Hello Daniel,
Wednesday, February 7, 2007, 11:14:38 PM, you wrote:
> Hi all.
> I've had dspam working well for *most* operations for a couple of months
> now. Reporting spam / ham by forwarding it to a [EMAIL PROTECTED] / [EMAIL
> PROTECTED]
> works. Reporting spam / ham via the web interface works. And dspam is
> working very well classifying stuff.
This suggests problems with Apache user accessing the
quarantine files, preferences etc.
I've had exactly the same problem as you did until I sorted
out two things:
- ownership and access rights in $DSPAMHOME/data/username
folders; apache user has to be able to manipulate those in
read and write manner, configure suexec or do smth else with
apache and groups that I should not get caught recommending
e.g. if apache user can't read/write dan.mbox in data
folder, it can't find the signature which you got in logs
(happened to me, too).
- DSPAM delivery process arguments, you may have to change
them in configure.pl (in your CGI dir for web ui). E.g. I
had to change DSPAM_ARGS to the following to get web ui work
with Exim:
$CONFIG{'DSPAM_ARGS'} = "--deliver=innocent --class=innocent " .
"--source=error --user %CURRENT_USER% -bm %u";
This obviously depends on your MTA, and different MTAs may
require different arguments for DSPAM to be able to deliver
it. CGI complicates it further for dspam.cgi has to be able
to read and write DSPAM files on top of passing correct
commands to DSPAM which in turns has to pass correct
commands to particular MTA.
Run the delivery command as the Apache user: sudo or give
apache shell for a moment, su and then run the command for
delivery from quarantine for instance. This may show what's
wrong.
You also may have virtual users enabled - the debug log
below shows local users ("dan"), while if DSPAM keeps its
data for virtual "[EMAIL PROTECTED]", there's obviously
mismatch.
> In other words, I don't *appear* to
> have any configuration issues that prevent normal operation.
> However, if dspam produces a false positive, I can't get it to deliver
> from the web interface. The debug log says:
> 10205: [02/08/2007 08:59:46] DSPAM Instance Startup
> 10205: [02/08/2007 08:59:46] input args: /usr/bin/dspam
> --deliver=innocent --class=innocent --source=error --user dan -d %u
> 10205: [02/08/2007 08:59:46] pass-thru args: /usr/sbin/dbmail-smtp -d %u
> -d %u
> 10205: [02/08/2007 08:59:46] processing user dan
> 10205: [02/08/2007 08:59:46] uid = 1001, euid = 1001, gid = 1000, egid =
> 1000
> 10205: [02/08/2007 08:59:46] loading preferences for user dan
> 10205: [02/08/2007 08:59:46] _ds_pref_load: unable to
> _mysql_drv_getpwnam(dan)
> 10205: [02/08/2007 08:59:46] Loading preferences for uid 0
> 10205: [02/08/2007 08:59:46] Loading preferences for uid 0
> 10205: [02/08/2007 08:59:46] default preferences empty. reverting to
> dspam.conf preferences.
> 10205: [02/08/2007 08:59:46] Loading preferences from dspam.conf
> 10205: [02/08/2007 08:59:46] using
> /var/spool/dspam/opt-in/local/dan.dspam as path
> 10205: [02/08/2007 08:59:46] using
> /var/spool/dspam/opt-out/local/dan.nodspam as path
> 10205: [02/08/2007 08:59:46] sedation level set to: 3
> 10205: [02/08/2007 08:59:46] _mysql_drv_get_spamtotals: unable to
> _mysql_drv_getpwnam(dan)
> 10205: [02/08/2007 08:59:46] unable to load totals. using zero values.
> 10205: [02/08/2007 08:59:46] _ds_get_signature: unable to
> _mysql_drv_getpwnam(dan)
> 10205: [02/08/2007 08:59:46] _mysql_drv_get_spamtotals: unable to
> _mysql_drv_getpwnam(dan)
> 10205: [02/08/2007 08:59:46] DSPAM Instance Shutdown. Exit Code: 0
> My syslog says:
> Feb 8 09:07:15 [dspam] Signature retrieval for
> '4,45c94ea7232267818312239' failed
> Feb 8 09:07:15 [dspam] Unable to find a valid signature. Aborting.
> Feb 8 09:07:15 [dspam] process_message returned error -5. dropping
> message.
> My dpsam.conf:
> Home /var/spool/dspam
> StorageDriver /usr/lib/dspam/libmysql_drv.so
> TrustedDeliveryAgent "/usr/sbin/dbmail-smtp -d %u"
> UntrustedDeliveryAgent "/usr/sbin/dbmail-smtp -d %u"
> OnFail error
> Trust root
> Trust dspam
> Trust apache
> Trust mail
> Trust mailnull
> Trust smmsp
> Trust daemon
> Trust filter
> Debug *
> TrainingMode teft
> TestConditionalTraining on
> Feature chained
> Feature whitelist
> Feature tb=3
> Algorithm graham burton
> PValue graham
> SupressWebStats off
> ImprobabilityDrive on
> Preference "spamAction=quarantine"
> Preference "showFactors=off"
> AllowOverride trainingMode
> AllowOverride spamAction spamSubject
> AllowOverride statisticalSedation
> AllowOverride enableBNR
> AllowOverride enableWhitelist
> AllowOverride signatureLocation
> AllowOverride showFactors
> AllowOverride optIn optOut
> AllowOverride whitelistThreshold
> MySQLServer /var/run/mysqld/mysqld.sock
> MySQLUser dspam
> MySQLPass 1357298582306212053
> MySQLDb dspam
> MySQLCompress true
> MySQLCompress true
> MySQLVirtualTable dbmail.dbmail_aliases
> MySQLVirtualUIDField deliver_to
> MySQLVirtualUsernameField alias
> MySQLUIDInSignature on
> HashRecMax 98317
> HashAutoExtend on
> HashMaxExtents 0
> HashExtentSize 49157
> HashMaxSeek 100
> HashConnectionCache 10
> Notifications off
> PurgeNeutral 90
> LocalMX 127.0.0.1
> SystemLog on
> UserLog on
> TrainPristine off
> Opt out
> ParseToHeaders off
> ChangeModeOnParse off
> ChangeUserOnParse off
> ClamAVPort 3310
> ClamAVHost 127.0.0.1
> ClamAVResponse reject
> ServerPID /var/run/dspam/dspam.pid
> ServerMode auto
> ServerDomainSocketPath "/var/run/dspam/dspam.sock"
> ProcessorBias on
> Why would everything else ( reporting spam / ham via email and web
> interface ) work, but delivering non-spam stuff from the web interface
> fail? Unfortunately this is a critical problem, as you can imagine ...
> being inundated with spam is not as bad as *not* receiving legitimate email.
--
Marcin Krol
