I'm currently using spamassassin to tag my spam, but I've been talking
about switching to dspam for a long time and finally have a server to
set it up on for testing.
My existing set up is like this:
postfix --(via content-filter)-> spamd --(via sendmail wrapper)->
postfix --(via lmtp)-> cyrus-imapd
What I'd like to move to would be:
postfix --(via lmtp)-> dspam --(via lmtp)-> cyrus-imapd
and later add clamav through dspam's built in support.
First of all, is that a reasonable architecture? Or would it be better
to use dspam as a content filter within postfix? I'm currently using
the sendmail wrapper to resubmit because it submits via a mechanism that
skips the content filter associated with the port 25 listener. If I did
use a content-filter, can I get around having to resubmit via the wrapper?
Second, I've compiled dspam to run as a dspam user and created a normal
user account to run in it's own homedir. Is that going to lead to any
problems down the line?
Third, not knowing too, too much about lmtp, does dspam have to have
access to my users and domains (postfix virtuals) to deliver via lmtp?
It's important because all that is stored in a mysql database that
postfix and cyrus-imapd access directly. I didn't think it did, but I
just wanted to cover all my bases.
Finally, I have a corpus of spam filtered by spamassassin of about 600
email and a corpus of known good email (my inbox that I've hand deleted
any false negatives out of) of about 2000 messges. Is this a decent
foundation for training?
Thanks for your time.
Sincerely,
e.
