Steve skrev, on 10-12-2007 10:32:
[...]
I've bee running dspam 3.8 with a shared group at my RHEL5 production
site for months built with --enable-debug (but not the other two) and
it's been utterly stable. The DB's MySQL 5.0.22. It's a low-volume
(around 1500 incoming messages per day) Postfix 2.4.6 site with dspam as
a daemon content filter between the last two smtpd listeners.
How does DSPAM run in your setup? I mean in what mode? Client/Server? Pipe?
> In TCP mode or with local domain sockets? And what about delivering to
> Postfix? Do you deliver in SMTP mode to Postfix or do you use LMTP?
This is with a single shared group:
- master.cf:
amavisd-new:10024 (AV and policy_bank routing) hands to smtpd:10025:
:10025 inet n - n - 50 smtpd
-o content_filter=lmtp:localhost:24
1028 [tonni:mercurius.intern] / $ ps aux|grep dspam | grep -v grep
root 3282 0.0 2.0 105488 62916 ? S Dec05 0:22 dspam --daemon
- dspam.conf:
ServerHost 127.0.0.1
ServerPort 24
ServerQueueSize 32
ServerPID /var/run/dspam.pid
ServerMode standard
ServerParameters "--deliver=innocent,spam -d %u"
ServerIdent "dspam-in"
DeliveryHost 192.168.1.25
DeliveryPort 10026
DeliveryIdent dspam-out
DeliveryProto SMTP
MySQLServer /var/lib/mysql/mysql.sock
MySQLUser dspam
MySQLPass secret
MySQLDb dspamdb
- master.cf:
:10026 inet n - n - 50 smtpd
-o content_filter=
What algorithm and tokenizer do you use?
- dspam.conf:
TrainingMode toe
Algorithm graham burton
Feature tb=0
Feature whitelist
Feature noise
Because of Postfix's large selection of anti-UCE possibilities only a
tiny amount of spam/virus/trojan traffic actually gets through to dspam.
I watch dspam's system.log closely and generally blacklist in policyd
sites sending messages recognized as spam (S) by dspam.
HTH,
--Tonni
--
Tony Earnshaw
Email: tonni at hetnet dot nl
