# DSPAM running, but all spam-mails are marked Innocent!

## MaartenZzZ

Dear community,

I have a 'problem' with my DSPAM. It's all up and running, dspam_stats -H give results;

```
NewYork # dspam_stats -H

filter:

                TP True Positives:              0

                TN True Negatives:             13

                FP False Positives:             0

                FN False Negatives:             0

                SC Spam Corpusfed:              0

                NC Nonspam Corpusfed:           0

                TL Training Left:            2487

                SHR Spam Hit Rate         100.00%

                HSR Ham Strike Rate:        0.00%

                OCA Overall Accuracy:     100.00%

```

The web-interface is running, all good. But: all my spam-mails are 'marked' as innocent. The quarantine remains empty.

This is a regular spam e-mail header:

```
X-DSPAM-Result: Innocent

X-DSPAM-Processed: Sun Aug 31 14:55:04 2008

X-DSPAM-Confidence: 0.9899

X-DSPAM-Probability: 0.0000

X-DSPAM-Signature: 48ba94a863887833611025

```

Am I doing something wrong?

Can somebody give me some hints on how to filter my messages 'right'?

If I need to post (one of) my configs, let me know  :Smile: 

Thank you so much for reading and answering!

Maarten

----------

## kevstar31

Try training it with spam archives:

http://spamlinks.net/filter-archives.htm

----------

## MaartenZzZ

Thanks, but can you explain to me how to use it? I'm new to the anti-spam scene  :Smile: 

Little update about the web-interface: I can't modify settings. When I want to apply, my settings "jump" back to the original settings. Can't apply anything.

----------

## MaartenZzZ

 *Quote:*   

> Q. How should I train DSPAM?
> 
> A. Just allow email to come in, and forward the messages that are spam. If you have both an innocent and a spam corpus, you can use the dspam_corpus tool to feed it into the system. It is NOT a good idea to feed DSPAM a bunch of spam without feeding it a bunch of nonspam, as this could potentially skew the dictionary and lead to false positives immediately (NOT because DSPAM requires a balanced corpus, but as the result of the scoring of tokens that appear only in one corpus). Special safeguards have been put into place to prevent this under normal spammy email load, but force-feeding DSPAM spam is not recommended. The best advice for training a dictionary is to just act on the email you receive after DSPAM is set up. If you have a large user base, you may wish to create a global or mergedset of data to provide users with out-of-the-box filtering. See the README for more information about global and merged groups. 

 

Well, if I send an e-mail to spam-dspam@mydomain I'll get it back because the address doesn't exists. How can I solve this?

----------

## MaartenZzZ

Followed this link: https://forums.gentoo.org/viewtopic-t-647879-highlight-dspam.html

My SQL database is being 'filled' as the UID number from user filter. This is alright I guess.

I logon to my web-interface with user 'filter'. All good?

No history, no quarantine, nothing. I'm stuck guys. A little help would be very, very appreciated. Thanks in advance community   :Very Happy: 

Maarten

----------

## MaartenZzZ

Been a while now... my 'dspam'-database is still beeing filled but my DSPAM web-interface doesn't see any messages.

Can somebody tell me what to check? I'm lost   :Crying or Very sad: 

Thank you in advance guys!   :Very Happy: 

----------

## magic919

I presume you mean in history section of GUI.  Start off by making sure ~dspam on down is owned by dspam:dspam.

If that's not enough then make sure apache and filter are group dspam too.  It's always permissions/ownership.   :Smile: 

----------

## MaartenZzZ

Well, I don't have a user called dspam. I do have a user called filter. Permissions are as followed:

ls -al /home

```
drwxrwx---+  5 filter       users   95 Aug 31 14:08 filter
```

/etc/group says (now):

```
dspam:x:1000:filter,apache
```

So the user 'dspam' is 'filter' in my case (?).

I do have a /var/spool/dspam/system.log filled with all the e-mails.

But no history, no messages.. I cannot even change something in the GUI. When I select an option (change an option) as soon as I save, the option will be set back to default. Changed the permissions from root:root to apache:apache on /var/www/dspam_web (with chmod 700)[/bug], but nothing works.

----------

## magic919

The ebuild creates a user and group called dspam, so you must have these.  This is nothing to do with your user called filter.

Please run the recursive chown of ~dspam as suggested above.

Also run and paste output of

id dspam

id apache

id filter

I don't recommend making config changes in the GUI at this point.  Just aim to view History and be able to retrain.

Cheers.

----------

## MaartenZzZ

It works! after I did a chmod -R 700 /var/www/dspam_web and a chown -R apache:apache /var/www/dspam_web I see some e-mails coming through finally! After some training it's recognizing spam, nice!

Thank you guys for helping me out!   :Cool: 

----------

