Dspam

redesb

Verified User
Joined
May 10, 2004
Messages
207
Location
Spain
Someone using/testing DSPAM with 'DA' ?

The site say: 'Peak Accuracy: 99.991%. Whitelists: 0.'

Feedback welcome,
TIA
redesb
 

toml

Verified User
Joined
Oct 3, 2003
Messages
1,251
Location
Scottsdale, AZ
I have been working on configuring and implementing it with the DA exim.conf
and I have it mostly working. I have been really busy with my real job ( the
one that pays :) ) and two other side projects, that I haven't had too much time
to really test all the options yet.

Their site says 99.991% but the best I have been able to achieve has been
98.7%. That is with a 70% ratio of spam to ham, and a volume of 120
emails a day to my home account.

I still get a few spams that make it through, and a few false postives, but
still better than when I was using SpamAssassin, plus Dspam is very fast.
On a Sun Ultra 10 333 Mhz running Solaris 9, it was taking anywhere from
10-30 seconds per email with SpamAssassin and Dspam takes less
than a second to process a spam.


For those that want to start trying it, this is what I have so far:

Dspam config line:
Code:
./configure --prefix=/opt/dspam \
--with-storage-driver=mysql_drv \ 
--with-dspam-home=/opt/dspam/user  \
--with-dspam-home-owner=mail \
--with-home-home-group=mail \ 
--with-dspam-mode=none \
--with-dspam-owner=mail \ 
--with-dspam-group=mail \
--enable-signature-headers \
--enable-domain-scale \
--enable-virtual-users \
--with-mysql-includes=/usr/include/mysql \
--with-mysql-libraries=/usr/lib/mysql

/etc/exim.conf changes:
Code:
[B]router entry[/B]
dspam_router:
   no_verify
   condition = "${if and { {!def:h_X-FILTER-DSPAM:} {!eq {$received_protocol}{spam-scanned}} } {1}{0}}"
   headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
   retry_use_local_part
   driver = accept
   transport = dspam_spamcheck

# spam-username
dspam_addspam_router:
   driver = accept
   local_part_prefix = spam-
   transport = dspam_addspam


# nospam-username
dspam_falsepositive_router:
   driver = accept
   local_part_prefix = nospam-
   transport = dspam_falsepositive

[B]transport entry[/B]
dspam_spamcheck:
   driver = pipe
   command = /usr/sbin/exim -oMr spam-scanned -bS
   transport_filter = "/opt/dspam/bin/dspam --stdout --deliver=innocent,spam --feature=chained,noise,whitelist --mode=teft --user [email protected]${domain}"
   use_bsmtp
   home_directory = "/tmp"
   current_directory = "/tmp"
   user = mail
   group = mail
   log_output = true
   return_fail_output = true
   return_path_add = false
   message_prefix =
   message_suffix =

dspam_addspam:
   driver = pipe
   command = "/opt/dspam/bin/dspam --user [email protected]${domain} --source=error --mode=teft --class=spam"
   home_directory = "/tmp"
   current_directory = "/tmp"
   user = mail
   group = mail
   log_output = true
   return_fail_output = true
   return_path_add = false
   message_prefix =
   message_suffix =

dspam_falsepositive:
   driver = pipe
   command = "/opt/dspam/bin/dspam --user [email protected]${domain} --class=innocent --mode=teft --source=error"
   home_directory = "/tmp"
   current_directory = "/tmp"
   user = mail
   group = mail
   log_output = true
   return_fail_output = true
   return_path_add = false
   message_prefix =
   message_suffix =
You can use different modes that I have above, the default is teft (train on
everything), but you can use toe (train on error). The best is to read the docs and decide which is right for you.

/opt/dspam/user/mysql.data:
Code:
/tmp/mysql.sock

USERNAME
PASSWORD
DATABASE

/opt/dspam/user/group:
Code:
groupname:classification:*globaluser

/opt/dspam/user/trusted.users:
Code:
root
mail
apache

Also you need to execute:
Code:
touch /opt/dspam/user/untrusted.mailer_args
or put some exim arguments you do not wish dspam to ever execute.

It may not start classifying until it reaches a certain number of spam/ham.
This will depend on the mode used. You can feed it a corpus to seed the
database, but you want to be sure to feed it a lot of both spam and ham.

That is what I have so far, so if someone with a little more time on their
hands wants to play and add/update to this, feel free. I do not have this in
production, so I can't say everything works.
 

toml

Verified User
Joined
Oct 3, 2003
Messages
1,251
Location
Scottsdale, AZ
So far I have been running this way and it appears to be working. No problems so far. I still have not tested the forwarding to the spam-$username or nospam-$username, but I believe that should work. Luckily I was able to use the corpus I have for my home account, and I am using that as a shared account, so everyone will at least start with a reasonable amount of spam filtering.
 

Solden

Verified User
Joined
Oct 1, 2005
Messages
41
Location
Amsterdam, NL
I know this is an old thread, but is there any HOWTO for dspam with DA? I cannot get the webinterface to work and most of the howto's on the net are too much focussed on other configurations.

Thanks in advance.
 

toml

Verified User
Joined
Oct 3, 2003
Messages
1,251
Location
Scottsdale, AZ
The config info here is a little out of date. The latest version of DSPAM needs slightly different parameters, since a lot of these are configured in the config file instead of compile time.

As far as getting the web interface to work, what problems are you having? It is a cgi script, so it needs to be put somewhere that has cgi enabled. Also it expects to be authenticated via http, have a look at here for how to set it up.

What problems are you having?
 

Solden

Verified User
Joined
Oct 1, 2005
Messages
41
Location
Amsterdam, NL
I do not see the link between dspam and mod_auth_imap. Isn't that something completely different?

--

I'm still looking into setting up dspam. I had a 'small' delay, but if I run into problems, I'll post them here.
 

interfasys

Verified User
Joined
Oct 31, 2003
Messages
2,100
Location
Switzerland
You use mod_auth_imap to give access to the webui to your users.
The one thing I hate about this whole setup is suexec. You need to setup a virtualhost just for this and I just want to use a folder...
 

toml

Verified User
Joined
Oct 3, 2003
Messages
1,251
Location
Scottsdale, AZ
http auth does not expose /etc/passwd at all. You use standard .htaccess and create your own user/password combination to do the authorization. See here for how to do it.
 

interfasys

Verified User
Joined
Oct 31, 2003
Messages
2,100
Location
Switzerland
That's why you use auth_imap. It connects to Dovecot to authenticate the user. Since every email user should be able to manage its spams, this is the easiest way I found.
 
Top