I've also been looking at Dovecots antispam plugin which would mitigate
the need for all these scripts and cron jobs.
On 11/30/2016 12:21 PM, Eric Broch wrote:
This is the meat and potatoes of my training in a bash script run by cron:
<code>
loop through users' spam folders
/home/vpopmail/domains/mydomain/myuser/.spam/{cur,new} and dump email
to dspam
cat $spamemailfile /usr/bin/dspam --user $USER@$DOMAIN --mode=toe
--class=spam --source=error #(email with dspam headers)
...
</code>
Train corpus (I've never used this)
cat $spamemailfile /usr/bin/dspam --user $USER@$DOMAIN --mode=teft
--class=spam --source=corpus #(email with no dspam headers)
cat $hamemailfile /usr/bin/dspam --user $USER@$DOMAIN --mode=teft
--class=ham --source=corpus #(email with no dspam headers)
I also have 'not spam' (ham) folder where I put good mail that was
marked as spam by dspam. The meat and potatoes of this script are the
following calls to dspam:
cat $hamemailfile | /usr/bin/dspam --user $USER@$DOMAIN
--mode=unlearn --class=spam --source=error
cat $hamemailfile | /usr/bin/dspam --user $USER@$DOMAIN --mode=toe
--class=innocent --source=error
So, you may configure Dovecot to autocreate 'spam' folder, or your
bash training script (or .mailfilter file), like mine, will do it if
non-existent. When users move email into this folder (or maildrop does
it automatically on X-DSPAM-Result: Spam) cron runs script hourly to
train spam filter on folder contents. Spam marked as spam by dspam is
skipped as already learned.
In /etc/dspam.conf you can put 'IgnoreHeader' options (spamassassin
header tags below), so, dspam ignores other spam and antivirus
software tags added to the email header:
IgnoreHeader X-Spam-Checker-Version
IgnoreHeader X-Spam-Level
IgnoreHeader X-Spam-Status
IgnoreHeader X-Spam-Flag
IgnoreHeader X-Spam-Report
IgnoreHeader X-Spam-Prev-Subject
-Eric
On 11/30/2016 11:43 AM, Jaime Lerner wrote:
Gotcha.
Yes, I have those headers. That also explains why the daemon wasn't
running. I didn't need it to! :)
Will have to look up how to train because there is some spam that has
gotten through consistently that I ended up filtering in Outlook to
get rid of it.
Thanks!
From: Eric Broch <[email protected]
<mailto:[email protected]>>
Reply-To: <[email protected]
<mailto:[email protected]>>
Date: Wednesday, November 30, 2016 at 1:25 PM
To: <[email protected]
<mailto:[email protected]>>
Subject: Re: [qmailtoaster] Whoops! Not receiving mail.
The version of dspam I use from EPEL for QMT does not have debugging
enabled (--enable-debug | --enable-verbose-debug?) so there is not
advanced, or much, logging at all.
The only reason I restart dspam is so that the new configuration
settings are loaded (not sure why the restart, maybe my ineptness),
but the daemon does not need to be run (systemctl enable dspam,
systemctl start dspam) since were using dspam and not dspamc. I just
leave it running until I need to reload the configuration again (see
above...my ineptness). I used to use /usr/bin/dspamc
(https://qmail.jms1.net/dspam/) but had a few emails truncated so
went to using /usr/bin/dspam...never a problem. I don't think dspamc
was being called correctly in qmail, thus, the reason for
truncation. I use maildrop and put a call to dspam in my .mailfilter
file (instead of stock .qmail-default) like so:
exception {
xfilter "/usr/bin/dspam --user $EXT@$HOST --stdout
--deliver=innocent,spam"
}
I check for errors with:
if ( $RETURNCODE != 0 ) {
log "$RETURNCODE dspam failed...."
}
With debugging enabled you could run dspam with the --debug flag (
xfilter "/usr/bin/dspam --debug --user $EXT@$HOST --stdout
--deliver=innocent,spam") and in the configuration file you'd have to
have these settings in /etc/dspam.conf
1) Debug *
2) DebugOpt process spam fp corpus 'more options'
Anyway, if you have a .qmail-default with the following:
| /usr/bin/dspam --user "$EXT@$HOST" --deliver=stdout |
/home/vpopmail/bin/vdelivermail '' bounce-no-mailbox
and email is coming into your inbox then check the me look at the
header and it should have tags like the following:
X-DSPAM-Result: Innocent
X-DSPAM-Processed: Wed Nov 30 10:48:29 2016
X-DSPAM-Confidence: 0.7200
X-DSPAM-Improbability: 1 in 258 chance of being spam
X-DSPAM-Probability: 0.0000
X-DSPAM-Signature: 15,583f10ed63551008813899
and dspam is working and ready to train.
-Eric
On 11/30/2016 10:10 AM, Jaime Lerner wrote:
David: Might be a good time to create a snapshot that you can fall
back to should something get messed up as you tweak things. :)
Also, Eric -- interestingly enough I already had everything set up
for dspam but it wasn't running. I went ahead and started it and
it's running, but nothing is showing in the maillog file (other than
to say a one-time notice that the daemon was starting).
Two questions: 1) should there be anything in the log file (like I
see for spam assassin, clam av and spamdyke) and 2) How to get it to
auto-start at reboot. Obviously it's not doing that.
Thanks!
From: David Overman <[email protected] <mailto:[email protected]>>
Reply-To: <[email protected]
<mailto:[email protected]>>
Date: Wednesday, November 30, 2016 at 12:00 PM
To: <[email protected]
<mailto:[email protected]>>
Subject: Re: [qmailtoaster] Whoops! Not receiving mail.
Its working!
thanks again and have a great day.
Eric, on DO-they have an option for ipv6, which enables private
networking between droplets.
I always check it, but I don't use the feature.
David Overman
On Nov 30, 2016, at 10:25 AM, Eric Broch <[email protected]
<mailto:[email protected]>> wrote:
And don't forget
# chmod 744 /etc/dspam.conf
before you restart dspam
On 11/30/2016 9:23 AM, Eric Broch wrote:
If D.O. has some sort of spam filtering you can forgo dspam
otherwise we can get it working. If you want to use dspam do the
following:
# mv /etc/dspam.conf /etc/dspam.conf.bak
# wget -O /root/dspam.conf
https://raw.githubusercontent.com/qmtoaster/dspam/master/dspam.conf
# mv /home/vpopmail/domains/'yourdomain'/.qmail-default
/home/vpopmail/domains/'yourdomain'/.qmail-default.bak
# wget -O /home/vpopmail/domains/'yourdomain'/.qmail-default
https://raw.githubusercontent.com/qmtoaster/dsapm/master/.qmail-default
# systemctl restart dspam
Send yourself an email and see if it ends up in the inbox. If not,
let's have a look at the log and we'll go from there.
On 11/30/2016 9:08 AM, David Overman wrote:
No, no setting like that.
On Nov 30, 2016, at 10:05 AM, Eric Broch
<[email protected]> wrote:
Okay.
Look in /etc/dspam.conf and see if there is a setting "Trust
vpopmail"
On 11/30/2016 9:01 AM, David Overman wrote:
Thanks Eric,
test email is in inbox.
On Nov 30, 2016, at 09:53 AM, Eric Broch
<[email protected]> wrote:
Let's get mail delivery working before we look at dspam
edit /home/vpopmail/domains/'yourdomain'/.qmail-default
and put the following in it
| /home/vpopmail/bin/vdelivermail '' delete
On 11/30/2016 8:37 AM, Jaime Lerner wrote:
Check /var/log/qmail/send/current to see the delivery success
(or failure).
I don't know what "dspam" is...I don't have that in my logs.
Maybe Eric knows what that is as it looks like that could be
the issue now.
From: David Overman <[email protected] <mailto:[email protected]>>
Reply-To: <[email protected]
<mailto:[email protected]>>
Date: Wednesday, November 30, 2016 at 10:27 AM
To: <[email protected]
<mailto:[email protected]>>
Subject: Re: [qmailtoaster] Whoops! Not receiving mail.
Thanks Jamie,
The nameservers survived after a reboot, and when I sent mail
to the server, it got past spamdyke,
but still no mail in roundcube inbox. here is tail of log.
Nov 30 15:21:19 mail spamd[2074]: spamd: clean message
(1.2/5.0) for clamav:89 in 0.1 seconds, 2084 bytes.
Nov 30 15:21:19 mail spamd[2074]: spamd: result: . 1 -
AWL,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,RDNS_NONE
scantime=0.1,size=2084,user=clamav,uid=89,required_score=5.0,rhost=mail.davomail.com,raddr=::1,rport=35950,mid=<[email protected]
<mailto:[email protected]>>,autolearn=no
autolearn_force=no
Nov 30 15:21:19 mail spamdyke[2829]: ALLOWED from:
[email protected] <mailto:[email protected]> to:
[email protected] <mailto:[email protected]> origin_ip:
17.143.180.10 origin_rdns: pv33p03im-asmtp001.me.com auth:
(unknown) encryption: TLS reason: 250_ok_1480519279_qp_2834
Nov 30 15:21:19 mail dspam[2843]: Option --user requires
special privileges when user does not match current user,
e.g.. root or Trusted User [uid=89(vpopmail)]
Nov 30 15:21:19 mail dspam[2843]: Unable to initialize agent
context
Nov 30 15:21:19 mail spamd[1759]: prefork: child states: II
On Nov 30, 2016, at 09:02 AM, Jaime Lerner
<[email protected]
<mailto:[email protected]>> wrote:
No "e" at the end.... /etc/resolv.conf
:)
Try editing the DNS entries in your ifcfg-eth0 file. I think
this will make your resolv.conf hold after reboot. Basically
the ONLY thing you need to edit will be the DNS1 and DNS2
entries. I'm listing the entire file (with IPs, etc.
redacted) so you can compare the options in yours to mine
(which is also CentOS 7.2 on Digital Ocean hosting). You
should have all the same options.
/etc/sysconfig/network-scripts/ifcfg-eth0
[root@mail network-scripts]# cat ifcfg-eth0
DEVICE='eth0'
TYPE=Ethernet
BOOTPROTO=none
ONBOOT='yes'
HWADDR= <---- leave this as YOUR address!
IPADDR= <--- leave this as YOUR IP address!!
NETMASK= <--- leave this as what it is set at for your server!!
GATEWAY= <--- leave this as what it is set at for your server!
NM_CONTROLLED='yes'
IPADDR2= <-- leave this as what it is set at for your server!
PREFIX2=16
DNS1=8.8.8.8 <-- CHANGE your DNS1 to this
DNS2=8.8.4.4 <-- CHANGE your DNS2 to this
Once you've edited your ifcfg-eth0 file, edit your
resolv.conf file, then try rebooting and see if it holds.
From: David Overman <[email protected] <mailto:[email protected]>>
Reply-To: <[email protected]
<mailto:[email protected]>>
Date: Wednesday, November 30, 2016 at 9:48 AM
To: <[email protected]
<mailto:[email protected]>>
Subject: Re: [qmailtoaster] Whoops! Not receiving mail.
tried again. putting v4 nameservers i then executed
systemctl restart network.
now i get this:
[root@mail ~]# cat /etc/resolve.conf
cat: /etc/resolve.conf: No such file or directory
same thing on reboot-or if the file is there, it's ipv6
David
On Nov 30, 2016, at 08:32 AM, Jaime Lerner
<[email protected]
<mailto:[email protected]>> wrote:
Once again, that's in your /etc/resolv.conf file.
Make sure it says the following in it:
nameserver 8.8.8.8
nameserver 8.8.4.4
From: David Overman <[email protected]
<mailto:[email protected]>>
Reply-To: <[email protected]
<mailto:[email protected]>>
Date: Wednesday, November 30, 2016 at 7:59 AM
To: <[email protected]
<mailto:[email protected]>>
Subject: Re: [qmailtoaster] Whoops! Not receiving mail.
No, I was looking in qmail logs, but when I did, guess what
reared it's ugly head?
spamdyke[30082]: ERROR: invalid/unparsable nameserver
found: 2001:4860:4860::8844
On Nov 30, 2016, at 06:50 AM, Jaime Lerner
<[email protected]
<mailto:[email protected]>> wrote:
Did you check /var/log/maillog to see if it was received
but maybe denied delivery for some reason?
On Nov 30, 2016, at 6:44 AM, David Overman
<[email protected] <mailto:[email protected]>> wrote:
After getting squirellmail and roundcube working, I
decided to test the primary function of the site
sending/receiving emails. I successfully sent an email to
an outside account, but I never recieved the reply from
that account.Looked in Mialdir and did not receive a
bounce either. How do you test courier, I did try to
telnet 993, which connected and then dropped when i said
ehlo.
David
---------------------------------------------------------------------
To unsubscribe, e-mail:
[email protected]
<mailto:[email protected]>
For additional commands, e-mail:
[email protected]
<mailto:[email protected]>
