# Dspam won't place tags

## mariourk

I'm toying with Dspam on my server at home. It seems to work, Postfix hands email to the Dspam daemon

and Dspam hands it back to Postfix for delivery. Except, No tags are placed in the headers. I can't figure out why.

I think it has to do something with Dspam being unable to contact the mysql database. When I run a script to train

Dspam, nothing will be added to the database. Though I can't see why it wouldn't work. I setup the database with:

```

emerge --config =dspam-3.8.0-r15

```

The mysql-user also works, I tested that by logging in as that user in mysql and try to add/alter/remove data.

Does anyone have an idea what the problem might be?

Thanks  :Very Happy: 

----------

## magic919

Rebuild DSPAM with debug then check logs.

----------

## mariourk

I tried that, but that doesn't give me anything.

Besides, the regular logs (/var/log/dspam/dspam.log) give unreadable nonsense. Perhaps this is related to my problem.

The logs look like this:

```

30310: [06/23/2009 07:58:33] 

30310: [06/23/2009 07:58:33] 83

30310: [06/23/2009 08:04:11] fv

30310: [06/23/2009 08:04:11] @� 

30310: [06/23/2009 08:04:11] 

30310: [06/23/2009 08:04:11] 83

30310: [06/23/2009 08:19:01] fv

30310: [06/23/2009 08:19:01] ��

30310: [06/23/2009 08:19:01] 

30310: [06/23/2009 08:19:01] 83

```

Any suggestion is most welcome.   :Very Happy: 

----------

## magic919

I'd be checking the mail logs on mine as that's where DSPAM's debug output goes on mine.

Do you get output from

dspam_stats -H

?

----------

## mariourk

This is the output I'm getting:

```

mario:

           TP True Positives:             0

           TN True Negatives:           0

           FP False Positives:            0

           FN False Negatives:          0

           SC Spam Corpusfed:        0

           NC Nonspam Corpusfed:   0

           TL Training Left:               2500

           SHR Spam Hit Rate          100.00%

           HSR Ham Strike Rate:      100.00%

           OCA Overall Accuracy:     100.00%

```

----------

## magic919

Ok.  That proves the database.  Stop MySQL and you'll get this in the logs -

```

Jun 23 09:54:55 dspam[24589]: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)

Jun 23 09:54:55 dspam[24589]: unable to attach dspam context

```

That'll show that DSPAM is logging.

----------

## mariourk

When I stop MySQL, all the logs will give it the same unreadable nonsense. I have no idea what it says.

I suppose this could be part of the problem. If it isn't the problem itself...

```

3520: [06/23/2009 12:06:00] 

3520: [06/23/2009 12:06:00] 8

3520: [06/23/2009 12:06:33] �wo�=

3520: [06/23/2009 12:06:33] �wo�=

3520: [06/23/2009 12:06:33] �wo�=

3520: [06/23/2009 12:06:33] 

3520: [06/23/2009 12:06:33] 

3520: [06/23/2009 12:06:33] 

3520: [06/23/2009 12:06:33] 

3520: [06/23/2009 12:06:33] 8

```

The permissions should be ok. dspam own the logfiles. And even a regular user has write access.

The sql.errors log does show normal output. But those are only 2 lines and old information:

```

[06/20/2009 13:45:32] 28362: Table 'dspam.dspam_preferences' doesn't exist: select preference, value from dspam_preferences where uid = 0

[06/20/2009 13:45:32] 28362: Table 'dspam.dspam_preferences' doesn't exist: select preference, value from dspam_preferences where uid = 0

```

I was still toying with the database  :Wink: 

I can remember that I had the same problem with the server at work. No tags and nonsense in the logs. After creating a new database with

```

emerge --config =dspam-3.8.0-r15 

```

things suddenly started working. The logs gave normal output and the tags where added.

I tried the same on my homeserver, but no effect.   :Confused: 

----------

## magic919

Some funky stuff going on.  How about posting output of

dspam --version

and I'll compare mine.

----------

## mariourk

Here is the output of dspam --version:

```

DSPAM Anti-Spam Suite 3.8.0 (agent/library)

Copyright (c) 2002-2006 Jonathan A. Zdziarski

http://dspam.nuclearelephant.com

DSPAM may be copied only under the terms of the GNU General Public License,

a copy of which can be found with the DSPAM distribution kit.

Configuration parameters:  '--prefix=/usr' '--build=x86_64-pc-linux-gnu' '--host=x86_64-pc-linux-gnu' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc' '--localstatedir=/var/lib' '--libdir=/usr/lib64' '--with-storage-driver=hash_drv,mysql_drv' '--with-dspam-home=/var/spool/dspam' '--sysconfdir=/etc/mail/dspam' '--enable-daemon' '--disable-ldap' '--enable-clamav' '--disable-large-scale' '--enable-domain-scale' '--disable-syslog' '--disable-debug' '--disable-bnr-debug' '--disable-verbose-debug' '--enable-long-usernames' '--with-dspam-group=dspam' '--with-dspam-home-group=dspam' '--with-dspam-mode=2511' '--with-logdir=/var/log/dspam' '--disable-virtual-users' '--enable-preferences-extension' '--disable-homedir' '--with-logfile=/var/log/dspam/dspam.log' '--with-mysql-includes=/usr/include/mysql' '--with-mysql-libraries=/usr/lib64/mysql' 'build_alias=x86_64-pc-linux-gnu' 'host_alias=x86_64-pc-linux-gnu' 'CFLAGS=-O2 -pipe' 'LDFLAGS=-Wl,-O1' 'CXXFLAGS=-O2 -pipe'

```

----------

## magic919

I'd enable debug, as earlier and build with syslog too.

----------

## mariourk

I enabled the syslog-flag and now everthing is logged in /var/log/messages

This is when it says when an email comes in:

```

Jun 23 19:34:06 eddard dspam[4828]: bailing on error -2

Jun 23 19:34:06 eddard dspam[4828]: received invalid result (! DSR_ISSPAM || DSR_INNOCENT) : -2

Jun 23 19:34:06 eddard dspam[4828]: process_message returned error -2.  delivering.

```

I tried debug before, but that didn't give me anything. (the logs where readable though).

Update:

When I try to train Dspam, I get lots of these in the logs:

```

Jun 23 19:39:08 eddard dspam[6612]: No such class 'ham'

Jun 23 19:39:08 eddard dspam[6612]: Unable to initialize agent context

```

----------

## magic919

There is no ham class, so that's correct.  I think you mean innocent.  I don't think training is recommended, but that's up to you.

----------

## mariourk

Your right. I changed the script that I planned to use for training. Now the logs say this:

```

Jun 23 22:03:49 eddard dspam[11269]: Unable to find a valid signature. Aborting.

Jun 23 22:03:49 eddard dspam[11269]: process_message returned error -5.  dropping message.

```

Unfortunately, this still doesn't explain why nothing will be written to the database and why

dspam doesn't add any tags to the headers   :Confused: 

----------

## magic919

The error you now have suggests you are trying to re-train a message that DSPAM never saw in the first place.  This is caused by an error in the --source parameter.

----------

## mariourk

I enabled debug and those logs make a lot more sense now than they did before.

This is what they say:

```

24657: [06/23/2009 22:36:40] connection id 7 from 127.0.0.1.

24657: [06/23/2009 22:36:40] checking trusted user list for root(0)

24657: [06/23/2009 22:36:40] No QuarantineAgent option found. Using standard quarantine.

24657: [06/23/2009 22:36:40] using database handle id 1

24657: [06/23/2009 22:36:40] handle locked

24657: [06/23/2009 22:36:40] DSPAM Instance Startup

24657: [06/23/2009 22:36:40] input args: dspam --deliver=innocent, spam 

24657: [06/23/2009 22:36:40] pass-thru args: spam 

24657: [06/23/2009 22:36:40] processing user mario@mydomain.nl

24657: [06/23/2009 22:36:40] uid = 0, euid = 0, gid = 0, egid = 1002

24657: [06/23/2009 22:36:40] loading preferences for user mario@mydomain.nl

24657: [06/23/2009 22:36:40] _ds_pref_load: unable to _mysql_drv_getpwnam(mario@mydomain.nl)

24657: [06/23/2009 22:36:40] Loading preferences for uid 0

24657: [06/23/2009 22:36:40] Loading preferences for uid 0

24657: [06/23/2009 22:36:40] default preferences empty. reverting to dspam.conf preferences.

24657: [06/23/2009 22:36:40] Loading preferences from dspam.conf

24657: [06/23/2009 22:36:40] using /var/spool/dspam/opt-in/mydomain.nl/mario.dspam as path

24657: [06/23/2009 22:36:40] using /var/spool/dspam/opt-out/mydomain.nl/mario.nodspam as path

24657: [06/23/2009 22:36:40] sedation level set to: 0

24657: [06/23/2009 22:36:40] _mysql_drv_get_spamtotals: unable to _mysql_drv_getpwnam(mario@mydomain.nl)

24657: [06/23/2009 22:36:40] unable to load totals.  using zero values.

24657: [06/23/2009 22:36:40] _ds_getall_spamrecords: unable to _mysql_drv_getpwnam(mario@mydomain.nl)

24657: [06/23/2009 22:36:40] _ds_getall_spamrecords() failed

24657: [06/23/2009 22:36:40] total processing time: 0.00073s

24657: [06/23/2009 22:36:40] _mysql_drv_get_spamtotals: unable to _mysql_drv_getpwnam(mario@mydomain.nl)

24657: [06/23/2009 22:36:40] delivering message

24657: [06/23/2009 22:36:40] Establishing connection to 127.0.0.1:10026

24657: [06/23/2009 22:36:40] Connection established

24657: [06/23/2009 22:36:40] DSPAM Instance Shutdown.  Exit Code: 0

24657: [06/23/2009 22:36:40] checking trusted user list for root(0)

```

There seems to be some sort of problem with the MySQL driver. But I have no idea what it could be.

----------

## magic919

Ok.  From an earlier post I see you have a DSPAM user named mario.  However, the debug seems to suggest it is looking for a user named mario@mydomain.nl .  I think this is where the problem lies.

----------

## mariourk

It's possible that this is indeed the problem. Do you have any idea how to fix this?

I don't have any virtual users. All the users are system users.

----------

## magic919

How do you want DSPAM to work?  Do you want it to filter as just one user or are you trying to have separate spam-learning/quarantine per user?

----------

## mariourk

That last option, separate spam-learning/quarantine per user.

However, I feel the problem is somehow related to a faulty mysql-driver or something.

I have Dspam running om a server at work. I used the same setup on my homeserver,

so that should work. And the problem seems to be that Dspam is unable to contact the MySQL database.

----------

## magic919

Can you temporarily force all the mail through as user mario as a test?  Create a group file in DSPAM's home

mario:shared,managed:*

Then see what happens.  I'm presuming mario is a trusted user in DSPAM config.

----------

## mariourk

I've been tinkering around in the configuration of Dspam. I changed the Storage driver to:

```

StorageDriver           /usr/lib64/dspam/libhash_drv.so

```

And now it works fine. I can see the Dspam headers being added to the emails. That seems

to conferm what I was thinking. The problem seems to have something to do with Dspam nog being

able to connect with MySQL. Maybe the driver is faulty? But how do I check that?

Update:

Unfortunately, Dspam seems to mark every message as innocent   :Confused: 

----------

## magic919

I can't help debug the driver, but I'd run it through strace just in case.  I've never run it on 64 bit and that may make a difference.

DSPAM will need training to start to recognise the spam.  Just re-train the errors and it should straighten out.

----------

## mariourk

 *magic919 wrote:*   

> DSPAM will need training to start to recognise the spam.  Just re-train the errors and it should straighten out.

 

I hope it will. If it does I suppose I could stick with the hash driver. This mailserver is only user by a few people, so that shouldn't be a problem.

----------

## magic919

Maybe sqlite otherwise?  Might be worth a try to see if that driver is ok.

Regarding DSPAM in general, I'm hoping the Community version will be released soon.  DSPAM has been stagnant for quite a while and it will be good to see it come back to life.

----------

## mariourk

 *Quote:*   

> 
> 
> Maybe sqlite otherwise? Might be worth a try to see if that driver is ok. 
> 
> 

 

I just tried PostgresQL. But that gives the same result. I'll give SQLite a try too. But that is new for me  :Very Happy: 

 *Quote:*   

> 
> 
> Regarding DSPAM in general, I'm hoping the Community version will be released soon. DSPAM has been stagnant for quite a while and it will be good to see it come back to life.
> 
> 

 

In other words, it is dead at the moment? In that case, I hope it will come back to life also. For a dead program is Dspam doing pretty well on our productionserver at work. Much better that Spamassassin ever did.  :Wink: 

----------

## magic919

Might it be sonething else about your config then?

I like to think of DSPAM as dormant  :Smile:   Jonathan Zdziarski wrote it and then sold the rights to some company.  They, in turn, have given the rights over the the DSPAM community, whomever that may be.  There will hopefully be a release and a new PHP based webUI too.

Me, I love DSPAM and use it on a few servers.  I also used SA, Pyzor, Razor and all that stuff in the past.  There's a guy called Steve that was active on here and uses DSPAM.  He knows loads about it.  You may have seen his posts.

Let's hope it all gets sorted.

----------

## mariourk

I tried sqlite, but that is even worse. It gives this error:

```

[590616.174224] dspam[6470] trap divide error ip:40d71b sp:40fea810 error:0 in dspam[400000+16000]

```

After that Dspam crashes.

I'm getting the feeling that the Dspam code really needs some maintainance :/

Hopefully the community will pick it up. It would be a waste if the project just died.

----------

## magic919

Yikes.

I just looked and it seems Steve is one of the developers on the community project.  I also hope it all works out, for all our sakes.

----------

