Lars Stavholm wrote:
Hi all,
apologies for the newbie question, but...
question: how do I get dspam to process incoming mail only?
With my setup as described below I get dspam processing both
incoming and outgoing mails. Feels a bit confusing and resource
consuming, so I'd like to tweak it a bit.
I was aiming for the following (but I seem to have missed the target:):
incoming -> smtp (postfix) -> dspam -> imap (cyrus) -> user.
I have the following setup:
Postfix:
main.cf:
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
master.cf:
smtp inet n - n - - smtpd -ocontent_filter=lmtp:unix:/var/tmp/dspam.sock
localhost:10026 inet n - n - - smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
dspam.conf:
Home /var/lib/dspam
TrustedDeliveryAgent "/usr/lib/cyrus/bin/deliver"
DeliveryHost 127.0.0.1
DeliveryPort 10026
DeliveryIdent localhost
DeliveryProto SMTP
OnFail error
Trust root
Trust mail
Trust dspam
Trust wwwrun
TrainingMode teft
TestConditionalTraining on
Feature noise
Feature chained
Feature whitelist
Algorithm graham burton
PValue graham
ImprobabilityDrive on
Preference "spamAction=deliver"
Preference "signatureLocation=headers" # 'message' or 'headers'
Preference "showFactors=off"
AllowOverride trainingMode
AllowOverride spamAction
AllowOverride spamSubject
AllowOverride statisticalSedation
AllowOverride enableBNR
AllowOverride enableWhitelist
AllowOverride signatureLocation
AllowOverride showFactors
AllowOverride optIn optOut
AllowOverride whitelistThreshold
HashRecMax 98317
HashAutoExtend on
HashMaxExtents 0
HashExtentSize 49157
HashMaxSeek 100
HashConnectionCache 10
Lookup "rabl.nuclearelephant.com"
RBLInoculate on
Notifications off
PurgeSignatures 14 # Stale signatures
PurgeNeutral 90 # Tokens with neutralish probabilities
PurgeUnused 90 # Unused tokens
PurgeHapaxes 30 # Tokens with less than 5 hits (hapaxes)
PurgeHits1S 15 # Tokens with only 1 spam hit
PurgeHits1I 15 # Tokens with only 1 innocent hit
LocalMX 127.0.0.1
SystemLog on
UserLog on
TrainPristine on
Opt out
ClamAVPort 3310
ClamAVHost 127.0.0.1
ClamAVResponse spam
ServerPID /var/run/dspam.pid
ServerMode auto
ServerParameters "--deliver=innocent"
ServerIdent "mail.telcotec.se"
ServerDomainSocketPath "/var/tmp/dspam.sock"
ClientHost /var/tmp/dspam.sock
ProcessorBias on
Cheers
/L
This is because mail is passing through the smtp server when you both
send and receive mail. Two (of many) choices
1. Use an optIn solution: You'll have to manually optIn each of your
users, which will prevent mail from being scanned for outgoing
users, as they are not opted in.
2. Scan only outgoing mail: You can try something like adding
check_client_access pcre:/etc/postfix/spam-filter.cf to
smtpd_recipient_restrictions, in main.cf, such as:
1. smtpd_recipient_restrictions =
reject_non_fqdn_recipient,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_sasl_authenticated,
permit_mynetworks,
reject_non_fqdn_hostname,
reject_unauth_destination,
reject_unlisted_recipient,
reject_invalid_hostname,
check_client_access pcre:/etc/postfix/spam-filter.cf
permit
2. /etc/postfix/spam-filter.cf contains /./ FILTER
lmtp:unix:/tmp/dspam.sock
Hope this helps,
Kyle
