# DSPAM?  Why not in gentoo?  Something bad about it?

## adammorley

Hi,

I noticed that DSPAM doesn't seem to be in gentoo, even though it looks rather promising.  I was surprised, because it seemed like it would be in gentoo.  Is there a reason?  Like, was it once, but it turned out to not be so great or something?

http://www.nuclearelephant.com/projects/dspam/

Thanks,

adam

----------

## banadushi

There is an ebuild for DSpam 2.6.4 in the bugs db.

https://bugs.gentoo.org/show_bug.cgi?id=26744

----------

## banadushi

 *banadushi wrote:*   

> There is an ebuild for DSpam 2.6.4 in the bugs db.
> 
> https://bugs.gentoo.org/show_bug.cgi?id=26744

 

I have updated the ebuild for DSPAM 2.7.4 using the db4 driver only.

Tarball in bugzilla

https://bugs.gentoo.org/show_bug.cgi?id=26744

----------

## adammorley

Is this going into portage sometime?  Or is it still being tested?

----------

## banadushi

 *adammorley wrote:*   

> Is this going into portage sometime?  Or is it still being tested?

 

Your guess is as good as mine.  I hope eventually.  but until then i'm gonna try to keep up with DSPAM updates and get the ebuild workding nicely.

----------

## Cornfed

Anyone have any news of this getting entered into portage?

----------

## drakos7

Especially now that it is at 2.8.3 AND was featured on =slashdot.

I guess the thing to do is make and submit another ebuild to bugs.gentoo

----------

## adammorley

 *drakos7 wrote:*   

> Especially now that it is at 2.8.3 AND was featured on =slashdot.
> 
> I guess the thing to do is make and submit another ebuild to bugs.gentoo

 

I've been looking at it --- its kind of involved, and difficult to integrate into some mail servers (qmail), so that might be part of it.

----------

## drakos7

Sure, but at the bottom of the dspam site it lists gadoyanspam as the " DSPAM agent designed with qmail in mind". So there should probably be 2 ebuilds, one for dspam and one for gadoyanspam.

Disclaimer: I do not run qmail so I cannot speak authoritatively on this.

----------

## adammorley

[quote="drakos7"]Sure, but at the bottom of the dspam site it lists [url=http://oss.mdamt.net/gadoyanspam/]gadoyanspam[/url] as the "[i] DSPAM agent designed with qmail in mind[/i]". So there should probably be 2 ebuilds, one for dspam and one for gadoyanspam.

[i]Disclaimer:[/i] I do not run qmail so I cannot speak authoritatively on this.[/quote]

I'm currently looking at gadoyanspam, but so far, I haven't decided if its what I'm looking for.  I will say that its pretty close.

----------

## BobOki

Install instructions for gadoyanspam ("I don't liek spam") are as follows:

HOW TO USE

* Install DSPAM. I use version 2.8.1

  We dont use the "dspam" program that come with the package, 

  but we need the other executables and libdspam

  from the package. Dont forget to setup the USERDIR.

  READ the documentation

* Compile gadoyanspam:

  # gcc -o gadoyanspam gadoyanspam.c -ldspam -I/path/to/dspam-source-code

  If your dspam installation is not in your library path, you can try:

  # gcc -o gadoyanspam gadoyanspam.c -ldspam -I/path/to/dspam-source-code\

    -L/path/to/dspam/lib

* Install it somewhere in your PATH

  # cp gadoyanspam /usr/bin

* Put it in your .qmail file, like:

  |/path/to/gadoyanspam 

  ./Maildir/username

* by default you can send:

  - normal messages to:  user@domain.com

  - spam messages to: user-spam@domain.com

  - false positives to: user-notspam@domain.com

  dont forget to create email user-spam@domain.com and user-notspam@domain.com

  these address dont have to have a mailbox, /dev/null is ok. But if you are

  using quarantine feature, at least user-spam@domain.com needs to have a maildir

  installed.

Sounds like it would be easy to make a package for it?

----------

## adammorley

 *BobOki wrote:*   

> Sounds like it would be easy to make a package for it?

 

I think it would be.  Too bad I don't have a Gentoo box right now, or I'd make one and put it into bugs.  Go for it!

----------

## Donovan

So, how does one have both a spam filtering solution in place AND a virus scanning solution at the same time with Qmail?

Previously I had Qmail-Scanner + ClamAV + F-Prot + SpamAssassin... it stopped working just recently, and I ended up removing SpamAssassin (which wasn't identifying spam anymore) and ClamAV (which was giving memory errors).

How do I impliment, POPFile (or) CRM114 (or) DSPAM (and soon after that MailMan) into Qmail?  Qmail-Scanner only supports SpamAssassin for spam filtering.

 :Confused: 

...Dono

----------

## adammorley

Integrate spam filtering and virus filtering?  Well, I've never done virus filtering (we're a unix shop, so its less of a problem for us.  But I've tested TMDA (love it, wish it had a maildir pending directory.  that's coming soon though), and am now testing bogofilter.  Bogofilter has been quite effective.

cat .qmail

|condredirect <spam email box> /command/bogofilter -u

./.Maildir/

where <spam email box>  is another alias (say, bob-spam@domain.com) that goes to a folder for the email that is filtered.  read the followings:

http://article.gmane.org/gmane.mail.bogofilter.general/711

http://www.chrishardie.com/tech/qmail/qmail-antispam.html (that's where I got my bogofilter .qmail file)

I looked at dspam, but it turns out i didn't like how it integrated with qmail.  It also looked like it used a system wide db for the spam detection, and I didn't like that.  I could be wrong on both since I never actually put it into production.  But I found bogofilter, and had already started with TMDA.

----------

## tecknojunky

Anyone can provides some insights on how dspam compares to spam assassin?

I'm compeled to try it since my MTA is running on a P1 box.  Perl is awfully slow on that box (so is any interpretted language, for that matter) and has a big footprint to remain resident in memory.

Since spamassassin is a heuristic based filtering while dspam is a statistical based filtering, does it do a better or worst job?  Does it require a lot of maintenance?

Thanks

----------

## cbreaker

I would like to be able to use DSPAM in the way that I use SpamAssassin.

I'm using Exchange.   So, needless to say there's no maildirs or mboxes or users on the unix box.   I just want to filter some spam, for everyone.   I don't care if it's not 100% tailored to each individual users.  They don't care, they just want the spam to stop, and my users don't care if one or two false positives get deleted.   Internet e-mail can be unreliable anyways!    With autowhitelisting this isn't really something that's likely to happen much.

SO, I have postfix with amavisd-new and spamassassin.   The combo has worked great in the past.   I have a mailbox on the unix box that people can forward spam to when they get it.  Every night a cron job runs through the mailbox to update the bayes filter.    With the scoring system being able to score bayes hits depending on how sure it is, along with the razor and other tests, I've never had a false positive ever.   And I used to only get one or two spams a day, versus the 50 before putting it in.

Unfortunately, the bayes filter seems kinda weak.  I've been getting more and more spam lately.   I've read other people say the same thing.   So, looking around I only see DSPAM as the alternative.

Unfortunately,  most of these kinds of things (including spamassassin, if it weren't for amavisd) assume you're running all your mailboxes off the unix box and that your users care enough/are willing to manage their own spam settings and such.   DSPAM seems to fall into this category.

It looks like I can do what I want to do with DSPAM but it's going to take a lot of work, I think.    If anyone has a configuration suggestion to point me in the right direction, please do so.   I can switch off of postfix if need be, I don't really care.   But I gotta try something new.

----------

## mallchin

I'd like to use dspam with Courier's mailfilters. If anyone has information or success stories relating to this I would be intrigued.

----------

## zeek

 *tecknojunky wrote:*   

> Anyone can provides some insights on how dspam compares to spam assassin?

 

SpamAssassin tests against a corpi of millions of messages and comes up with a FN < 2% and FP < 0.1%.

Dspam uses ~3500 (seriously) messages for its testing corpi and comes up with FN < 0.1% and FP 0%.

The corpus Dspam uses for testing (specifically the size) means nobody can take it seriouslly.

----------

## mallchin

Still, two spam thwaters are better then one  :Smile: 

----------

## jeffk

I am still getting my sea legs for writing ebuilds, mostly sticking to small libraries and python extensions. I'm still new to postfix and qmail, and that's been holding me back from trying any manual DSPAM installs. For anyone with the experience to get DSPAM running properly with gentoo and postfix, Many would really appreciate some ebuilds for the latest versions.

The current versions are

Stable[ v2.10.3-STABLE ] April 2, 2004

Devel [ v3.0.0-ALPHA-4 ]  April 16, 2004

http://www.nuclearelephant.com/projects/dspam/#download

Our spam situation, like everyone else's, is growing serious, and DSPAM is the package I want to try. Based on what I've read about it, I'd very much like to see this package get into the gentoo mainstream. Thanks.

----------

## n0cturne

I will second jeffk's request.  I have tried a manual install and got it "somewhat" working, but I haven't had time to fiddle with it any more.  I seem to have some problems with permissions as far as I can tell.  If there was a good "howto" for gentoo/postfix/dspam even, I would be happy.  An ebuild would be better of course!   :Smile: 

----------

## tweakt

Dspam is clearly the most effective spam filter right now. Spamassiin served me well for a quite a while but it just stopped holding up to the onslaught of nasty spam being thrown at me these days. This tool should definately be available in portage and hopefully become the recommended spam filter for Gentoo. 

I will volunteer to write a HOWTO. I have also made an ebuild from scratch which I would really love to get some feedback on. I have a few things to work out and maybe some others have some clever solutions. I didn't realize there was one in the bug db, I'll take a look at it, but it sounds like they're collecting dust.

The tricky part is supporting the wide variety of configurations out there. I think the best approach is to not to try to do everything automatically, but provide example configs ready to drop in.

What I have so far:

mysql USE flag will enable mysql support instead of libdb4, I've packed and scripted everything necessary to create the database, mysql user account, and tables, as well as the purge script that should be run from cron. Running 'ebuild XXX.ebuild configure' will set things up for you.

The dspam webapp is installed to manage the spam quarantine. I borrowed what I could from packages like phpMyAdmin but I could use some guidance regarding virtual hosting, etc. I know there's been an effort in this area, so I'd like to do things the most correct way. There are also security/permissions issues to work out with that, I've got a compromise that works currently. This addes a depend on apache and perl. I could use some feedback on this. I want to make it as turnkey as possible without losing too much flexibility. 

I'm running with postfix and have come up with a better configuration than what is documented in the README. It allows postfix to deliver as the dspam user and not the target user, this keeps the permissions correct. (Initially I had files in the dspam data directory group readable by 'users', oops!)

I'm wondering if there is sufficient interest to either make a local USE flag or a dspam-lite ebuild that installs and sets up to deliver spam instead of quarantining it for those who prefer not to use the webapp. You can then filter with procmail by looking at the X-DSPAM-Result header, and send false-negatives back in with a nonspam mail alias. There is also a way to set things up to call dspam directly from procmail for a single user.

On the 'NICE-TO-HAVE' list:

Currently, dspam ships with a util which reads /etc/passwd to generate a list of aliases which forward to dspam for retraining on false negatives. I don't really care for this approach and I think it should be done dynamically. 

It shouldn't be that hard to create a dynamic filter that matches spam-$USER and reinjects to dspam for false-negatives as that user automatically. Certain restrictions could be added to prevent delivery for system accounts. Ideally this should use PAM.

Dspam likes to keep data and spam quaranting, and certain config files all in the same folder. I'd like to have /etc/dspam for config, and /var/spool/dspam for everything else. It shouldn't be too hard to create a patch to supply a new autoconf parameter to specifiy that and hopefully it would get committed upstream

That's it for now. I can't promise anything within a specific timeframe but I have the basics in place now and it's working EXTREMELY well, so I really want to share with the rest of the Gentoo community.

I haven't played with the 3.x release yet, I'll take a look at it down the road though.

----------

## n0cturne

Thanks for the info tweakt!  I fell back to Spamassassin because I really didn't have a lot of extra time to mess with Dspam.  I *would* like to try it and I wouldn't mind doing a little testing for you if you need any help on that side of things.

I agree with your thoughts on providing the example configs rather than trying to do everything with an ebuild.  Lots of variables out there, different MTAs, delivery agents, etc.

The mysql support, the webapp, and the idea of the "lite" version of dspam are perfect!

I am glad to hear you have come up with a better solution to the permissions problem.  That was the biggest concern I had...  I really didn't like the way it worked using the config from the README.

Keep up the good work and keep us informed of your progress!  I appreciate your work on this!

----------

## jeffk

DSPAM 3.0.0.beta.1 was just released, this might make it stable enough for a potential ebuild. They seem to be zipping along at a release every few weeks.

----------

## psi0nik

i've seen a few posts in this thread regarding virus scanning with qmail. rather than going the clamAV route and firing off a hefty perl process with qmail-scanner, i've been using russell nelson's qmail-smtpd-virusscan patch available at http://qmail.org/qmail-smtpd-viruscan-1.3.patch

this reads a list of virus signatures from a file, and blocks attachments matching those signatures at the smtp level, so it's VERY cheap, very low overhead, and very effective.

the net effect of this is that you can't send windows executable attachments into your mail server anymore - it will simply reject them with a message stating 'we don't accept executable attachments, please zip this'

this way, if someone's sending legit attachments, they'll get a bounce from their server, they can zip the thing, and resend it. nice and easy. and there's no good reason to be sending an exe attachment w/o at least compressing it first anyway.

----------

## tweakt

Watch this space for updates:

https://bugs.gentoo.org/show_bug.cgi?id=26744

I've still got a few things to finish up before submitting my ebuild. (Create users, set some permissions correctly, etc).

----------

## n0cturne

Not meaning to be obnoxious, but what's the status of this DSPAM ebuild?  I visit the link above at bugs.gentoo.org and see the last message there from tweakt (I assume), but nothing more.  What's the next step?

I threw together an OpenBSD box to act as a spam gateway using DSPAM, and I was blown away by the accuracy and speed.  Very nice indeed!  But I am a Linux user at heart and I would dearly love to have DSPAM running on my Gentoo box.

----------

## w00kie

I'm also very much looking forward to this ebuild

all my attempts at installing dSpam with Postfix and Procmail having miserably failed

----------

## jeffk

I couldn't agree more, DSPAM is the most important server program I can't yet run on Gentoo. The spammers have found our individual employee email addresses, the avalanche has begun.

FWIW, DSPAM recently released 3.0.0 beta 3. Perhaps version 3 has configuration features that will make gentoo integration easier. I wish I knew enough about it myself to make any headway.

http://www.nuclearelephant.com/projects/dspam/

----------

## Xaignar

It's also possible to run this as a single user. There's a guide at the dSpam site. I didn't use a ebuild for installing, but instead manually installed the binaries to ~/.dspam/bin and ~/.dspam/lib.

----------

## Styles

Well it looks like DSPAM walks all over SA... I will be implementing a Postfix + Amavis/ClamAV + DSPAM, Mailfilter Gateway here at work to forward to our Exchange server. I did find a howto for Gentoo do this but it is not in English but you can still make out what to do.

here is the URL for it is a slow site so I used google cached link http://216.239.57.104/search?q=cache:OciBOJYRP_4J:cakraweb.postfix.or.id/docs/cecep/mailfiltering_postfix_amavis_dspam.html+DSPAM+mailfilter+relay&hl=en

----------

## Styles

Update: found a translation web site for Indonesian to English translation for the above HOWTO. 

http://www.toggletext.com/kataku_trial.php

Orginal link to the howto

http://cakraweb.postfix.or.id/docs/cecep/mailfiltering_postfix_amavis_dspam.html

This also might help some people as well, an alternative to the Exchange 5.5 method of exporting valid users on an Exchange server, then processing the output and copying to a Postfix server.

http://www.plusone.com/gaptuning/postfix/

Cheers,

----------

## kyler

I knocked out a quick and dirty translation to english for the rest of you shpam lovers....   now we just need to shut down hotmail.com and we'll knock out half of these bad guys  :Razz: 

---

http://devnull.com/kyler/dspam.20040512.html

I will link to updated translations from the above page...  I haven't actually run through a test setup yet, so I can assure you there will probably be issues if you run through my translation word for word.  

Enjoy!

Kyler M. Klein

----------

## jeffk

That is one fantastic bit of documentation.

Regarding the DSPAM ebuild, the new version is at RC2, perhaps the 3.0.0 version has many convenience features that have been holding up the existing DSPAM ebuild. With its new monitoring web app, it will probably need to integrate with the webapp-config package now, the details of which I have no clue.

http://www.nuclearelephant.com/projects/dspam/

At any rate, thanks to all involved in the DSPAM integration, I'm looking forward to it. Gentoo needs this package desperately.

----------

## tweakt

I'm still around, have no fear. Yeah, I've slacked on this for a bit, sorry! 

I will do my best to get something available, maybe others can help polish it up and maintain it, because my time is limited currently.

In regards to the web app, yes, it's nice and it was actually available with the 2.10.x release as well, I'm using it now to monitor my spam quarantine. I haven't yet tried the new one, but it makes sense to skip 2.10.x and make an ebuild for 3.0 now. Many folks are using it and it seems stable, also accuracy has been improved slightly.

There's a hack with the webapp and authenticating against shadow passwords. I've made an ebuild for mod_auth_pam to facilitate this but I'm not thrilled with how it works. Also I could use input into how this my be made to fit a wider variety of configs.

Look for something in a week, promise! And definately feel free to contact me directly via email!

----------

## Styles

 *kyler wrote:*   

> 
> 
> I will link to updated translations from the above page...  I haven't actually run through a test setup yet, so I can assure you there will probably be issues if you run through my translation word for word.  
> 
> Enjoy!
> ...

 

I'm just waiting on a new harddrive from insight, and will start work on the server soon. I will let you know what is wrong with the doc when I run through it.

----------

## kyler

I've added some new links to my original english translation at -

http://devnull.com/kyler/dspam.20040512.html

I was in the middle of my 1st build based on this translation when I noticed the original author posted a new indonesian version at http://comlabs.itb.ac.id/~cecep/HOWTO/mailfiltering_postfix_amavis_dspam.html

My latest rev is up here, and includes some notes for DSPAM 3.x -

http://devnull.com/kyler/dspam.20040609.html

I'll translate the author's updated version, specifically for DSPAM 3.x here (still in indonesian for now) -

http://devnull.com/kyler/dspam.20040605.html

Enjoy folks...  this junk mail problem has got to stop!!

----------

## Styles

Great work Kyler, I just got the hard drives in for my server and will be doing a clean install on them hopfully this week if I can find the time.

As soon as you get a final draft you should post it in the Document tips and tricks section of the forum.

Cheers,

Eric

----------

## kyler

Just a heads up for anyone attempting to follow this article...  

I'm close to getting this setup working, but dspam does not seem to classify anything as spam (YET), but it's adding the !DSPAM tag to the end of the email, so I think I'm on the right track...  if i try to forward a spam to kyler@spam.devnull.com i see an error in my log, so i probably have a bad dspam command line arg in my setup somewhere unless that's a normal error... not too sure since this is my 1st dspam attempt.   I'll keep trying at it if I have any free time this weekend...  If anyone else has any luck with this setup, please pass any useful info my way =)  Thanks...  

----

Jun 12 01:46:46 localhost dspam[11814]: process_message returned error -5.  delivering message.

Jun 12 01:46:46 localhost postfix/pipe[11806]: 78C4B17A309: to=<kyler@spam.devnull.com>, relay=dspam-add, delay=0, status=sent (devnull.com)

----------

## cecep_mr

EDIT 15 June 2004: this is not bugs  :Very Happy:  with new config master.cf, everything work fine.

Looks here: http://comlabs.itb.ac.id/~cecep/HOWTO/mailfiltering_postfix_amavis_dspam.html

My dspam has upgraded to 3.0.0 stable (and without quarantine spam like i want) and it works great!

=====================================

I think dspam 3.x is good, such as with this version we can setup per user preferences, and new cgi client has improved (and add some new feature).

New cgi client screenshot 

http://comlabs.itb.ac.id/~cecep/archives/images/2004-06-12/dspam_cgi.png

After upgrade to 3.x, every user can choose which preferences is right for their purpose. Like quarantine spam, or sent spam with subject tagging (add [SPAM] prefix). Or, set training mode TOE, or TEFT (which in version 2.10.x apply globally).

Everything work fine, but it has bugs in training spam message (report spam_miss) with user preferences, Tag the subject header as spam or Deliver the message, and I'll sort it out (using X-DSPAM-Result). DSPAM make training loop with this setup.

* first sent spam miss to addspam account

* dspam processing spam_miss

* dspam classified this mail as spam, and try to deliver spam. but dspam deliver spam mail to addspam account (cecep@addspam.domain.tld), not to user account (cecep@domain.tld). and looping is begin.

With user preferences set to Quarantine the message training spam_miss is work fine.

And now, i have downgrade to dspam 2.10.6 to avoid this issue (i don't want quarantine spam, just sent all spam/ham to my mail account).

Cecep.Last edited by cecep_mr on Mon Jun 14, 2004 10:12 pm; edited 2 times in total

----------

## cecep_mr

 *kyler wrote:*   

> Just a heads up for anyone attempting to follow this article...  
> 
> I'm close to getting this setup working, but dspam does not seem to classify anything as spam (YET), but it's adding the !DSPAM tag to the end of the email, so I think I'm on the right track...  if i try to forward a spam to kyler@spam.devnull.com i see an error in my log, so i probably have a bad dspam command line arg in my setup somewhere unless that's a normal error... not too sure since this is my 1st dspam attempt.   I'll keep trying at it if I have any free time this weekend...  If anyone else has any luck with this setup, please pass any useful info my way =)  Thanks...  
> 
> ----
> ...

 

Try with 2.10.6, and configure with --enable-debug.

You can watch some verbose log in /var/dspam/dspam.debug

Cecep

----------

## Styles

Thanx Cecep for the information and the heads up!

Just an FHI Cecep is the original author.. for the howto.

----------

## tweakt

Ok. I'm taking some time today work on this, and I'll be posting a link to my dspam-3.0.0-rc2 ebuild sometime this weekend.

I'd like to take an informal poll.

How many think that having a seperate ebuild for the quarantine webapp would make sense? 

Untill now I've focused on creating one masterful automated ebuild trying to handle all possibilities. But it occurs to me the best way to handle this is having the quarantine cgi optional, because now it's loads easier to configure dspam to deliver spam, some may prefer to configure that way. Also, as mentioned earlier, in 3.0.x a lot of the options that control behavior of dspam were moved to the command line instead of ./configure, making life MUCH simpler for writing ebuilds.

That just leaves integration with an MTA. This part needs to be done manually anyhow because such configuration changes can't be automated. I've got postfix taken care of... I'll let others tackle sendmail, qmail, etc.

----------

## DAWG98

I used the guide to install a mailserver for my home network.  I am also using cyrus.  Dspam works like a champ.  I can receive emails (save the pesky spam mails ;)  However, I cannot send any mail using my Netscape mail client.  It's pointed at port 25 on the server.  When I check the logs it seems that mail just runs through the regular incoming process and then is bounced since there is not mailbox to deliver to (makese sense, since it was sent to someone on the outside).

If I use sendmail from a shell I can send mail.

Can someone tell me what I am doing wrong.

Thanks.

----------

## cecep_mr

 *DAWG98 wrote:*   

> I used the guide to install a mailserver for my home network.  I am also using cyrus.  Dspam works like a champ.  I can receive emails (save the pesky spam mails   However, I cannot send any mail using my Netscape mail client.  It's pointed at port 25 on the server.  When I check the logs it seems that mail just runs through the regular incoming process and then is bounced since there is not mailbox to deliver to (makese sense, since it was sent to someone on the outside).
> 
> If I use sendmail from a shell I can send mail.
> 
> Can someone tell me what I am doing wrong.
> ...

 

did you have configurations like this (/etc/postfix/main.cf)

```
mynetworks = YOUR_SUBNET/MASK, 127.0.0.0/8

smtpd_client_restrictions = permit_mynetworks, reject_unknown_client
```

please paste your logs here, its make clearer to solve your problem.

----------

## DAWG98

Ok here is the main.cf

```

soft_bounce = no

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

mail_owner = postmaster

myhostname = poseidon.do.main.org

mydomain = do.main.org

mydestination = $myhostname, localhost.$mydomain, $mydomain

my_networks = 192.168.0.0/24, 127.0.0.0/8

unknown_local_recipient_reject_code = 450

#myorigin = do.main.org

transport_maps = regexp:/etc/postfix/transport_regexp

virtual_alias_maps = hash:/etc/postfix/virtual

check_relay_domains = $relay_domains, $inet_interfaces, virtual table

inet_interfaces = all

alias_maps = hash:/etc/mail/aliases

alias_database = hash:/etc/mail/aliases

debug_peer_level = 5

debugger_command =

         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

         xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

manpage_directory = /usr/share/man

sample_directory = /etc/postfix/sample

readme_directory = /usr/share/doc/postfix-2.0.19-r2

mailbox_transport = cyrus

#content_filter = smtp-amavis:[127.0.0.1]:10024

#smtpd_sasl_auth_enable = yes

#smtpd_sasl_security_options = noanonymous

local_recipient_maps =

 
```

And the master.cf

```

cyrus     unix  -       n       n       -       -       pipe

#   user=cyrus:mail argv=/usr/cyrus/bin/deliver --user ${user} -e -r ${sender} -m ${extension} ${user}

#   user=cyrus:mail argv=/usr/local/bin/dspam --user ${user} -e -r ${sender} -m ${extension} ${user}

 user=cyrus:mail argv=/usr/local/bin/dspam --user ${user} -e -r ${sender} -m ${extension}

#  user=cyrus argv=/usr/local/bin/dspam --user ${user}

uucp      unix  -       n       n       -       -       pipe

  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

ifmail    unix  -       n       n       -       -       pipe

  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)

bsmtp     unix  -       n       n       -       -       pipe

  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

#vscan            unix  -  n  n  -  10  pipe user=amavis argv=/usr/sbin/amavis ${sender} ${recipient}

#localhost:10025  inet  n  -  n  -  -   smtpd -o content_filter=

#dspam-spam  unix  -       n       n       -       -       pipe

  flags=DRhu user=dspam argv=/usr/local/bin/dspam --mode=teft --process --user ${nexthop}

# amavisd-new + clamav : virus checker

# dspam                : spam checker

smtp                 inet      n      -      n      -      -      smtpd

  -o content_filter=smtp-amavis:[127.0.0.1]:10024

smtp-amavis          unix      -      -      n      -      2      lmtp

  -o smtp_send_xforward_command=yes

127.0.0.1:10025      inet      n      -      n      -      -      smtpd

  -o cleanup_service_name=pre-cleanup

  -o content_filter=dspam:dummy

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

  -o mynetworks=127.0.0.0/8

  -o strict_rfc821_envelopes=yes

  -o smtpd_error_sleep_time=0

  -o smtpd_soft_error_limit=1001

  -o smtpd_hard_error_limit=1000

127.0.0.1:10026      inet      n      -      n      -      -      smtpd

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

  -o mynetworks=127.0.0.0/8

  -o strict_rfc821_envelopes=yes

 -o smtpd_error_sleep_time=0

  -o smtpd_soft_error_limit=1001

  -o smtpd_hard_error_limit=1000

127.0.0.1:10026      inet      n      -      n      -      -      smtpd

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

  -o mynetworks=127.0.0.0/8

  -o strict_rfc821_envelopes=yes

  -o smtpd_error_sleep_time=0

  -o smtpd_soft_error_limit=1001

  -o smtpd_hard_error_limit=1000

dspam                unix      -      n      n      -      -      pipe

# flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --deliver=innocent,spam --feature=chained,noise --user ${recipient}$user

 flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --deliver=innocent --feature=chained,noise  -f ${sender} -- %u --user ${recipient}

cleanup              unix      n      -      n      -      0      cleanup

  -o header_checks=

  -o mime_header_checks=

  -o nested_header_checks=

  -o body_checks=

pre-cleanup          unix      n      -      n      -      0      cleanup

  -o canonical_maps=

  -o sender_canonical_maps=

  -o recipient_canonical_maps=

  -o masquerade_domains=

  -o virtual_alias_maps=

  -o always_bcc=

  -o sender_bcc_maps=

  -o recipient_bcc_maps=

local                unix      -      n      n      -      -      local

  -o content_filter=

  -o myhostname=localhost

  -o local_recipient_maps=

 -o relay_recipient_maps=

  -o mynetworks=127.0.0.0/8

  -o mynetworks_style=host

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

dspam-add            unix      -      n      n      -      -      pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam --user %u --class=spam --source=error --stdout

# user=cyrus:mail argv=/usr/local/bin/dspam --user ${user} -e -r ${sender} -m ${extension} $user --class=spam --source=error --stdout

dspam-fp             unix      -      n      n      -      -      pipe

#  flags=Rhq user=dspam argv=/usr/local/bin/dspam --user ${user} --class=innocent --source=error

 user=cyrus:mail argv=/usr/local/bin/dspam --user ${user} -e -r ${sender} -m ${extension} $user --class=innocent --source=error --stdout

```

Excerpts from dspam.debug

```

1197: [Sun Jun 13 00:31:16 2004] LDA returned error, exit code: 65, LDA command line: /usr/cyrus/bin/deliver HIDDEN@hotmail.com dawg98@do.main.org -- HIDDEN@hotmaill.com

```

And excerpts from mail.err

```

Jun 12 23:54:53 poseidon pipe[927]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied

Jun 12 23:58:43 poseidon pipe[980]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied

Jun 13 00:07:14 poseidon pipe[1025]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied

Jun 13 00:09:42 poseidon pipe[1052]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied

Jun 13 00:17:16 poseidon pipe[1108]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied

Jun 13 00:25:56 poseidon pipe[1144]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied

Jun 13 00:26:55 poseidon pipe[1168]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied

Jun 13 00:57:42 poseidon pipe[1330]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied

```

I configured Dspam using:

  --with-dspam-home=/var/dspam \

   --with-dspam-home-owner=dspam \

   --with-dspam-home-group=postdrop \

   --with-dspam-owner=dspam \

   --with-dspam-group=postdrop \

   --with-dspam-mode=4510 \

   --prefix=/usr/local/ \

   --with-delivery-agent="/usr/cyrus/bin/deliver \$u" \

   --enable-spam-subject \

   --enable-parse-to-headers \

   --enable-debug \

   --enable-verbose-debug \

   --disable-bias

It catches my spam very well, but I just cannot send emails.  Thanks in advance for all the help.

----------

## cecep_mr

change your configure options:

```

[...]

--with-dspam-home-owner=cyrus \

--with-dspam-home-group=mail \

--with-dspam-owner=cyrus \

--with-dspam-group=mail \

[...]

```

----------

## jeffk

FYI, DSPAM 3.0.0 has been released.

----------

## DAWG98

jeffk

I tried dspam 3.0.0 (stable) but I cannot configure.  It gives me errors; i.e., the program does not appear to disget with-delivery-agent = ; prefix= ; with-dspam-home.

Cecep_mr,

no go on the recompile.  I think my issue is that when sending mail to outside recipients postifx(or cyrus?) cannot understand to forward to ouside people, but rather the email runs through cyrus/dspam again and the programs attempt to deliver to a local mailbox.  OF course that does not work, since there is no such mailbox. 

Accordingly, I need to determine (hopefully with some help ;) how to make postifx/cyrus forward mail to the outside instead of looping it back to me.

Sounds like main/master.cf config issue.

DAWG

----------

## cecep_mr

My doc has update to dspam 3.0.0 STABLE (yup, in Indonesian  :Very Happy: ).

http://comlabs.itb.ac.id/~cecep/HOWTO/mailfiltering_postfix_amavis_dspam.html

Change from previous doc:

Configure options:

```

./configure \

   --with-dspam-home=/var/dspam \

   --with-dspam-home-owner=dspam \

   --with-dspam-home-group=postdrop \

   --with-dspam-owner=dspam \

   --with-dspam-group=postdrop \

   --with-dspam-mode=4510 \

   --with-delivery-agent=/usr/sbin/sendmail \

   --with-storage-driver=mysql_drv \

   --with-mysql-includes=/usr/include/mysql \

   --with-mysql-libraries=/usr/lib/mysql \

   --disable-trusted-user-security \

   --enable-large-scale \

   --enable-virtual-users \

   --enable-long-usernames \

   --enable-opt-in \

   --enable-spam-subject

```

Change in /etc/postfix/master.cf

```

dspam                unix   -   n   n   -   -   pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --deliver=innocent,spam

  --feature=chained,noise -i -f ${sender} -- %u --user ${recipient}

dspam-add            unix   -   n   n   -   -   pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --user ${user}@${nexthop}

  --class=spam     --source=error -i -f ${sender} -- %u --deliver=spam

dspam-fp             unix   -   n   n   -   -   pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam  --mode=teft --user ${user}@${nexthop}

  --class=innocent --source=error -i -f ${sender} -- %u --deliver=innocent

```

And finally, code for setup new cgi-client (without virtualhost)

```

#!/bin/sh

#

# script for setup dspam cgi with suexec wrapper

# (c)2004. Cecep Mahbub (cecep@comlabs.itb.ac.id)

#

# note: compile apache with --enable-suexec option. (enable by default in gentoo portage)

 

# config

HTDOCS="/var/www/localhost/htdocs"

SOURCE="/root/sources/dspam-3.0.0"

 

DSPAM_USER="dspam"

DSPAM_GROUP="users"

 

SUEXEC="/usr/sbin/suexec2"

 

# copy cgi files

cp -Rp $SOURCE/cgi $HTDOCS/dspam

                                                                                                                    

# create suexec wrapper

cd $HTDOCS/dspam

                                                                                                                    

for a in *.cgi; do

   echo "#!/bin/sh" > `basename $a .cgi`.tmp

   echo "exec $SUEXEC $DSPAM_USER $DSPAM_GROUP ./`basename $a .cgi`_orig.cgi" >> `basename $a .cgi`.tmp

done

                                                                                                                    

for b in *.cgi; do

   mv $b `basename $b .cgi`_orig.cgi

done

                                                                                                                    

for c in *.tmp; do

   mv $c `basename $c .tmp`.cgi

done

                                                                                                                   

# fix permission and owner

chown -R $DSPAM_USER:$DSPAM_GROUP $HTDOCS/dspam

chmod 755 $HTDOCS/dspam

chmod 755 $HTDOCS/dspam/*.cgi

# create file .htaccess

cat << HTACCESS > .htaccess

Options ExecCGI

                                                                                                                    

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /etc/dspam.auth

Require valid-user

HTACCESS

```

Don't forget to add user for cgi client:

```

htpasswd2 -c /etc/dspam.auth user@example.com

```

And edit /var/www/localhost/dspam/dspam_orig.cgi:

```

$CONFIG{'LARGE_SCALE'}  = 1;                    # --enable-large-scale

```

Last edited by cecep_mr on Mon Jun 14, 2004 10:31 pm; edited 2 times in total

----------

## w00kie

I just compiled dSpam 3.0 STABLE and my /var/dspam is empty

is it normal???

----------

## DAWG98

I get an error compiling:

```

configure: WARNING: you should use --build, --host, --target

configure: WARNING: invalid host type:

checking for a BSD-compatible install... /bin/install -c

checking whether build environment is sane... yes

checking for gawk... gawk

checking whether make sets $(MAKE)... yes

checking build system type... config.sub: missing argument

Try `config.sub --help' for more information.

configure: error: /bin/sh ./config.sub   failed

./compile: line 7: --with-dspam-mode=4510: command not found

./compile: line 9: --with-delivery-agent=/usr/cyrus/bin/deliver -d $u: No such file or directory

```

This is my configure file:

```

./configure \

   --with-dspam-home=/var/dspam \

   --with-dspam-home-owner=dspam \

   --with-dspam-home-group=postdrop \

   --with-dspam-owner=dspam \

   --with-dspam-group=postdrop \

   --with-dspam-mode=4510 \

   --with-delivery-agent="/usr/cyrus/bin/deliver -d \$u" \

   --enable-spam-subject \

   --enable-parse-to-headers \

   --enable-virtual-users \

   --enable-debug \

   --enable-verbose-debug \

   --disable-bias

```

----------

## cecep_mr

 *DAWG98 wrote:*   

> 
> 
> no go on the recompile.  I think my issue is that when sending mail to outside recipients postifx(or cyrus?) cannot understand to forward to ouside people, but rather the email runs through cyrus/dspam again and the programs attempt to deliver to a local mailbox.  OF course that does not work, since there is no such mailbox. 
> 
> Accordingly, I need to determine (hopefully with some help  how to make postifx/cyrus forward mail to the outside instead of looping it back to me.
> ...

 

You must recompile your dspam.

dspam transport in your master.cf runing as user cyrus. but, your compile options 

 *DAWG98 wrote:*   

> 
> 
> ```
> 
> --with-dspam-home=/var/dspam \
> ...

 

So, your cyrus user cannot execute dspam (see your logs)

 *DAWG98 wrote:*   

> 
> 
> Jun 12 23:54:53 poseidon pipe[927]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied
> 
> Jun 12 23:58:43 poseidon pipe[980]: fatal: pipe_comand: execvp /usr/local/bin/dspam: Permission denied
> ...

 

To fix that problem, you can make world executeable /usr/local/bin/dspam

```

chmod 4751 /usr/local/bin/dspam

```

But the best way is recompile your dspam:

```

./configure \

--with-dspam-home-owner=cyrus \

--with-dspam-home-group=mail \

--with-dspam-owner=cyrus \

--with-dspam-group=mail \

[... etc ] 

```

----------

## DAWG98

Thanks for your answer..but my stuff must be really messed up:

I tried chmoding dspam to 4751 (before I do a recompile).  I still get an error message:

```

Jun 14 12:54:17 poseidon dspam[17560]: DB_ENV->open failed: /var/dspam/data/HIDDEN@hottmail.com: Permission denied

Jun 14 12:54:17 poseidon dspam[17560]: unable to initialize dspam context

Jun 14 12:54:17 poseidon dspam[17560]: process_message returned error -2.  delivering message.

Jun 14 12:54:17 poseidon postfix/smtpd[17534]: disconnect from localhost[127.0.0.1]

Jun 14 12:54:18 poseidon postfix/lmtp[17531]: 7C898606D0: to=<HIDDEN@hotmail.com>, relay=127.0.0.1[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok, id=12195-03-3, from MTA: 250 Ok: queued as C2FA7606D6)

Jun 14 12:54:18 poseidon postfix/pipe[17536]: C2FA7606D6: to=<HIDDEN@hotmail.com>, relay=dspam, delay=1, status=bounced (data format error. Command output: HIDDEN@hotmail.com: Mailbox does not exist HIDDEN@hotmail.com: Mailbox does not exist 17560: [Mon Jun 14 12:54:18 2004] LDA returned error, exit code: 65, LDA command line: /usr/cyrus/bin/deliver HIDDEN@hotmail.com -f user@domain.net -- HIDDEN@hotmail.com  )

Jun 14 12:54:18 poseidon postfix/cleanup[17528]: 12E2A606D0: message-id=<20040614195418.12E2A606D0@poseidon.dom.ain.org>

Jun 14 12:54:18 poseidon postfix/qmgr[12385]: 12E2A606D0: from=<>, size=3574, nrcpt=1 (queue active)

Jun 14 12:54:18 poseidon postfix/pipe[17566]: 12E2A606D0: to=<user@localhost.dom.ain.org>, orig_to=<user@dom.ain.net>, relay=cyrus, delay=0, status=bounced (Command died with status 1: "/usr/local/bin/dspam". Command output: 17567: [Mon Jun 14 12:54:18 2004] No training mode was specified, you insensitive clod! )

```

I can fix the 'no training method error' if I add --mode=teft to my cyrus line in the master.cf...but that should not be.

On the bright side, Dspam filters all incoming mail ;)

----------

## cecep_mr

 *DAWG98 wrote:*   

> I get an error compiling:
> 
> ```
> 
> configure: WARNING: you should use --build, --host, --target
> ...

 

Create file (exp: dspam-3.0.0/configure.sh):

```

#!/bin/sh

./configure \

   --with-dspam-home=/var/dspam \

   --with-dspam-home-owner=dspam \

   --with-dspam-home-group=postdrop \

   --with-dspam-owner=dspam \

   --with-dspam-group=postdrop \

   --with-dspam-mode=4510 \

   --with-delivery-agent="/usr/cyrus/bin/deliver -d \$u" \

   --enable-spam-subject \

   --enable-parse-to-headers \

   --enable-virtual-users \

   --enable-debug \

   --enable-verbose-debug \

   --disable-bias

```

and then run your script:

chmod 755 configure.sh

./configure.sh

its easy to reconfigure when you want change configure options, and prevent error because miss type.

good luck

----------

## cecep_mr

 *DAWG98 wrote:*   

> Thanks for your answer..but my stuff must be really messed up:
> 
> I tried chmoding dspam to 4751 (before I do a recompile).  I still get an error message:
> 
> ```
> ...

 

OK, its more clearer. It's look like when you want sent mail to outside its go to dspam filter  :Smile: 

So, to by pass the filter, your must create smtp without filter:

/etc/postfix/master.cf

```

your_server_ip:10030   inet   n   -   n   -   -   smtpd

  -o content_filter=

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o mynetworks=your_subnet/mask

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

```

And your netscape client smtp must pointing to your_server_ip port 10030

----------

## cecep_mr

 *w00kie wrote:*   

> I just compiled dSpam 3.0 STABLE and my /var/dspam is empty
> 
> is it normal???

 

1. normal, if you dont use mysql driver. with mysql driver you must create /var/dspam/mysql.data (see README)

2. normal, if no mail come (not yet)

NOTE: If your compile options use --enable-opt-in, you must create /var/dspam/opt-in/your_user.dspam

----------

## Styles

is it my understanding that we should use DSPAM 2.10 if we dont want to use the quarantine feature ?? I really dont need my users learning something new because it would take more of my time away.

BTW they released DSPAM 3.00 STABLE TODAY!!

Thanx,

Eric

----------

## cecep_mr

 *Styles wrote:*   

> is it my understanding that we should use DSPAM 2.10 if we dont want to use the quarantine feature ?? 
> 
> 

 

You can do with 3.x (sorry, my previous post is totally wrong).

 *Styles wrote:*   

> 
> 
> I really dont need my users learning something new because it would take more of my time away.
> 
> BTW they released DSPAM 3.00 STABLE TODAY!!
> ...

 

My system has upgraded to 3.0.0 STABLE without loosing all training data.

Just do like README says:

Backup your database firts:

mysqldump -u root -p dspam > dspam.sql

And then create file upgrade.sql

```

     alter table dspam_stats add spam_learned int;

     alter table dspam_stats add innocent_learned int;

     alter table dspam_stats add spam_classified int;

     alter table dspam_stats add innocent_classified int;

     update dspam_stats set spam_learned = total_spam;

     update dspam_stats set innocent_learned = total_innocent;

     update dspam_stats set spam_classified = 0, innocent_classified = 0;

     alter table dspam_stats drop column total_spam;

     alter table dspam_stats drop column total_innocent;

     alter table dspam_stats add spam_misclassified int;

     alter table dspam_stats add innocent_misclassified int;

     update dspam_stats set spam_misclassified = spam_misses;

     update dspam_stats set innocent_misclassified = false_positives;

     alter table dspam_stats drop column spam_misses;

     alter table dspam_stats drop column false_positives;

```

mysql -u root -p dspam < upgrade.sql

And your database is ready for 3.0.0 STABLE. Recompile your dspam 3.x, and fix your postfix master.cf for new dspam 3.x

Good luck

----------

## DAWG98

Thanks CeCep, I was able to compile 3.0 ;)

As to my postfix dilemma:

I can now send mail.  I got rid of my virtual aliases since they cannot use pipe (found that tidbit after much reading.)

I also added the code suggested by you to my master.cf; however, it still does not work.  I can sendmail, but they outbound email still runs though the dspam process (Add stats and all for outbound recipient).  The mail is send via fallback (using outside smtp server) after the error (same as described above).

So I can send mail since I somehow figured out how to use a fallback, but the issue remains, outbound emails is send through the filtering process ;(

I can telnet to port 10030 and get the appropriate ESMTP message, however when sending email I get this (I know we are getting a little off topic here):

```

Jun 15 00:27:09 poseidon postfix/smtpd[5773]: connect from cronos[192.168.0.55]

Jun 15 00:27:09 poseidon postfix/smtpd[5773]: fatal: bad net/mask pattern: your_subnet/mask

Jun 15 00:27:10 poseidon postfix/master[5682]: warning: process /usr/lib/postfix/smtpd pid 5773 exit status 1

Jun 15 00:27:10 poseidon postfix/master[5682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

```

I used 192.168.0.1 for the server ip.

What am I missing ?

----------

## cecep_mr

 *Quote:*   

> Jun 15 00:27:09 poseidon postfix/smtpd[5773]: connect from cronos[192.168.0.55]
> 
> Jun 15 00:27:09 poseidon postfix/smtpd[5773]: fatal: bad net/mask pattern: your_subnet/mask
> 
> Jun 15 00:27:10 poseidon postfix/master[5682]: warning: process /usr/lib/postfix/smtpd pid 5773 exit status 1
> ...

 

 :Very Happy: 

```

192.168.0.1:10030   inet   n   -   n   -   -   smtpd

  -o content_filter=

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o mynetworks=your_subnet/mask

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

```

change mynetworks=your_subnet/mask with your subnet (maybe, 192.168.0.0/24)

-o mynetworks=192.168.0.0/24

----------

## DAWG98

You are a star!!!!!!

Works like a champ.  That should be a lesson, don't read and type when you are tired ;)

Thanks for all the help.

DAWG

----------

## cPF

I prefer using Dspam in the way I used to filter my mail with SpamAssassin before. 

Fetchmail -> Procmail -> DSpam -> Anomy Sanitizer -> Maildir

Here's the config I use with mysql database backend (ideally there should be   a USE flag for it).

```

./configure --prefix=/usr \

    --with-dspam-home-group=dspam --with-dspam-home-mode=775 \

    --with-dspam-group=dspam --with-dspam-owner=dspam --with-dspam-mode=6111 \

    --disable-trusted-user-security --enable-delivery-to-stdout --enable-spam-delivery \

    --with-storage-driver=mysql_drv --with-mysql-includes=/usr/include/mysql/ --with-mysql-libs=/usr/lib/mysql \

    --enable-neural-networking --enable-whitelist --enable-alternative-bayesian --enable-chi-square \

    --disable-user-logging --disable-system-logging

```

All email users belong to group 'users' in my setup. 

Systemwide /etc/procmailrc has the following

```

...

:0fw

* < 524288

| /usr/bin/dspam --user $LOGNAME --mode=toe --stdout --deliver=innocent,spam --feature=chained,noise,whitelist

:0

* ^X-DSPAM-Result: spam

.spam/

...

```

Mysql database is setup using the script provided in tools.mysql/ and 

/var/dspam/mysql.data contains something like the following for mysql authentication:

```

/var/run/mysqld/mysqld.sock

dspamuser

<mypasswordhere>

dspamdb

```

Obviously user and group 'dspam' has to be created also.

I urge developers to give user option to install dspam with permission suitable for this type of filtering.

----------

## Styles

Got a question I'm a little confused cecep or anybody.

In my /etc/postfix/transport.domain

I should just point right back to the mail server with the relative DNS entries for ham and spam.example.com etc... correct??? or will that start a loop?

Cheers,

Eric

---UPDATE!!!!!!----

I'm geting a bad transport type in /var/log/messages from postfix master.cf

 *Quote:*   

> 
> 
> postfix/master[21182]: fatal: /etc/postfix/master.cf: line 50: bad transport type: user=dspam
> 
> 

 

My entry in master.cf

 *Quote:*   

> 
> 
> dspam                unix       -       n       n       -       10      pipe
> 
> flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --deliver=innocent,spam --feature=chained,noise -i -f ${sender} -- %u --$
> ...

 

any ideas ???Last edited by Styles on Tue Jun 15, 2004 7:43 pm; edited 4 times in total

----------

## w00kie

has somebody been successful installing dSpam 3.0 with Postfix and Procmail as the delivery agent???

when I receive mail, it goes ok through postfix to dSpam, files are created in  /var/dspam and stuff goes into my mySQL database but mails are silently dropped when they get to procmail

dSpam configure

```
./configure \

   --with-dspam-home=/var/dspam \

   --with-dspam-home-owner=dspam \

   --with-dspam-home-group=postdrop \

   --with-dspam-owner=dspam \

   --with-dspam-group=postdrop \

   --with-dspam-mode=4510 \

   --with-delivery-agent="/usr/bin/procmail -f- -d \$u"\

   --with-storage-driver=mysql_drv \

   --with-mysql-includes=/usr/include/mysql \

   --with-mysql-libraries=/usr/lib/mysql \

   --enable-alternative-bayesian \

   --enable-virtual-users \

   --enable-large-scale \

   --enable-long-usernames \

   --enable-debug \

   --enable-source-address-tracking \

   --disable-trusted-user-security

```

master.cf

```
smtp      inet  n       -       n       -       -       smtpd

       -o content_filter=dspam:dummy

... a whole lot of stuff not pertaining to dSpam ...

# DSPAM

dspam   unix    -       n       n       -       10      pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --feature=chained,noise --user ${recipient}

```

main.cf

```
mailbox_transport = dspam
```

----------

## DAWG98

try mailtransport postfix?

----------

## Styles

ok new problem now... When I try to test postfix and send an e-mail as soon as I type the mail from: me@me.com postfix dose this.

 *Quote:*   

> 
> 
> connect from unknown[192.168.18.182]
> 
> Jun 15 08:25:37 mailx postfix/smtpd[5531]: warning: connect #1 to subsystem private/rewrite: No such file or directory

 

I looked on google but the only thing I found was their computer was not strong enough. And I know my system can handle it.

```

mailx postfix # cat /proc/cpuinfo 

processor       : 0

vendor_id       : GenuineIntel

cpu family      : 15

model           : 2

model name      : Intel(R) Pentium(R) 4 CPU 2.80GHz

stepping        : 9

cpu MHz         : 2800.731

cache size      : 512 KB

physical id     : 0

siblings        : 1

fdiv_bug        : no

hlt_bug         : no

f00f_bug        : no

coma_bug        : no

fpu             : yes

fpu_exception   : yes

cpuid level     : 2

wp              : yes

flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe cid

bogomips        : 5505.02
```

```
mailx postfix # cat /proc/meminfo 

MemTotal:       903640 kB

MemFree:        843652 kB

Buffers:          7424 kB

Cached:          20456 kB

SwapCached:          0 kB

Active:          35012 kB

Inactive:        10320 kB

HighTotal:           0 kB

HighFree:            0 kB

LowTotal:       903640 kB

LowFree:        843652 kB

SwapTotal:     2449904 kB

SwapFree:      2449904 kB

Dirty:               0 kB

Writeback:           0 kB

Mapped:          21688 kB

Slab:             8452 kB

Committed_AS:    24012 kB

PageTables:        240 kB

VmallocTotal:   122804 kB

VmallocUsed:      2332 kB

VmallocChunk:   120472 kB
```

I tried to emerge postfix again with safer CPU flags etc... with no luck..

Anybody seen this before ?

----------

## cecep_mr

 *Styles wrote:*   

> Got a question I'm a little confused cecep or anybody.
> 
> In my /etc/postfix/transport.domain
> 
> I should just point right back to the mail server with the relative DNS entries for ham and spam.example.com etc... correct??? or will that start a loop?
> ...

 

hosts/mx for spam.example.com and ham.example.com should point to dspam box.

Its make your backend server can reach that server without need change or add new setting. 

Its not need to add them to your transport_maps (in dspam box), just create transport regexp for global alias for adding spam/ham training (remember, addspam/ham.example.com doest have real mailbox, just alias for retraining user@example.com)

IMPORTANT: 

If dspam is compiled without --enable-opt-in, you must create/touch file /var/dspam/opt-out/user@spam.example.com.nodspam to by-pass dspam filter. Or, you can create smtp server on another ip (if your dspam box has multiple ip) or new smtp on another port with no content_filter. And then sent all outbound mail (mail out from your network including from your backend server) to that smtp.

----------

## BobDylan

Here is an (ugly) ebuild based on the one submitted on bugzilla to handle the dspam single-user installation on my system.

```
inherit eutils

DESCRIPTION="DSPAM is an extremely scalable, open-source statistical hybrid anti-spam filter"

HOMEPAGE="http://www.nuclearelephant.com/projects/dspam/"

SRC_URI="http://www.nuclearelephant.com/projects/dspam/sources/${P}.tar.gz"

SLOT="0"

LICENSE="GPL-2"

KEYWORDS="x86"

IUSE=""

RDEPEND=">=sys-libs/db-4*"

DEPEND="${RDEPEND}"

src_compile() {

   econf \

      --with-dspam-home=/var/dspam \

      --disable-trusted-user-security \

      --enable-delivery-to-stdout \

      --enable-spam-delivery \

      --enable-chi-square \

      --disable-system-logging \

      --disable-user-logging || die

   emake || die

}

src_install() {

   enewgroup dspam 2000

   enewuser dspam 2000 /bin/false /dev/null dspam

   einfo "Creating the dspam home directory..."

   diropts -m 775 -o dspam -g dspam

   dodir /var/dspam

   einfo "Installing the dspam software..."

   exeopts -m 4711 -o dspam -g dspam

   exeinto /usr/bin

   doexe dspam

   diropts -o root -g root

   exeopts -m 0755 -o root -g root

   cd ${S}/tools

   exeinto /usr/bin

   doexe dspam_2sql dspam_clean dspam_corpus dspam_crc dspam_dump \

      dspam_genaliases dspam_merge dspam_stats

   cd ${S}

   dodir /usr/include/dspam

   insinto /usr/include/dspam

   doins buffer.h decode.h error.h lht.h libdspam.h libdspam_objects.h \

      nodetree.h storage_driver.h

   dodir /usr/lib/pkgconfig

   insinto /usr/lib/pkgconfig

   doins dspam.pc

   cd ${S}/.libs

   dodir /usr/lib

   insinto /usr/lib

   doins libdspam.a

   exeinto /usr/lib

   doexe libdspam.la libdspam.so.5.0.0

   dosym libdspam.so.5.0.0 /usr/lib/libdspam.so.5

   dosym libdspam.so.5.0.0 /usr/lib/libdspam.so

   cd ${S}

   doman dspam.1 dspam_clean.1 dspam_corpus.1 dspam_dump.1 dspam_merge.1 \

      dspam_stats.1

   dodoc CHANGELOG LICENSE README RELEASE.NOTES

}
```

I really would like not to use this ugly hack. Is it possible to let the dspam package create /var/dspam via "einstall" without risking a sandbox violation (and without turning sandboxing off, which is not a solution) ?

When will dspam make its way in portage ?

----------

## DAWG98

All is working (thanks to cecep_mr) but for spam/ham training.  I had to modify his HOWTO since I am not really using a gateway, but rather a standalone server for my homenetwork.  I am running posftix+dspam(+cgi)+cyrus+clamav/amavisd-new.

The only thing seemingly not working is the spam/fp training.  I used aliases as suggested an received an error.  So I tried using the regexp exmaple but I get the following error

```

Jun 17 16:01:47 poseidon postfix/smtpd[1374]: disconnect from poseidon.dom.ain[192.168.0.1]

Jun 17 16:01:47 poseidon dspam[1409]: process_message returned error -5.  delivering message.

Jun 17 16:01:47 poseidon postfix/pipe[1376]: E2F63606C8: to=<user@addspam.dom.ain>, relay=dspam-add, delay=1, status=sent (dom.ain)

```

and stats do not increment.

Any clue?

----------

## cecep_mr

 *DAWG98 wrote:*   

> All is working (thanks to cecep_mr) but for spam/ham training.  I had to modify his HOWTO since I am not really using a gateway, but rather a standalone server for my homenetwork.  I am running posftix+dspam(+cgi)+cyrus+clamav/amavisd-new.
> 
> The only thing seemingly not working is the spam/fp training.  I used aliases as suggested an received an error.  So I tried using the regexp exmaple but I get the following error
> 
> ```
> ...

 

mailfilter gateway:

Virus-Free mail -> Postfix SMTP Server -> smtp-amavis localhost:10024 

-> dspam localhost:10025 -> Postfix queue -> SMTP Backend Server

standalone server with cyrus:

Virus-Free mail -> Postfix SMTP Server -> smtp-amavis localhost:10024 

-> dspam localhost:10025 -> Postfix queue -> deliver to cyrus

all you have to do is, setup your mailserver (based on my howto).

add to your main.cf 

fallback_transport = lmtp:unix:/var/lib/imap/socket/lmtp

note: 

* explanation: check lokal user (/etc/passwd), if dont exist deliver to cyrus (using lmtp)

* remember change /var/lib/imap/socket/lmtp to the right path.

i have not try this setup yet, please report if this work for you  :Smile: 

----------

## Randseed

I'm using exim over here as an MTA. I couldn't get DSPAM to work with exim to save my life, and after a few hours got sick of dealing with it. So I installed pop3filter and have pop3filter sit between tpop3d and the user, sending everything through DSPAM in the process.

The problem is that pop3filter totally hoses the email. It chops off the first few characters of every line, and inserts a colon at the front of every line. Needless to say, this is bad.

So my question is if someone has a nice Gentoo exim-DSPAM integration option out there for a multiuser system. It would probably make a lot of people happy.

----------

## tweakt

I posted my updated ebuild of dspam 3.0. It's attached to the bugzilla link earlier in this thread. Give it a try, and improvements are welcome!

----------

## DAWG98

I fixed my problem.  I removed dspam as a content filter so that postfix hadns off to dspam (not the other way around) and dspam hands off to cyrus.

Works like a champ. 

Thanks again.

----------

## Styles

For some reason dspam will not populate the mysql DB ??? it runs with no errors but will not save any stats nor learn???

So when I run the train.pl script I should see some type of data in the mysql DB correct???

Strange

----------

## embobo

 *Styles wrote:*   

> For some reason dspam will not populate the mysql DB ??? it runs with no errors but will not save any stats nor learn???
> 
> So when I run the train.pl script I should see some type of data in the mysql DB correct???
> 
> Strange

 

Yeah, there a couple things you can look at, as mentioned in section 1.2, "Testing," in /usr/share/doc/dspam-*/README.gz

Look at the stats:

```

mark@moggy mark $ dspam_stats -H mark

mark:

                TS Total Spam:                  0

                TI Total Innocent:              1

                SM Spam Misclassified:          3

                IM Innocent Misclassified:      0

                SC Spam Corpusfed:              0

                IC Innocent Corpusfed:        726

                TL Training Left:            1773

         

mark@moggy mark $

```

Dump the metadata (piped though wc so you don't see 347,019 tokens  :Surprised: )

```

mark@moggy mark $ dspam_dump mark | wc -l

347019

mark@moggy mark $

```

Also, have a look at /var/log/dspam/system.log. There should be something there.

Finally, if you are desperate to see any data:

```

mysqldump --no-create-db -u dspam -p dspam

```

The password is in /etc/mail/dspam/mysql.data.

----------

## jonel

Hello everybody!

And thanks Cecep for a great HOWTO (and kyler for the translation).

I have successfully configured a email relay (not on gentoo, though)

and it's working fine according to the first tests. But I would like

to tweak it further before running it in production. What I would like

to have is:

-  mechanism similar to the transport_maps to choose which domain gets

AV scanned and/or dspammed (that is, I would like to be able to bypass

Amavis or Dspam or both for certain users/domains)

-  choose  (ideally  per user and domian) whether it is dspammed using

it's  individual  database  (--user ) or using the 'global' dspam user

(--user )

Right now I have a 'global' Dspam user (for people who don't care

about individually managing their spam); the Dspam transports

configured in the master.cf file are:

```

dspam                unix      -      n      n      -      -      pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam -i -f ${sender} -- ${recipient}

  --mode=teft --deliver=innocent,spam --feature=chained,noise,whitelist --user global

dspam-add            unix      -      n      n      -      -      pipe

   flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --user global --class=spam --source=error

dspam-del             unix      -      n      n      -      -      pipe 

   flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --user global --class=innocent --source=error  

```

and I would like to have another one as in the HOWTO

```

dspam-individual     unix     -      n     n   -    10       pipe

   flags=Rhq user=dspam argv=/usr/local/bin/dspam -i -f ${sender} -- %u --user ${recipient}

   --mode=teft --deliver=innocent,spam --feature=chained,noise

```

..and the ability to select which users/domains go what route.

(BTW - what exactly does the %u parameter do there?)

I've tried a couple of things in the master.cf file, but obviously I

don't fully understand how it works and I didn't succeed. Do you know

how these could be done?

Thanks again,

jonel

----------

## Cornfed

I just noticed DSPAM is in portage now.

 *Quote:*   

> 
> 
> Searching...   
> 
> [ Results for search key : dspam ]
> ...

 

----------

## UberLord

Hopefully someone will put PostgreSQL support in!

----------

## dsoTm

Ok, I've pieced together my setup from various configs and now I'm stuck. I'm trying to do postfix + clamav (via clamsmtpd) + dspam on the same box instead of a gateway. I had everything working prior to adding dspam, and now I have a mail loop with mail bouncing like so:

host 127.0.0.1[127.0.0.1] said: 554 Error: too many    hops (in reply to end of DATA command)>

It seems that if mail can be delivered via smtp to the mail host (in the gateway example) that the same thing could be achieved on one box, but I can't get it to work. This is a pure virtual-hosting setup with postfixadmin, no local deliveries or domains.

Relevent lines from master.cf:

smtp      inet  n       -       n       -       -       smtpd -v

# AV scan filter (used by content_filter)

scan      unix  -       -       n       -       16      smtp

        -o smtp_send_xforward_command=yes

# SMTP instanced with dspam

127.0.0.1:10026      inet      n      -      n      -      -      smtpd -v

  -o cleanup_service_name=pre-cleanup

  -o content_filter=dspam:dummy

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

  -o mynetworks=127.0.0.0/8

  -o strict_rfc821_envelopes=yes

  -o smtpd_error_sleep_time=0

  -o smtpd_soft_error_limit=1001

  -o smtpd_hard_error_limit=1000

# DSPAM Entries

dspam                unix   -   n   n   -   -   pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --deliver=innocent,spam

  --feature=chained,noise -i -f ${sender} -- %u --user ${recipient}

dspam-add            unix   -   n   n   -   -   pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --user ${user}@${nexthop}

  --class=spam     --source=error -i -f ${sender} -- %u --deliver=spam

dspam-del             unix   -   n   n   -   -   pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam  --mode=teft --user ${user}@${nexthop}

  --class=innocent --source=error -i -f ${sender} -- %u --deliver=innocent

cleanup              unix      n      -      n      -      0      cleanup

  -o header_checks=

  -o mime_header_checks=

  -o nested_header_checks=

  -o body_checks=

pre-cleanup          unix      n      -      n      -      0      cleanup

  -o canonical_maps=

  -o sender_canonical_maps=

  -o recipient_canonical_maps=

  -o masquerade_domains=

  -o virtual_alias_maps=

  -o always_bcc=

  -o sender_bcc_maps=

  -o recipient_bcc_maps=

# For injecting mail back into postfix from the filter

127.0.0.1:10027 inet  n -       n       -       16      smtpd -v

        -o content_filter=

        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks

        -o smtpd_helo_restrictions=

        -o smtpd_client_restrictions=

        -o smtpd_sender_restrictions=

        -o smtpd_recipient_restrictions=permit_mynetworks,reject

        -o mynetworks_style=host

        -o smtpd_authorized_xforward_hosts=127.0.0.0/8

Relevent entries from main.cf:

mailbox_transport = virtual

## Virus Filtering via ClamSMTP

content_filter = scan:127.0.0.1:10025

receive_override_options = no_address_mappings

## Spam filtering via DSPAM

transport_maps =

        regexp:/etc/postfix/regexp/transport,

        hash:/etc/postfix/hash/transport

dspam_destination_recipient_limit = 1

dspam-add_destination_recipient_limit = 1

dspam-del_destination_recipient_limit = 1

fallback_transport = smtp:127.0.0.1:10027

The hashed transport file containts one like, aka example.com smtp:127.0.0.1:10027

DSPAM 3.1.2 Compiled with the following:

Configuration parameters: --with-dspam-home=/var/dspam --with-dspam-home-owner=dspam --with-dspam-home-group=postdrop --with-dspam-owner=dspam --with-dspam-group=postdrop --with-dspam-mode=4510 --with-storage-driver=mysql_drv --with-mysql-includes=/usr/include/mysql --with-mysql-libraries=/usr/lib/mysql --disable-trusted-user-security --enable-domain-scale --enable-virtual-users --enable-long-username --enable-spam-subject --enable-source-address-tracking --enable-signature-headers --enable-whitelist --enable-preferences-extension --enable-opt-in --enable-debug --with-delivery-agent=/usr/sbin/sendmail

Anyways it seems that fallback transport doesn't work, and that it never reads transport_maps, at least as far as outputting from dspam to the unfilted smtp instance no port 10027. Any thoughts? TIA

----------

## Tinitus

Hello Forum,

I have a problem with dspam and lmtp

Here are my config

master.cf

smtp      inet  n       -       n       -       2       smtpd -o content_filter=smtp:[localhost]:10024

#smtps   inet n - n - 2 smtpd -o smtpd_tls_wrappermode=yes -o content_filter=smtp:[localhost]:10024

#  -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes

#submission inet n - n - - smtpd

#  -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes

#628      inet  n       -       n       -       -       qmqpd

pickup    fifo  n       -       n       60      1       pickup

cleanup   unix  n       -       n       -       0       cleanup

qmgr      fifo  n       -       n       300     1       qmgr

#qmgr     fifo  n       -       n       300     1       oqmgr

rewrite   unix  -       -       n       -       -       trivial-rewrite

bounce    unix  -       -       n       -       0       bounce

defer     unix  -       -       n       -       0       bounce

trace     unix  -       -       n       -       0       bounce

verify    unix  -       -       n       -       1       verify

flush     unix  n       -       n       1000?   0       flush

proxymap  unix  -       -       n       -       -       proxymap

smtp      unix  -       -       n       -       -       smtp

relay     unix  -       -       n       -       -       smtp

#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5

showq     unix  n       -       n       -       -       showq

error     unix  -       -       n       -       -       error

local     unix  -       n       n       -       -       local

virtual   unix  -       n       n       -       -       virtual

lmtp      unix  -       -       n       -       -       lmtp

anvil     unix  -       -       n       -       1       anvil

localhost:10025 inet	n	-	n	-	-	smtpd -o content_filter=

#

# Interfaces to non-Postfix software. Be sure to examine the manual

# pages of the non-Postfix software to find out what options it wants.

#

# maildrop. See the Postfix MAILDROP_README file for details.

#

maildrop  unix  -       n       n       -       -       pipe

  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}

cyrus	  unix	-	n	n	-	-	pipe

  user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}

uucp   unix - n n - - pipe

  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

ifmail    unix  -       n       n       -       -       pipe

  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)

bsmtp     unix  -       n       n       -       -       pipe

  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

vscan     unix  -       n       n       -       10       pipe

  user=vscan argv=/usr/sbin/amavis ${sender} ${recipient}

procmail  unix  -       n       n       -       -       pipe

  flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}

here my postconf -npostconf -n

alias_maps = hash:/etc/aliases

canonical_maps = hash:/etc/postfix/canonical

command_directory = /usr/sbin

config_directory = /etc/postfix

content_filter = vscan:

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

defer_transports =

disable_dns_lookups = no

inet_interfaces = all

mail_owner = postfix

mail_spool_directory = /var/mail

mailbox_command =

mailbox_size_limit = 0

mailbox_transport = lmtp:unix:public/lmtp

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

masquerade_classes = envelope_sender, header_sender, header_recipient

masquerade_domains =

masquerade_exceptions = root

message_size_limit = 10240000

mydestination = $myhostname,localhost.$mydomain,$mydomain

myhostname = linux.local

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/packages/postfix/README_FILES

relayhost = xxxxxxxxxxxxxxxxxxxxxxx

relocated_maps = hash:/etc/postfix/relocated

sample_directory = /usr/share/doc/packages/postfix/samples

sender_canonical_maps = hash:/etc/postfix/sender_canonical

sendmail_path = /usr/sbin/sendmail

setgid_group = maildrop

smtp_sasl_auth_enable = yes

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

smtp_sasl_security_options =

smtp_use_tls = no

smtpd_client_restrictions =

smtpd_helo_required = no

smtpd_helo_restrictions =

smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination

smtpd_sasl_auth_enable = no

smtpd_sender_restrictions = hash:/etc/postfix/access

smtpd_use_tls = no

strict_rfc821_envelopes = no

transport_maps = hash:/etc/postfix/transport

unknown_local_recipient_reject_code = 450

I try to get dspam working with

./configure --with-delivery-agent="/usr/lib/cyrus/bin/deliver -q \$u" 

--with-dspam-home-owner=cyrus --with-dspam-home-group=mail 

--with-dspam-owner=cyrus --with-dspam-group=mail 

--with-storage-driver=mysql_drv --with-mysql-includes=/usr/include/mysql

but it will not work...please help

Roland

----------

## dsoTm

Well I'm in the home strech now, got everything working great, and just need some help with the following:

Looking for a lil help clearing up what seems to be a PCRE issue here.

Have postfix and spam setup and working just fine, and I'm trying to handle per-user ham/spam learning with a postfix header check like so:

# Catch Ham/Spam forwards and redirect for training

/^.*@spam.(.*)$/        FILTER dspam-add:${1}

/^.*@ham.(.*)$/         FILTER dspam-del:${1}

So user@example.com forwards mail to user@spam.example.com which postfix catches with the header check and then redirects it to the dspam-add or dspam-del pipe instance in master.cf. Everything is working as expected, except the pcre expression is picking up the trailing ">" in the address and throwing things off like so:

Sep 27 03:35:11 [postfix/cleanup] 30154AC4A5: filter: header To: <joe@ham.example.com> from localhost[127.0.0.1]; from=<test

@example2.com> to=<test@ham.example.com> proto=ESMTP helo=<mail.example.com>: dspam-del:example.com>

I've tried playing with the strict_rfc821 setting in postfix, and it didn't seem to make a difference, so I'm assuming it is a pcre expression issue.

Also, in my digging about PCRE and header check stuff, I noticed that you can do nested if statements when evaluating checks. Perhaps someone more knowledgeable than I in the ways of regexp/pcre can think of a few other header checks (such as checking for X-DSPAM-Signature) for security/sanity purposes or is there really no need since if someone sends a bogus message to a spam/ham subdomain dspam will just barf when it can't find a matching signature. TIA

Roland:

You need to be more specific than saying it's not working.... What isn't working and what errors are you getting in your logs.

----------

## radonsg

I using postfix+cyrus-imap and I configure my system according to http://www.delouw.ch/linux/Postfix-Cyrus-Web-cyradm-HOWTO/html/index.html

and I tried to add dsapm to it instead of using spamassassin. I followed the documentation on http://devnull.com/kyler/dspam.20040609.html.

master.cf

********

smtp      inet  n       -       n       -       -       smtpd

#smtps	  inet	n	-	n	-	-	smtpd

#  -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes

#submission	inet	n	-	n	-	-	smtpd

#  -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes

#628      inet  n       -       n       -       -       qmqpd

pickup    fifo  n       -       n       60      1       pickup

cleanup   unix  n       -       n       -       0       cleanup

#qmgr      fifo  n       -       n       300     1       qmgr

qmgr     fifo  n       -       n       300     1       nqmgr

#tlsmgr	  fifo	-	-	n	300	1	tlsmgr

rewrite   unix  -       -       n       -       -       trivial-rewrite

bounce    unix  -       -       n       -       0       bounce

defer     unix  -       -       n       -       0       bounce

flush     unix  n       -       n       1000?   0       flush

proxymap  unix  -       -       n       -       -       proxymap

smtp      unix  -       -       n       -       -       smtp

relay     unix  -       -       n       -       -       smtp

#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5

showq     unix  n       -       n       -       -       showq

error     unix  -       -       n       -       -       error

local     unix  -       n       n       -       -       local

virtual   unix  -       n       n       -       -       virtual

lmtp      unix  -       -       n       -       -       lmtp

#

# Interfaces to non-Postfix software. Be sure to examine the manual

# pages of the non-Postfix software to find out what options it wants.

#

# maildrop. See the Postfix MAILDROP_README file for details.

#

maildrop  unix  -       n       n       -       -       pipe

  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}

#

# The Cyrus deliver program has changed incompatibly, multiple times.

#

old-cyrus unix  -       n       n       -       -       pipe

  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}

# Cyrus 2.1.5 (Amos Gouaux)

cyrus     unix  -       n       n       -       -       pipe

  #user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m

#${extension} ${user}

  user=cyrus:mail argv=/usr/local/bin/dspam --user ${user} -e -r ${sender} -m ${extension}

uucp      unix  -       n       n       -       -       pipe

  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

ifmail    unix  -       n       n       -       -       pipe

  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)

bsmtp     unix  -       n       n       -       -       pipe

  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

# amavisd-new + clamav : virus checker

# dspam                : spam checker

smtp                 inet      n      -      n      -      -      smtpd

  -o content_filter=smtp-amavis:[127.0.0.1]:10024

smtp-amavis          unix      -      -      n      -      2      lmtp

  -o smtp_send_xforward_command=yes

127.0.0.1:10025      inet      n      -      n      -      -      smtpd

  -o cleanup_service_name=pre-cleanup

  -o content_filter=dspam:dummy

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

  -o mynetworks=127.0.0.0/8

  -o strict_rfc821_envelopes=yes

  -o smtpd_error_sleep_time=0

  -o smtpd_soft_error_limit=1001

  -o smtpd_hard_error_limit=1000

127.0.0.1:10026      inet      n      -      n      -      -      smtpd

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

  -o mynetworks=127.0.0.0/8

  -o strict_rfc821_envelopes=yes

  -o smtpd_error_sleep_time=0

  -o smtpd_soft_error_limit=1001

  -o smtpd_hard_error_limit=1000

dspam                unix      -      n      n      -      -      pipe

  flags=Rhq user=dspam argv=/usr/local/bin/dspam -i -f ${sender} -- %u --user ${recipient}

dspam		     unix	-	n	n	-	10	pipe

  flags=Rhq user=dspam  argv=/usr/local/bin/dspam --mode=teft --deliver=innocent,spam --feature=chained,noise -f ${sender} -m %u --user ${recipient}

# The above two lines are for dspam 3.x, otherwise it will call you an insensitive clod ...

# and possibly make you cry like a little girl with a skinned knee... I know I did

cleanup              unix      n      -      n      -      0      cleanup

  -o header_checks=

  -o mime_header_checks=

  -o nested_header_checks=

  -o body_checks=

pre-cleanup          unix      n      -      n      -      0      cleanup

  -o canonical_maps=

  -o sender_canonical_maps=

  -o recipient_canonical_maps=

  -o masquerade_domains=

  -o virtual_alias_maps=

  -o always_bcc=

  -o sender_bcc_maps=

  -o recipient_bcc_maps=

local                unix      -      n      n      -      -      local

  -o content_filter=

  -o myhostname=localhost

  -o local_recipient_maps=

  -o relay_recipient_maps=

  -o mynetworks=127.0.0.0/8

  -o mynetworks_style=host

  -o smtpd_restriction_classes=

  -o smtpd_client_restrictions=

  -o smtpd_helo_restrictions=

  -o smtpd_sender_restrictions=

  -o smtpd_recipient_restrictions=permit_mynetworks,reject

dspam-add            unix      -      n      n      -      -      pipe

   flags=Rhq user=dspam argv=/usr/local/bin/dspam --user ${user}@${nexthop} --addspam

   flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --user ${user}@${nexthop} --class=spam --source=error

# --class=spam --source=error is for dspam 3.x

dspam-del             unix      -      n      n      -      -      pipe 

   flags=Rhq user=dspam argv=/usr/local/bin/dspam --user ${user}@${nexthop} --falsepositive  

   flags=Rhq user=dspam argv=/usr/local/bin/dspam --mode=teft --user ${user}@${nexthop} --class=innocent --source=error

# --class=innocent --source=error is for dspam 3.x

main.cf

******

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix

myhostname = cluster01.inforev.com.sg

mydomain = inforev.com.sg

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, example.com, \ mysql:/etc/postfix/mysql-mydestination.cf

unknown_local_recipient_reject_code = 450

mynetworks_style = subnet

relay_domains = $mydestination, example.com

alias_maps = hash:/etc/postfix/aliases

mailbox_transport = cyrus

fallback_transport = cyrus

debugger_command =

	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

	 xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix

newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.0.16/samples

readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES

alias_database = hash:/etc/postfix/aliases

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf

sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf

# SMTP Authentication with SASL and PAM

smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

smtpd_sasl_security_options = noanonymous

smtpd_sasl_local_domain = 

broken_sasl_auth_clients = yes

transport_maps = regexp:/etc/postfix/transport_regexp, hash:/etc/postfix/transport.domain

# IMPORTANT!		 

dspam_destination_recipient_limit = 1

dspam-add_destination_recipient_limit = 1

dspam-fp_destination_recipient_limit = 1

dspam conf

*********

./configure 

--with-dspam-home=/var/dspam 

--with-dspam-home-owner=dspam 

--with-dspam-home--group=postdrop 

--with-dspam-owner=dspam

--with-dspam-group=postdrop

--with-dspam-mode=4510 --with-delivery-agent="/usr/lib/cyrus-imapd/deliver -d \$u" --with-storage-driver=mysql_drv --with-mysql-includes=/usr/include/mysql --with-mysql-libraries=/usr/lib/mysql 

--enable-alternative-bayesian 

--disable-trusted-user-security 

--enable-large-scale 

--enable-virtual-users 

--enable-long-usernames

Log

***

Oct 22 13:26:57 cluster01 postfix/smtpd[32287]: connect from localhost.cluster01[127.0.0.1]

Oct 22 13:26:57 cluster01 postfix/smtpd[32287]: 917393EBB: client=localhost.cluster01[127.0.0.1]

Oct 22 13:26:57 cluster01 postfix/cleanup[32289]: 917393EBB: message-id=<200410221331.25423.test@example.com>

Oct 22 13:26:57 cluster01 postfix/nqmgr[32286]: 917393EBB: from=<test@example.com>, size=512, nrcpt=1 (queue active)

Oct 22 13:26:57 cluster01 amavis[32027]: (32027-02) LMTP::10024 /var/spool/amavis/amavis-20041022T131957-32027: <test@example.com> -> <test.example.com@cluster01.inforev.com.sg> Received: SIZE=512 from cluster01.inforev.com.sg ([127.0.0.1]) by localhost (cluster01 [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 32027-02 for <test.example.com@cluster01.inforev.com.sg>; Fri, 22 Oct 2004 13:26:57 +0800 (SGT)

Oct 22 13:26:57 cluster01 postfix/smtpd[32287]: disconnect from localhost.cluster01[127.0.0.1]

Oct 22 13:26:57 cluster01 amavis[32027]: (32027-02) Checking: <test@example.com> -> <test.example.com@cluster01.inforev.com.sg>

Oct 22 13:26:57 cluster01 amavis[32027]: (32027-02) cached 68b329da9893e34099c7d8ad5cb9c940 from <test@example.com> (1,1,0)

Oct 22 13:26:57 cluster01 amavis[32027]: (32027-02) FWD via SMTP: [127.0.0.1]:10025 <test@example.com> -> <test.example.com@cluster01.inforev.com.sg>

Oct 22 13:26:57 cluster01 postfix/smtpd[32296]: connect from localhost.cluster01[127.0.0.1]

Oct 22 13:26:57 cluster01 postfix/smtpd[32296]: D29693EBD: client=localhost.cluster01[127.0.0.1]

Oct 22 13:26:57 cluster01 postfix/cleanup[32297]: D29693EBD: message-id=<200410221331.25423.test@example.com>

Oct 22 13:26:58 cluster01 postfix/nqmgr[32286]: D29693EBD: from=<test@example.com>, size=1011, nrcpt=1 (queue active)

Oct 22 13:26:58 cluster01 amavis[32027]: (32027-02) Passed, <test@example.com> -> <test.example.com@cluster01.inforev.com.sg>, Message-ID: <200410221331.25423.test@example.com>, Hits: -

Oct 22 13:26:58 cluster01 amavis[32027]: (32027-02) TIMING [total 356 ms] - SMTP LHLO: 2 (1%), SMTP pre-MAIL: 0 (0%), SMTP pre-DATA-flush: 3 (1%), SMTP DATA: 34 (10%), body hash: 1 (0%), mime_decode: 16 (5%), fwd-connect: 25 (7%), fwd-mail-from: 15 (4%), fwd-rcpt-to: 5 (1%), write-header: 6 (2%), fwd-data: 0 (0%), fwd-data-end: 243 (68%), fwd-rundown: 1 (0%), unlink-1-files: 5 (1%), rundown: 0 (0%)

Oct 22 13:26:58 cluster01 postfix/smtpd[32296]: disconnect from localhost.cluster01[127.0.0.1]

Oct 22 13:26:58 cluster01 postfix/lmtp[32295]: 917393EBB: to=<test.example.com@cluster01.inforev.com.sg>, orig_to=<test@example.com>, relay=127.0.0.1[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok, id=32027-02, from MTA: 250 Ok: queued as D29693EBD)

Oct 22 13:26:58 cluster01 master[32303]: about to exec /usr/lib/cyrus-imapd/lmtpd

Oct 22 13:26:58 cluster01 lmtpunix[32303]: executed

Oct 22 13:26:58 cluster01 lmtpunix[32303]: accepted connection

Oct 22 13:26:58 cluster01 lmtpunix[32303]: lmtp connection preauth'd as postman

Oct 22 13:26:58 cluster01 postfix/pipe[32299]: D29693EBD: to=<test.example.com@cluster01.inforev.com.sg>, relay=dspam, delay=1, status=bounced (data format error. Command output: test.example.com+test.example.com@cluster01.inforev.com.sg@cluster01.inforev.com.sg: Bad protocol 32300: [10/22/2004 13:26:58] Delivery agent returned error, exit code: 65, command line: /usr/lib/cyrus-imapd/deliver -d test.example.com@cluster01.inforev.com.sg -f test@example.com -m test.example.com@cluster01.inforev.com.sg  )

Oct 22 13:26:58 cluster01 postfix/cleanup[32289]: 899103EBB: message-id=<20041022052658.899103EBB@cluster01.inforev.com.sg>

Oct 22 13:26:58 cluster01 postfix/nqmgr[32286]: 899103EBB: from=<>, size=3403, nrcpt=1 (queue active)

Oct 22 13:26:58 cluster01 lmtpunix[32303]: accepted connection

Oct 22 13:26:58 cluster01 lmtpunix[32303]: lmtp connection preauth'd as postman

Oct 22 13:26:58 cluster01 lmtpunix[32303]: IOERROR: fstating sieve script /var/lib/imap/user/t/test^example^com/defaultbc: No such file or directory

Oct 22 13:26:58 cluster01 lmtpunix[32303]: duplicate_check: <20041022052658.899103EBB@cluster01.inforev.com.sg> user.test^example^com 0

Oct 22 13:26:59 cluster01 lmtpunix[32303]: mystore: starting txn 2147483659

Oct 22 13:26:59 cluster01 lmtpunix[32303]: mystore: committing txn 2147483659

Oct 22 13:26:59 cluster01 lmtpunix[32303]: duplicate_mark: <20041022052658.899103EBB@cluster01.inforev.com.sg> user.test^example^com 1098422818 8

Oct 22 13:26:59 cluster01 postfix/pipe[32306]: 899103EBB: to=<test.example.com@cluster01.inforev.com.sg>, orig_to=<test@example.com>, relay=cyrus, delay=1, status=sent (cluster01.inforev.com.sg)

What should I do? Thanks.

----------

## Digitaldaz

I don't know where I'm going wrong here, dspam seems to be partially working. If i send mail to user@spam.xxx.com in the stats list rather than modifying user@xxx.com I get another user in the list user@xxx.com with the mail marked as innocent.

Any ideas?

----------

## DAWG98

I added a transport_regexp to my postfix config

Add the appropriate line in main.cf

```

transport_maps = pcre:/etc/postfix/transport_regexp

```

Also add a file transport_regexp containing the following:

```

/^.*@spam.(.*)$/     dspam-add:${1}

/^.*@fp.(.*)$/       dspam-fp:${1}

```

and postmap the file.

```

postmap /etc/postfix/transport_regexp 

```

I also added an entry to my /etc/resolv.conf

under 'domain' add your actual domain and then 

```

spam.your.domain.com

```

good luck[/code]

----------

## cheops05

I am 90% complete on a setup on gentoo for the following at domain level is anyone interested in a howto?

qmail+vpopmail+courier-imap+clamav+dspam+dspam-web

this is a great statistical spam filter currently getting 99.4% accuracy is anyone interested? 

cheops  :Laughing: 

----------

## mallchin

Sounds great, sure a how-to would be appreciated.

Similar to my setup: Courier, amavisd-new (using clamd) & dspam..

Very effective at over 99% detection rate. Also easy training, not spam, simply drop in 'not spam' folder, innocent mail goes in the 'innocent mail' folder. Works a treat.

----------

## Esteban

My configuration is

 *Quote:*   

> fetchmail + amavisd +  postfix + courier-imap + clamav + dspam + dspam-web

 

I want to add support for dspam...

So, I emerged it (3.2.6).

In the file /usr/share/doc/dspam-3.2.6/README.postfix.gz, it is said :

```
Postfix will deliver to mailbox_transport as user 'nobody'.

This is set by the option 'default_privs'.

Postfix is installed setuid root setgid dspam.

Add 'nobody' to /etc/mail/dspam/trusted.users

mailbox_transport = /usr/bin/dspam --user %u --deliver=innocent --mode=teft --feature=chained,noise,whitelist
```

But it doesn't run. I get this error : 

```
postfix/local[8494]: fatal: connect #11 to subsystem private//usr/bin/dspam
```

I don't find the solution...

----------

## mallchin

Try adding it to /etc/mail/dspam/dspam.conf

```

Trust nobody

```

----------

## Wilderness Child

Will DSPAM work on AMD64? The ebuild does not seem to support it... can I just add amd64 to the KEYWORDS to make it work?

----------

## Esteban

The user nobody is already trusted. The file /etc/mail/dspam/dspam.conf contains :

```
# Trusted Users: Only the users specified below will be allowed to perform

# administrative functions in DSPAM such as setting the active user and

# accessing tools. All other users attempting to run DSPAM will be restricted;

# their uids will be forced to match the active username and they will not be

# able to specify delivery agent privileges or use tools.

#

Trust root

Trust mail

Trust mailnull

Trust daemon

Trust dspam

Trust nobody
```

I didn't post all the error code :

```
postfix/local[8494]: warning: connect #7 to subsystem private//usr/bin/dspam --user %u --deliver=innocent --mode=teft --feature=chained,n

oise,whitelist: No such file or directory
```

My postfix configuration is :

```
command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

unknown_local_recipient_reject_code = 550

debug_peer_level = 2

debugger_command =

         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

         xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /etc/postfix

readme_directory = /usr/share/doc/postfix-2.1.5-r1/readme

default_destination_concurrency_limit = 2

alias_database = hash:/etc/mail/aliases

alias_maps = hash:/etc/mail/aliases

home_mailbox = .maildir/

mydomain = myhome.net

mydestination = $myhostname $myhostname.$mydomain localhost

mailbox_command = /usr/bin/procmail

#mailbox_command = /usr/bin/dspam --user "$USER"@"$DOMAIN" -t DEFAULT=/mail/"$DOMAIN"/"$USER"/Maildir/

#mailbox_command = /usr/bin/dspam --user "$USER"@"$DOMAIN" --mode=toe --deliver=innocent,spam --feature=chained,noise,whitelist

#mailbox_command = /usr/bin/dspam --user "$USER"@"$DOMAIN"

mailbox_transport = /usr/bin/dspam --user %u --deliver=innocent --mode=teft --feature=chained,noise,whitelist

content_filter = smtp-amavis:[127.0.0.1]:10024

```

----------

## mallchin

No such file or directory suggests it can't find dspam, and the mangled 'private//usr/bin/dspam' looks suspect to me.

I don't use postfix so I can't verify how it works, but in my setup this line works as a filter in Courier's maildroprc to filter through dspam:

```

xfilter "/usr/bin/dspam --user $RECIPIENT --mode=teft --feature=chained,noise,tb=0,whitelist --deliver=innocent,spam --stdout"

```

I don't know if postfix is a requirement in your setup; If not this method might help. Here's the full file:

```

import RECIPIENT

import SENDER

import HOME

#logfile "$HOME/.maildrop.log"

# replace blank From: line

if ($SENDER ne "")

{

  FROM=$SENDER

}

else

{

  FROM="unknown"

}

CLEAN_FROM=escape($FROM);

#spam lover?

if ( $RECIPIENT ne "spamlover@mydomain.tld" )

{

  # check for spam using dspam

  xfilter "/usr/bin/dspam --user $RECIPIENT --mode=teft --feature=chained,noise,tb=0,whitelist --deliver=innocent,spam --stdout"

}

# deliver mail

if ( /^X-DSPAM-Result: Spam/)

{

  # try to deliver to SPAM maildir

  exception {

              to "$HOME/Maildir/.Spam/"

            }

}

else

{

  exception {

              to "$HOME/Maildir/"

            }

}

```

----------

## Digitaldaz

Could anyone who has dspam working with exchange possibly post their config files. I really want to use dspam but I'm getting the error -5 and sending mail to user@addspam.domain.com just creates a new user in my stats with innocent mail.

----------

## eNut

I posted this in the Portage and Programming forum, but I think it would apply here as well.  :Very Happy: 

DMTrain - Dspam training script for Maildir/IMAP

This script was born out of a couple frustrations that occurred when I had to rebuild my mailserver. I've been working on this for about a month now and so far it has worked without a hitch. In the spirit of sharing I am releasing it in the hopes that it will be helpfull to other mail admins.

This script basically walks a maildir you specify and pipes each message to dspam using the options you specify. It can then move the messages to another maildir if specified. It contains a facility to scrub messages of dspam tags before training them: Eg. corpus training on a bunch of previously trained messages (primary reason this script came into being Very Happy). It also has support for running with an rc file.

You can download it here http://members.cox.net/kgreunke/dmtrain-1.0.tar.bz2

I am working on a QT frontend that is almost complete.

Please let me know what you think. All suggestions welcome.

Karl

----------

