DSPAM as an alternative SPAM solution for DA.

[mattb]

Hi all,

I'm kicking off this thread, as I'm looking at moving away from SpamBlocker/exim.conf solution to something like DSPAM.

Whilst the work done on SpamBlocker has been awesome -- it's not meeting my own needs or those of my clients.

I'm have started this thread to see if there is enough support in the community to look at getting DSPAM implemented cleanly into a standard DirectAdmin installation.

I have seen other docs on DSPAM here, though they don't seem to have been cleanly implemented and have resulted in problems for some. I'm attempting to get DSPAM working cleanly and reliably from a standard DA_Exim/exim.conf configuration.

I'm moving ahead with integrating DPAM into DirectAdmin, but would be interested in hearing the thoughts from other DA admins on their experience/thoughts on the process/product.

Feel free to give me your thoughts/feedback/comments.

 

[pucky]

I think we have to get away from spam solutions that are serverwide installs and concentrate on making these types of spam filtering features available to users, which gives them the option to control what they want to receive rather than what the server owner thinks people should receive. I dont see any option to make any type of options available to end users, its mainly another one of those serverwide solutions.

 

[mattb]

pucky, I think you need to look at DSPAM more closely.

This is exactly what it addresses. Whilst it's a site-wide install, it can be controlled by the end-user.

(That's one of the things that personally annoys me about
SpamBlocker/DNSBL/SA... that it's outside the control of the end-user..)

DPSAM provides a web-interface to view quarantined mail, but also a mail interface to train the anti-spam solution how to classify your mail.

 

[Webcart]

I think it would be great to have DSPAM integrated into SpamBlocker assuming it would block the spam during SMTP session, just like ASSP does.

I've been looking into this on my free time and found some very promissing resources, but I don't know exim well enough to get it done on my own.

We are using ASSP on number of servers for few years now and aren't really happy with the results.

 

[Katana]

Oww Open Source.. Yeah im looking for something like this..
I do have my "own" VPS server, but i don't want to pay for each plugin / addon that there is availeble, so this is a good solution for me..
If this is going the be incorporated into DA i woudl be very happy... And then i need someone to hold my hand and guide me through the process..

 

[nobaloney]

I'm certainly willing to consider integrating DSPAM into a future SpamBlocker exim.conf file; it might save me a lot of future work .

But it'd have to be an integration that would work for everyone.

And I'd have to have some good reason, and frankly just writing about SpamBlocker that:

it's not meeting my own needs or those of my clients.

just isn't enough information.

What is it that DSPAM does that SpamBlocker doesn't?

mattb writes (above in this thread):

This is exactly what it addresses. Whilst it's a site-wide install, it can be controlled by the end-user.

But I need to know how it's controlled by the end-user.

First of all, what do you mean by end-user? Do you mean the domain user on a per-domain basis? Or do you mean by each email recipient on a per-address basis?

And how? through a webpage, or through a page (or pages) that would have to be added to the DirectAdmin interface?

Don't forget that my work on SpamBlocker is a 100% volunteer effort; you're welcome to build a project to give to the DirectAdmin community, too, if you'd like .

Jeff

 

[mattb]

I'm certainly willing to consider integrating DSPAM into a future SpamBlocker exim.conf file; it might save me a lot of future work .

Indeed I think it would.

But it'd have to be an integration that would work for everyone.

And I'd have to have some good reason, and frankly just writing about SpamBlocker that:
....
just isn't enough information.

What is it that DSPAM does that SpamBlocker doesn't?

Hi Jeff,

Take a read of the DSPAM website. It explains all there.

DSPAM isn't RBL based (which is pretty much what SpamBlocker appears to be ). This isn't meant as a criticism, infact historically SpamBlocker has done quite a good job.

But I need to know how it's controlled by the end-user.

First of all, what do you mean by end-user? Do you mean the domain user on a per-domain basis? Or do you mean by each email recipient on a per-address basis?

And how? through a webpage, or through a page (or pages) that would have to be added to the DirectAdmin interface?

Don't forget that my work on SpamBlocker is a 100% volunteer effort; you're welcome to build a project to give to the DirectAdmin community, too, if you'd like .

Jeff

Okay...

Some quick answers:

1. How it's controlled by the end-user?
Ans: Each user has 'special' mailboxes... one for spam, and ham. Ham is the good stuff.. you send the spam obviously to the spam mailbox.
You can do this as simply forwarding the bad ones to your spam email address (normally [email protected])... or using the built in web-interface. You also use this to resolve false positives. By default it will quarantine suspect messages.

2. Is it per domain or per user?
It's per user. What one user deems as spam may not be by another.. hence why it's per user.

3. And how?
Quite easily.
Basically there isn't a need to setup anything in directadmin per say, and only slight modifications to the exim.conf so that spam is checked not via the SpamBlocker RBLs, but instead from DSPAM. Clean messages are then delivered as per usual, whilst spam are trapped in quarantine or dealt with as the system is trained to do.

4. Building a project...
Jeff that's the idea.
At present I'm like most admins... overworked and underpaid.

I've made some progress on it in a beta environment and will be moving to a small live test site over the next month.. As such I haven't dropped it and will continue to polish the intergration into a DA environment.

Once complete I will post details of the work and then let others test/try it.

I'm happy for others to assist and help if they see fit.

 

[nobaloney]

Thanks for your responses; I still don't think they answer my questions, since you don't say what DSPAM specifically does, and how. If you did, it would be of interest to me. But so far all you've said is what it doesn't do... use blocklists.

More below:

Take a read of the DSPAM website. It explains all there.

Not really. What they do there is indicate that they use certain algorithms. Perhaps you expect me to learn all those algorithms. I have no intention of trying to do that; it's not my specialty or area of expertise.

I also don't believe, as many anti-spammers don't believe, that spam is at all about content; it's about consent and that, to me, tends to be more easily measured by blocklists.

I could be wrong about my insistence of using RBLs, but after all, I wrote SpamBlocker for me .

DSPAM isn't RBL based (which is pretty much what SpamBlocker appears to be ).

SpamBlocker is to a great extent RBL based, and I'll continue to use RBL based spam detection.

But SpamBlocker contains a lot more anti-spam measures than just blocklists; compare it with the earliest versions of DirectAdmin's implementation of the exim.conf file; the earliest versions didn't even refuse undeliverable email; they just returned it to the alleged sender.

The reason I didn't add any heuristic methods for detecting spam is because SpamAssassin (the only known other heuristic-based spam-detecting system years ago when I wrote SpamBlocker) was already built into DirectAdmin; I simply maintained that.

Even if DSPAM should eventually replace SpamAssassin, I'll always use RBLs in SpamBlocker; you don't have to use them. Future (perhaps commercial) versions will make it possible to chose specific RBLs on a per-domain basis. Either you or DirectAdmin may decide to no longer use SpamBlocker.

This isn't meant as a criticism, infact historically SpamBlocker has done quite a good job.

As it continues to do if you're using the latest version.

1. How it's controlled by the end-user?
Ans: Each user has 'special' mailboxes... one for spam, and ham. Ham is the good stuff.. you send the spam obviously to the spam mailbox.
You can do this as simply forwarding the bad ones to your spam email address (normally [email protected])... or using the built in web-interface. You also use this to resolve false positives. By default it will quarantine suspect messages.

How do those mailboxes get created?

2. Is it per domain or per user?
It's per user. What one user deems as spam may not be by another.. hence why it's per user.

3. And how?
Quite easily.
Basically there isn't a need to setup anything in directadmin per say, and only slight modifications to the exim.conf so that spam is checked not via the SpamBlocker RBLs, but instead from DSPAM. Clean messages are then delivered as per usual, whilst spam are trapped in quarantine or dealt with as the system is trained to do.

Again, if nothing has to be set up in DirectAdmin, then how do you set up those mailboxes?

And why would anyone want to ever look at a mailbox anyway? Looking at dedicated spam mailboxes takes just as much time as looking at spam in your inbox.

Personally, I believe in using blocklists so it's the sender who has to deal with the spam, not me. And again (perhaps nauseatingly again) I wrote it for me. Perhaps if we got more than one or two false positives a month over hundreds of domains I'd feel otherwise, but I don't. In fact I believe the current set of RBLs give a lower false positive list than any other system I've ever seen.

But the most important issue to me is all that email the RBLs block that don't need any additional machine cycles is tremendous. I simply don't want to have to build a server big enough to heuristically manage the over 45,000 spam emails blocked by RBLs daily on just one of the machines I monitor (and checked just now), when I can simply block them.

4. Building a project...
Jeff that's the idea.
At present I'm like most admins... overworked and underpaid.

I've made some progress on it in a beta environment and will be moving to a small live test site over the next month.. As such I haven't dropped it and will continue to polish the intergration into a DA environment.

Once complete I will post details of the work and then let others test/try it.

I'm happy for others to assist and help if they see fit.

Keep working on it. But if it's going to have to manage those extra 45,000 emails I can't ever see it replacing RBLs. At least not for me.

SpamAssassin possibly, but not RBLs.

Jeff

 

[interfasys]

Old thread, but I just wanted to provide a few replies.

The ham and spam mailboxes are created by DA, when you enable SpamAssassin. DA doesn't support alternative spam applications and it sucks, because we have to create workarounds like rename the link in the panel to Spam management, then disable all the useless scripts on that page, etc.
Eventually, that page calls some scripts that create the necessary folders for SpamAssassin and you can use that to create the folders needed by Dspam.

Dspam should be used to replace Spamassassin if you want to save some resources. It should be used in addition to RBLs and Anti-phishing scripts which do a good job at removing 90% of the spams.

We don't use the dspam management panel. User preferences are stored in mySQL and can be changed through scripts.