Hi,
I really hope that someone can help me.
I know that some of this may be off topic for this list, but some of
this has to directly deal with my postfix master.cf.
The goal is to provide the same filtering for everyone who receives
email on this system.
I have a mail server that is a relay for several other servers. It
needs to do this job regardless. It is also receives emails for about
30 domains. Anyway, we are having really bad spam issues and I need
to get this problem solved. So far I have tried to integrate dspam
into procmailrc. This only halfway works at best. My procmailrc looks
like this:
# dspam filtering:
:0fw
| /usr/local/bin/dspam --mode=toe --process --stdout --
deliver=spam,innocent --username spam --client
# kick out spam
:0
* ^X-DSPAM-Result: Spam
{
:0
* ^X-DSPAM-Confidence: 0\.(9|8[5-9])
/dev/null
:0
/var/mail/spam
}
However, retraining doesn't work at all with hash and toe. If I
switch to tum, then retraining works, but dspam crashes after about
12 hours because its css file has become corrupted. If using dspam-
retrain-forward.pl, then the dspam daemon crashes.
What it looks like is that dspam can not switch to the correct user
while processing email. I am not sure if there is away to tell
procmail to pass it off to dspam as a trusted user. If use --user to
pass it off as a user then dspam complains because it can not switch
that user because the user is untrusted. I would think that procmail
would pass it off as root, but it doesn't. It looks like it is
passing it off as the system user it should be delivered to. Is there
a solution to this user issue?
If I integrate it into my postfix's master.cf, dspam doesn't crash
anymore, but I have greater problems.
Here is my master.cf:
# SMTP no filter
127.0.0.1:25 inet n - n - - smtpd
10.20.238.4:25 inet n - n - - smtpd
# SMTP with filter
smtp inet n - n - - smtpd
-o content_filter=lmtp:unix:/var/dspam/dspam.sock
# Post Dspam filter
127.0.0.1:2424 inet n - - - - smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_chec
ks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
# Dspam retaining transport
dspam-retrain unix - n n - - pipe flags=XRu user=dspam argv=/usr/
local/bin/dspam-retrain-forward.pl
--debug=no
--client
--user spam
--class=${nexthop}
--source=error
--full=yes
--headers-only=no
--bodies-only=yes
--first-only=no
--skip-first=no
--bin-dir=/usr/local/bin
With this integration, very quickly the server becomes 0% idle with a
high load average. I am not sure if this is because it is bouncing
the emails and then the spammers send them right back, or if the
emails are being deferred. There are a lot of deferred emails in the
log. Next, it seems to save all the spam and reject all the real
emails. Also, I am still not sure what happened to all the emails.
Were they were bounced, or just lost somewhere? And procmail doesn't
seem to know who to deliver the emails to if they are passed to it
from dspam. I am getting errors in my maillog from procmail saying
user unknown. Ideally, postfix would pass all emails to dspam after
postfix did it's checks as the system user spam, so that everyone
would have the same filtering. Then, dspam would pass the spam to
procmail for sorting and pass all the ham back to postfix for delivery.
I really don't know what I have wrong.
Any help will be greatly appreciated!
Kind Regards,
Al
