# DSPAM HELL!  Need help with the webui [SOLVED]

## overkll

After rewiring my motherboard, cutting my nose off, and sacrificing my first born I've finally managed to get dspam working with postfix->amavisd-new (no spam filtering) -> DSPAM ->cyrus-imapd with only slight modifications to postfix  :Smile: .  The only things worse than the Gentoo dspam ebuilds are the dspam docs and howtos/wikis!

I'd like to check out the webui, but I'm a total bonehead when it comes to apache.  I'm able to install and run apache, and have some php sites up for personal local use (squirrelmail, phpmyadmin) but have zero experience with CGI, suexec and apache authentication.  Plus, from my experience with dspam already and googling a bit, dspam webui is a beast to get going.

I need some help here.  -- grovels, begs, whimpers -- PLEASE!

Config file examples, directory listings, permission, etc would be nice.

Any volunteers?Last edited by overkll on Sun Jul 09, 2006 3:17 pm; edited 1 time in total

----------

## magic919

If you hadn't been rude about the wiki articles I'd be a bit more keen to help.  The web gui is no worse to get going than DSPAM under Gentoo.  You really should try to work through the Gentoo wiki article and post when it goes wrong, or say what bits you cannot follow.

----------

## steveb

Hm.... allow me to jump into the game and offer you my help. How are you planing to authentificate the users in the DSPAM Web-UI? What version of DSPAM Web-UI are you using?

cheers

SteveB

----------

## overkll

Magic,

Didn't mean to be rude, just frustrated.  Ive spent WAY too much time on this.  That was my feeble attempt to inject a little humor, but I guess even that failed.  At least I was able to get the dspam.cgi to display with the gentoo wiki article, but it wouldn't execute.  Plus I want to have it as a virtual host, not the main host or a ~user/cgi-bin/ url.

I've read several different wiki's/howtos on the webui, but they seem to conflict with each other.  Since Im no apache guru, trial and error has been my method.  Apache docs are helping.

SteveB

Authentication?  What ever works!  Seriously, something simple at first.  No outside access permitted yet.  Apache is compiled with suexec.  Users are in /etc/passwd.  Wouldn't be a big deal to use htpasswd or pam.

I try to get programs to work the way the authors intended.  I don't like to get too ugly with the hacks to get the desired proggy to work.

Thanks to both of you for responding.

Apache-2.0.58

mod_auth_pam-1.1.1-r1

dspam-3.6.8 compiled from source - no ebuild

----------

## magic919

I sure know what you mean about spending way too much time on it.  Did the same the first time and then again and again as I implemented it on other servers.  It's great software, super to use, but a complete cow to get working.  Ownership and permissions hell summarises the problems I've encountered.

I use PAM to auth on my main server here and the Wiki method on other installs.

I'd say get Apache2 working (which you have).  Get the virtual host sorted. Then 'install' the webgui - this means moving the files into the right place, i.e. cgi-bin plus some sub-folders.

Next you need to Auth or the webgui will have no idea which user to work for.  Are you happy to lock down the vhosts cgi-bin?  I guess so.  If you htpasswd or whatever it, nobody will be able to use without authenticating.

Is this any use?  Looks like Steve has gone underground.

----------

## overkll

You know when you misplace something, and can't find it?  So you accuse someone of stealing it, only to find it five minutes later!  Well, heh hem...   :Embarassed: 

I was so transfixed on just getting dspam working without the webui first, that I overlooked the dspam webui wiki section.  The dspam postfix section had about 2 sentences on the webui but luckily there is a more complete section here.

Got the webui working with the help of that how to.  Suexec is happy now, and the gui works, but the quarantine doesn't.  Seems like dspam wants to deliver quarantine messages to my cyrus imap lmtp socket.

```
32636: [07/08/2006 16:05:34] No QuarantineAgent option found. Using standard quarantine.

```

AND

```
32636: [07/08/2006 16:05:34] Result Confidence: 0.95

32636: [07/08/2006 16:05:34] Control: [10 10] [11 10] Delta: [1 0]

32636: [07/08/2006 16:05:34] saving signature as 1000,44b01e1e326361410093335

32636: [07/08/2006 16:05:34] libdspam returned probability of 1.000000

32636: [07/08/2006 16:05:34] message result: SPAM

32636: [07/08/2006 16:05:34] Establishing connection to /var/imap/socket/lmtp:0

32636: [07/08/2006 16:05:34] Connection established

32636: [07/08/2006 16:05:34] DSPAM Instance Shutdown.  Exit Code: 0

```

The DeliveryHost setting in dspam.conf it "/var/imap/socket/lmtp", which is the cyrus lmtp socket.  dsapm did create an .mbox file in the correct user directory under /var/spool/dspam/data/<user>, but it won't deliver quarantined messages there.  It remains empty (0 bytes)

If uncomment the "QuarantineAgent = '/usr/bin/procmail -d %u' " in dspam.conf, dspam hands off the message to procmail, then dspam takes a dump, because procmail can't process the pass thru command "-i -f ${sender} -- ${recipient}" from the dspam transport in master.cf

dspam.debug

```
32677: [07/08/2006 16:30:51] libdspam returned probability of 1.000000

32677: [07/08/2006 16:30:51] message result: SPAM

32677: [07/08/2006 16:30:51] Opening pipe to LDA:

32677: [07/08/2006 16:30:51] LDA returned success

32677: [07/08/2006 16:30:51] DSPAM Instance Shutdown.  Exit Code: 0

```

mail.log

```
Jul  8 16:32:52 polly postfix/pipe[32724]: D7F58C86D1: to=<user@user.domain.tld>, relay=dspam-scan, delay=1, status=bounced (Command died with status 255: "/usr/bin/dspam". Command output: sh: - : invalid option Usage: sh [GNU long option] [option] ...  sh [GNU long option] [option] script-file ... GNU long options:  --debug  --debugger  --dump-po-strings  --dump-strings  --help  --init-file

--login  --noediting  --noprofile  --norc  --posix  --protected  --rcfile  --restricted  --verbose  --version  --wordexp Shell options:  -irsD or -c command or

-O shopt_option  (invocation only)  -abefhkmnptuvxBCHP or -o option 32725: [07/08/2006 16:32:52] Delivery agent returned exit code 2: -i -f sender@host.domain.tld -- recipient@host.domain.tld  )

Jul  8 16:32:52 polly postfix/cleanup[32716]: 2FE8AC8D0F: message-id=<20060708213252.2FE8AC8D0F@host.domain.tld>

Jul  8 16:32:52 polly postfix/qmgr[32712]: 2FE8AC8D0F: from=<>, size=7894, nrcpt=1 (queue active)

Jul  8 16:32:52 polly postfix/qmgr[32712]: D7F58C86D1: removed

Jul  8 16:32:52 polly postfix/pipe[32724]: 2FE8AC8D0F: to=<recipient@host.domain.tld>, orig_to=<sender@host.domain.tld>, relay=dspam-scan, delay=0, status=sent (host.domain.tld)

Jul  8 16:32:52 polly postfix/qmgr[32712]: 2FE8AC8D0F: removed
```

Result is the message is bounced to the sender.  Looks like the passthru args are wrong for the delivery, procmail barfs.  They work fine with cyrus, but not with the dspam QuarantineAgent

Shouldn't dspam use its own delivery method to its own quarantine?

If I take the quarantine out of the loop, everything works fine, webui and all!

I have postfix set up to deliver to dspam's tranport with mailbox_transport = dspam:, and like I said before, dspam.conf has the cyrus lmtp port listed as the "DeliveryHost"

Damn thing!

----------

## magic919

Sounds like progress to me.  Normal for DSPAM...

My quarantine agent bit is commented out.  Might be worth checking permissions/ownership in /var/spool/dspam/data/local/<user> .  Most of my DSPAM woes were ownership/permissions.

----------

## overkll

It was a problem with my dspam postfix transport.

```
Jul  8 16:32:52 polly postfix/pipe[32724]: D7F58C86D1: to=<user@user.domain.tld>, relay=dspam-scan,
```

I had:

```
dspam-scan unix         -       n       n       -       10      pipe

        flags=Rhqu user=dspam argv=/usr/bin/dspam

        --user ${user}

       --mode=teft

        --deliver=innocent

       --feature=ch,wh,no

        --debug

       -i -f ${sender} -- ${recipient}
```

Changed it to:

```
dspam-scan unix         -       n       n       -       10      pipe

        flags=Rhqu user=dspam argv=/usr/bin/dspam

        --user ${user}

        --deliver=innocent

        --debug
```

And voila, it works!   :Laughing: 

I tried running dspam as a daemon/server mode, but it seems that the only way it'll work is if you specify the user in dspam.conf,

```
ServerParameters = "--user <user for daemon> --deliver=innocent"
```

otherwise dspam can't match the current user with the uid in mysql.  That was the first obstacle I had to overcome when following the dspam docs (doc/postfix.txt) on using dspam as a postfix content filter.  mail.log would show this rather cryptic error:

```
Jun 30 16:54:35 polly dspam[11261]: bailing on error -2

Jun 30 16:54:35 polly dspam[11261]: received invalid result (! DSR_ISSPAM || DSR_INNOCENT) : -2

```

Plus, if you do it like that, you only have one global dictionary for all users as opposed to per user dictionaries.

I still contend that the Gentoo ebuilds for dspam/dspam-web are a heaping pile of dung.  I highly recommend grabbing the source code and compiling/installing independently of portage.  Looks like I have a few bug reports to file.

----------

## magic919

Well done for getting that sorted.  The Gentoo ebuilds certainly are flawed.  Steveb built one and I got hopeful until I found it wouldn't config due to a pointless error.  I did post here but never heard back.

It's a shame.  DSPAM is a great product but it's like pulling teeth trying to get information.  And making the thing work becomes a chore.

----------

