Thanks for your responses; I still don't think they answer my questions, since you don't say what DSPAM specifically does, and how. If you did, it would be of interest to me. But so far all you've said is what it doesn't do... use blocklists.
More below:
Take a read of the
DSPAM website. It explains all there.
Not really. What they do there is indicate that they use certain algorithms. Perhaps you expect me to learn all those algorithms. I have no intention of trying to do that; it's not my specialty or area of expertise.
I also don't believe, as many anti-spammers don't believe, that spam is at all about content; it's about
consent and that, to me, tends to be more easily measured by blocklists.
I could be wrong about my insistence of using RBLs, but after all, I wrote SpamBlocker for me

.
DSPAM isn't RBL based (which is pretty much what SpamBlocker appears to be ).
SpamBlocker is to a great extent RBL based, and I'll continue to use RBL based spam detection.
But SpamBlocker contains a lot more anti-spam measures than just blocklists; compare it with the earliest versions of DirectAdmin's implementation of the exim.conf file; the earliest versions didn't even refuse undeliverable email; they just returned it to the alleged sender.
The reason I didn't add any heuristic methods for detecting spam is because SpamAssassin (the only known other heuristic-based spam-detecting system years ago when I wrote SpamBlocker) was already built into DirectAdmin; I simply maintained that.
Even if DSPAM should eventually replace SpamAssassin, I'll always use RBLs in SpamBlocker; you don't have to use them. Future (perhaps commercial) versions will make it possible to chose specific RBLs on a per-domain basis. Either you or DirectAdmin may decide to no longer use SpamBlocker.
This isn't meant as a criticism, infact historically SpamBlocker has done quite a good job.
As it continues to do if you're using the latest version.
1.
How it's controlled by the end-user?
Ans: Each user has 'special' mailboxes... one for spam, and ham. Ham is the good stuff.. you send the spam obviously to the spam mailbox.
You can do this as simply forwarding the bad ones to your spam email address (normally
[email protected])... or using the built in web-interface. You also use this to resolve false positives. By default it will quarantine suspect messages.
How do those mailboxes get created?
2.
Is it per domain or per user?
It's per user. What one user deems as spam may not be by another.. hence why it's per user.
3.
And how?
Quite easily.

Basically there isn't a need to setup anything in directadmin per say, and only slight modifications to the exim.conf so that spam is checked not via the SpamBlocker RBLs, but instead from DSPAM. Clean messages are then delivered as per usual, whilst spam are trapped in quarantine or dealt with as the system is trained to do.
Again, if nothing has to be set up in DirectAdmin, then how do you set up those mailboxes?
And why would anyone want to ever look at a mailbox anyway? Looking at dedicated spam mailboxes takes just as much time as looking at spam in your inbox.
Personally, I believe in using blocklists so it's the sender who has to deal with the spam, not me. And again (perhaps nauseatingly again) I wrote it for me. Perhaps if we got more than one or two false positives a month over hundreds of domains I'd feel otherwise, but I don't. In fact I believe the current set of RBLs give a lower false positive list than any other system I've ever seen.
But the most important issue to me is all that email the RBLs block that don't need any additional machine cycles is tremendous. I simply don't want to have to build a server big enough to heuristically manage the over 45,000 spam emails blocked by RBLs daily on just one of the machines I monitor (and checked just now), when I can simply block them.
4.
Building a project...
Jeff that's the idea.

At present I'm like most admins... overworked and underpaid.
I've made some progress on it in a beta environment and will be moving to a small live test site over the next month.. As such I haven't dropped it and will continue to polish the intergration into a DA environment.
Once complete I will post details of the work and then let others test/try it.
I'm happy for others to assist and help if they see fit.
Keep working on it. But if it's going to have to manage those extra 45,000 emails I can't ever see it replacing RBLs. At least not for me.
SpamAssassin possibly, but not RBLs.
Jeff