1
server_prompts = <| Username: | Password:
server_condition = ${if saslauthd{{$1}{$2}{smtp}} {1}}
--
Marcin Krol
Dzial Techniczny
www.Domeny.pl
tel.: (012)296-36-63 wew.20, fax: (012)296-36-64
e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------
DOMENY.PL sp. z o.o., ul.Wielicka 50, 30-552 Kraków, Poland
--------------------------------------------------------------
