essay writing service

How to setup Postfix - DSPAM - DBMAIL

Author: Korbinian Pauli

Versions

  • Postfix: Debian 3.0 Package (1.1.11) / Source-Code (2.2.5-3)
  • DSPAM: Source-Code 3.0 / Source-Code 3.6.4 ( http://dspam.nuclearelephant.com/ )
  • DBMAIL: Source-Code 1.2.8b / Source-Code 2.0.9
  • MySQL: Debian Backport Package (4.0.21-0.dotdeb.0) / MySQL Linux x86 generic RPM (4.1.14)

Known Problems

  • At runtime, DBMAIL checks the local system to determine if the user exists or not. Because DSPAM is executed before DBMAIL, DSPAM will generate a new virtual-uid if the user does not exist.
  • Workaround: configure local_recipient_maps in postfix. Postfix can then verify the user before DSPAM ever sees the message.

Compile & Configure DSPAM

./configure --enable-long-usernames                   \
            --prefix=/opt/dspam                       \
            --enable-spam-delivery                    \
            --with-storage-driver=mysql_drv           \
            --enable-virtual-users                    \
            --with-mysql-includes=/usr/include/mysql  \
            --with-mysql-libraries=/usr/lib/          \
            --enable-delivery-to-stdout               \
            --disable-trusted-user-security           \
            --with-dspam-owner=dspam                  \
            --with-dspam-group=dspam



chown dspam.dspam * -R



dspam.conf

TrustedDeliveryAgent "/usr/local/dbmail/sbin/dbmail-smtp -d %u"
UntrustedDeliveryAgent "/usr/local/dbmail/sbin/dbmail-smtp -d %u"


After training is complete, you can set the QuarantineAgent. The WebUI will only checks the mbox under the dspam data directory.

QuarantineAgent "/usr/local/dbmail/bin/dbmail-smtp -m mail/SPAM -u %u"


Enable Alias lookups in MySQL for dspam. This way dspam uses the same userbase as does dbmail

MySQLVirtualTable          dbmail.dbmail_aliases
MySQLVirtualUIDField       deliver_to
MySQLVirtualUsernameField  alias



Alternate delivery through procmail

TrustedDeliveryAgent "/opt/dspam/bin/deliver-to-procmail.sh %u"
UntrustedDeliveryAgent "/opt/dspam/bin/deliver-to-procmail.sh %u"

/opt/dspam/bin/deliver-to-procmail.sh

#!/bin/bash
USER=`/usr/local/sbin/dbmail-users -l $1 | awk '/Username/ {print $3}'`
logger -p mail.info $0 $1 $USER
if [ -r /etc/procmailrcs/$USER ]; then
  cat | /usr/bin/procmail -m /etc/procmailrcs/$USER
else
  cat | /usr/local/sbin/dbmail-smtp -d $USER
fi

Insert your procmail rules into /etc/procmailrcs/$USER.

A typical rule example:

:0:
* ^List-Id:.*dbmail@dbmail.org
| /usr/local/sbin/dbmail-smtp -u $USER -m TechMailingLists/Dbmail

Don't forget a default rule at the end (no filter) to do normal delivery to dbmail, or else procmail will try to deliver non-matching messages into /var/spool :-P

Configure Postfix

/etc/postfix/transport

domain   dspam:
spam.domain  dspam-spam:
ham.domain  dspam-ham:

You may need to add spam.domain and harm.domain to $mydestination in /etc/postfix/main.cf.

/etc/postfix/master.cf

dspam         unix  -       n       n       -       -       pipe flags= \
  user=dspam:dspam argv=/opt/dspam/bin/dspam --deliver=innocent --user ${recipient}
dspam-spam    unix  -       n       n       -       -       pipe flags= \
  user=dspam:dspam argv=/opt/dspam/bin/register-spam ${recipient}
dspam-ham    unix  -       n       n       -       -       pipe flags= \
  user=dspam:dspam argv=/opt/dspam/bin/unregister-spam ${recipient}


Second line of each entry should be indented.

register-spam

#!/bin/sh
  
USER=`echo "$@" | cut -d'@' -f"1"`
SPAMDOMAIN=`echo "$@" | cut -d'@' -f2`

DOMAIN=`echo "$SPAMDOMAIN" | cut -d'.' -f"2 3"`

RECIPIENT="$USER@$DOMAIN"

cat | /opt/dspam/bin/dspam --user $RECIPIENT --class=spam --source=error >> /tmp/dspam_errors.txt 2>&1



unregister-spam

#!/bin/sh

USER=`echo "$@" | cut -d'@' -f"1"`
SPAMDOMAIN=`echo "$@" | cut -d'@' -f2`

DOMAIN=`echo "$SPAMDOMAIN" | cut -d'.' -f"2 3"`


RECIPIENT="$USER@$DOMAIN"

cat | /opt/dspam/bin/dspam --user $RECIPIENT --class=innocent --source=error >> /tmp/dspam_errors.txt 2>&1

Tips & Tricks

The WebUI says please forward it to spam-USER@yourdomain.com so that it can be analyzed and learned as SPAM. With this setup, forward your mail to USER@spam.domain. Forward False-Positives to USER@ham.domain.

You cannot use these addresses to feed DSPAM never before seen messages, because the scripts use “source=error”. The messages must first contain the !DSPAM: marker.

If your WebUI History is empty, but /opt/dspam/var/dspam/data/$USER/$USER.log is not empty, try adding the apache user (wwwrun in SuSE) to the dspam group (/etc/group), or make these log files world readable.

 
postfix_-_dspam_-_dbmail.txt · Last modified: 2011/08/01 11:18 by vidakennedy
 
DBMail is developed by Paul J Stevens together with developers world-wide