Gentoo - dspam - Installation

From Kolab Wiki

Jump to: navigation, search

I'm currently rewriting this HowTO as I go, it still has the old information if you need it.

DSpam is a flexible spam filter designed for multi-user enterprise systems. DSpam supports many modes of operations with different storage backends, I strongly suggest you read the DSPAM readme to learn more as it has a wealth of information. We will focus on global + merged mode using the mysql backend. This creates a global spam definition database to protect new users while they build their own personalized corpus.

For ease of use I create the following folder structure for each user.

  • spam
    • block
    • unblock

Spam goes into the spam folder. Users can move legitimate email categorized as spam into the unblock folder or spam categorized as legitimate email into the block folder. To accomplish this we use plus addressing and a script which retrains dspam when it errors.

To start off we need to configure DSpam with the correct USE flags and emerge it

echo "
mail-filter/dspam daemon mysql virtual-users
" >> /etc/portage/package.use
emerge -av dspam

Now we must configure MySQL's root user with a password and modify some files

emerge --config dev-db/mysql

We need to increase the InnoDB log file size from 128M to 512M and comment bind-address (optional) for remote access

/etc/mysql/my.cnf

innodb_data_file_path = ibdata1:10M:autoextend:max:512M

#bind-address				= 127.0.0.1

Start MySQL

/etc/init.d/mysql start

The DSpam documentation suggests we use InnoDB vs MyISAM for protection against locking & corruption.

cd /etc/dspam
sed -i 's/MyISAM/\InnoDB/' mysql_objects-4.1.sql
sed -i 's/MyISAM/\InnoDB/' mysql_virtual_users.sql

Now we add the dspam tables to mysql, when prompted enter your mysql root password

emerge --config mail-filter/dspam

When asked choose the following: 1. mysql backend 2. choose #1 Database will be hosted on a mysql-4.1 server or above 3. choose #1 Virtual users added automatically (use it if this server is the primary MX)

everything else is the default. updating dspam will replace the password you picked with random numbers in the conf files, don't automerge the conf

setup merged global database on dspam (change yourdomain.com to your domain)

echo "global@yourdomain.com:merged:*" >> /var/spool/dspam/group
chown dspam:dspam /var/spool/dspam/group

Uncomment/Change the following values in /etc/dspam/dspam.conf

DeliveryHost        127.0.0.1
DeliveryPort        10027
DeliveryIdent       localhost
DeliveryProto       SMTP
EnablePlusedDetail    on
QuarantineMailbox     +spam
TrainingMode tum
ImprobabilityDrive on
Preference "signatureLocation=headers"
MySQLConnectionCache	10
MySQLUIDInSignature    on
IgnoreHeader X-DSPAM-Result
IgnoreHeader X-DSPAM-Processed
IgnoreHeader X-DSPAM-Confidence
IgnoreHeader X-DSPAM-Probability
IgnoreHeader X-DSPAM-Signature
IgnoreHeader X-DSPAM-Factors
ServerQueueSize       32
ServerMode standard
ServerParameters      "--deliver=innocent,spam -d %u"
ServerIdent           "localhost"


as of writing the ebuild doesn't assign the correct mysql permission to the dspam account

mysql -p
GRANT SELECT,INSERT,UPDATE,DELETE ON dspam.* TO 'dspam'@'localhost' IDENTIFIED BY 'dspam_password';
FLUSH PRIVILEGES;

run the following so dspam_clean doesn't purge your global definitions because the data is old

dspam_admin add pref global@yourdomain.com trainingMode TOE


Kolab uses SpamAssassin as its default spam filter, we must disable it and configure postfix to pass mail to DSpam after amavisd.

wget http://www.aplusperfect.com/dspam/templates.tar.gz
tar -zxvf templates.tar.gz
mv templates/* /etc/kolab/templates
kolabconf

optional mysql -p GRANT ALL ON *.* TO 'user'@'%' IDENTIFIED BY 'password';


emerge --config =dspam-3.8.0-r6

need to mention something about converting db to InnoDB to prevent corruption

our global user will be global@yourdomain.com to setup global+merged we create a file in /var/spool/dspam called group

echo "global@yourdomain.com:merged:*" >> /var/spool/dspam/group

run the following so dspam_clean doesn't purge your global definitions because the data is old

dspam_admin add pref global@yourdomain.com trainingMode TOE


Old How To is below this one. As an overview DSPAM will receive emails from amavis-new then pass them back to postfix. Dspam will deliver SPAM to a user folder called spam through plussed addressing (ie: user+spam@mydomain.com)

Let’s start with installation

echo "mail-filter/dspam daemon" >> /etc/portage/package.use
emerge –av dspam

in dspam.conf change values to the following

DeliveryHost        127.0.0.1
DeliveryPort        10026
DeliveryIdent       localhost
DeliveryProto       SMTP
EnablePlusedDetail    on
QuarantineMailbox     +spam
TrackSources spam nonspam
ServerQueueSize       32
ServerMode standard
ServerParameters      "--deliver=innocent,spam -d %u"
ServerIdent           "localhost"


In master.cf after the port 10025 entry for amavis change the SMTP interface for injecting mail back into postfix from amavis from 10026 to 10027 and insert the following between the two entries

#DSpam LMTP Interface
127.0.0.1:10026      inet      n      -      n      -      -      smtpd
    -o content_filter=lmtp:unix:/var/run/dspam/dspam.sock
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o receive_override_options=
    -o smtpd_helo_restrictions=
    -o smtpd_client_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o smtpd_authorized_xforward_hosts=127.0.0.0/8



Now for each user create a spam folder with block and unblock as two subfolders beneath spam. (spam MUST be lowercase) IE:

  • spam
    • block
    • unblock

Now run

cyradm --user manager yourmaildomain.com
lam user/username/spam@yourmaildomain.com

this shows you the permissions on the spam folder, currently the only person allowed to send mail to the spam folder is the user, so to change that we type

sam user/username/spam@yourdomain.com anyone p

Now we start dspam

/etc/init.d/dspam start

Restart all the kolab services and your set.


TODO: I have a nice corpus training script and error/retraining script which I’ll upload when sanitized. A word of caution for some reason all the messages are stored with \r\n in cyrus instead of \n (dos vs unix) and dspam can’t read the signature from the email correctly because of it, so you’ll have to plug in the signature manually when retraining.

Personal tools