Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
DSPAM + QMAIL + VPOPMAIL + PROCMAIL
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
bruor
Apprentice
Apprentice


Joined: 08 Jul 2003
Posts: 239

PostPosted: Thu Feb 17, 2005 6:41 pm    Post subject: DSPAM + QMAIL + VPOPMAIL + PROCMAIL Reply with quote

after finding out what dspam was i was ultra pumped to try it out.
the installation of this program was frustrating to say the least and i hope that this will help someone out there to keep their hair unlike me :)

for the majority of the guide i followed the qmail/vpopmail Virtual Mail Hosting System Guide

i found the guide to be outdated on some path names doing this from a stage3 install yesterday.
there are a couple finer points that need a little attention

check the structure of the hostfile so that the fqdn is resolved properly by hostname
having hostname and fqdn sqitched in position will cause some problems
Code:
/etc/hosts
ip_addr   fqdn    hostname


in your use flags make sure you have set
Code:
USE="maildir apache2 mysql imap nls ssl" 

ipv6 was on for my builds but i dont think that its necessary

from this point you can follow the qmail vpopmail guide
when you get to the section detailing courier-imap, some things have changed
you still have to build vpopmail before courier, but specifically courier-authlib not courier-imap

the authdaemonrc file has been moved from
Code:
/etc/courier-imap/authdaemonrc

to
Code:
/etc/courier/authlib/authdaemonrc


the guide also tells you to make the authdaemonrc containg only authvchkpw but if this is done, you cannot use imap on your real user accounts. if you need to have access via imap to your local user account then include authpam
otherwise you need to re-alias system messages to be sent to your virtual user account if you want to receive them

you will not be able to send mail to your unix users if you setup vpopmail to handle mail for that domain.
before vpopmail username@domainname.com would give mail to my unix user
after vpopmail username@domainname.com would bounce back as undeliverable
i didnt research to see if there is a way to map them together or not, just something i noticed before setting up a virtual for myself anyway. im sure that you could symlink the maildirs together or soemthing as a hack just to get the messages since you probably wont use the account for real email anyway ;)

once you have setup and started courier-imap, be sure to restart courier-authlib just to make sure your auth setting has taken effect. during my installation i was getting an sql access error because i didnt restart courier-authlib

after this point i installed imp as the guide suggested and personally i like it a bit better than squirrelmail ;)
make sure vpopmail and qmail are working properly, if they are then we can go ahead and try to get some dspam in there...

heres how i got dspam working.
Code:
emerge dspam

then. you have to setup dspam and mysql to work together nicely
in /etc/mail/dspam there are a few .sql files the ones we are interested in are
mysql_objects-space.sql mysql_objects-speed.sql mysql_virtual_users.sql
get get these into my sql you need to do the following

create a dspam database in mysql, i used dspam for my db name
then you need to run the sql files
mysql should ask you for a password when you do this. use your mysql root password
Code:
cat mysql_objects-space.sql | mysql dbname -p
cat mysql_objects-speed.sql | mysql dbname -p
cat mysql_virtual_users.sql | mysql dbname -p



then you have to set the proper permissions
Code:
mysql -u root -p

grant select, insert, update, delete on dbname.* to desireddspamusername identified by 'desireddspampassword'


now we need to update dspam.conf so it knows whats going on
/etc/mail/dspam/dspam.conf
Code:
(this section is near the middle of the file, not at the very end. )
MySQLServer    /var/run/mysqld/mysqld.sock
MySQLPort
MySQLUser      dspamusername
MySQLPass      dspampasswd
MySQLDb        dsspamdbname
MySQLCompress  true


now for the most frustrating part.
every guide and the dspam readme.qmail file say that you should be able to make a .qmail file and put a line in that pipes email through dspam, at that point i guess its supposed to just pass any mail it doesnt see as spam
this didnt work so enter procmail to the equation.

Code:
emerge procmail


were going to create a .qmail file for the virtual users so that qmail doesnt hand off email to vdelivermail.
in /var/vpopmail/domains/domainname/ we need to make a .qmail file for each user you want to filter spam for.
to test this out i made a test user to play with until this was up and running.
.qmail-username should contain
Code:
| procmail -t ./test/.maildir/procmailrc


now that procmail is going to take control, we can pipe to dspam from here.. and then use procmail rules for filtering if we like.. i would suggest putting the recipe for non dspam delivery into the file first and sending a test message just to make sure that procmail is picking up the ball on this. i read that the procmailrc paths need to be relative to the domainname root folder for vpopmail. if you move it you will have to change the folder paths you use.
for the test user i put the procmailrc file in /var/vpopmail/domains/domainname/user/.maildir/procmailrc
in procmailrc put
Code:
 #dspam
:0fw
#the first line will deliver spam as well as ham the options used here match what is in the dspam qmail readme
#| dspam --stdout --deliver=spam,innocent --mode=teft --user full@email.addy --feature=chained,noise,whitelist
| dspam --stdout --deliver=innocent --mode=teft --user full@email.addy --feature=chained,noise,whitelist
### Deliver the rest into Maildir normally
:0
*
./test/.maildir/


the last thing you have to do is setup dspam to get train on false negatives, the easiest way to do this seems to be setting a cron up to run and grab mail out of a spam folder for this purpose.
i made a script in /etc/mail/dspam called scanspam.sh containing
Code:
#!/bin/sh

VPOPDIR=/var/vpopmail
DSPAMDIR=/usr/bin

if [ $# -ne 2 ]; then
   echo Usage: $0 domainname username
   exit 1
fi

cd $VPOPDIR/domains/$1/$2/.maildir/.spam/cur
for NAME in `ls -1`; do
   cat $NAME | $DSPAMDIR/dspam --user $2@$1 --mode=teft --class=spam --source=error
   rm -f $NAME
done


set permissions
Code:
chmod u+x scanspam.sh

add a cron to do this
Code:
crontab -u vpopmail -e

in the crontab
Code:
#run the scanner once a week on monday at 3am
0 3 * * 1  /etc/dspam/scanspam.sh domainname username


i hope this guide proves useful. any comments/explanations/suggestions are welcome, i dont know a lot about dspam and perhaps a guru could shed some light or a little cleaner script. it would be nice to have a script that would scan all spam folders for all users for all domains so you dont have to keep adding to the cron.
it would also be nice if there was a way to use a procmail file dynamically so you could just reference one file instead of having to create one for every user. if anyone has any ideas/wants to help that would be appreciated.

thanks and happy spam filtering!!!
Back to top
View user's profile Send private message
jonaswidarsson
Apprentice
Apprentice


Joined: 16 Jan 2004
Posts: 273
Location: Göteborg, Sweden

PostPosted: Fri Jul 08, 2005 12:11 pm    Post subject: Re: DSPAM + QMAIL + VPOPMAIL + PROCMAIL Reply with quote

bruor wrote:

in /var/vpopmail/domains/domainname/ we need to make a .qmail file for each user you want to filter spam for.
to test this out i made a test user to play with until this was up and running.
.qmail-username should contain
Code:
| procmail -t ./test/.maildir/procmailrc


Thank you for a nice guide.

I have a suggestion for the section that I qouted above.

I just spent two hours troubleshooting my setup.
Mail to test@domainname.com went through, but not mail to jonas.widarsson@domainname.com

I found the answer in the dot-qmail manpage:
Quote:
EXTENSION ADDRESSES
In the qmail system, you control all local addresses of the
form user-anything, as well as the address user itself,
where user is your account name. Delivery to user-anything
is controlled by the file homedir/.qmail-anything. (These
rules may be changed by the system administrator; see
qmail-users(5).)

The alias user controls all other addresses. Delivery to
local is controlled by the file homedir/.qmail-local, where
homedir is alias's home directory.

In the following description, qmail-local is handling a
message addressed to local@domain, where local is controlled
by .qmail-ext. Here is what it does.

If .qmail-ext is completely empty, qmail-local follows the
defaultdelivery instructions set by your system
administrator.

If .qmail-ext doesn't exist, qmail-local will try some
default .qmail files. For example, if ext is foo-bar,
qmail-local will try first .qmail-foo-bar, then .qmail-foo-
default, and finally .qmail-default. If none of these
exist, qmail-local will bounce the message. (Exception: for
the basic user address, qmail-local treats a nonexistent
.qmail the same as an empty .qmail.)

WARNING: For security, qmail-local replaces any dots in ext
with colons before checking .qmail-ext. For convenience,
qmail-local converts any uppercase letters in ext to
lowercase.


This means ANY email address username that contains a dot must be translated before you use it as a dot-qmail file.
Thus,
test@domainname.com => .qmail-test
and
jonas.widarsson@domainname.com => .qmail-jonas:widarsson

Did you see the colon?

One other note, that is not covered in the guide:
If you deliver through the .qmail-default file:
Code:
| /usr/bin/dspam  --deliver=innocent --user $EXT@$USER  --stdout | /var/vpopmail/bin/vdelivermail '' bounce-no-mailbox
and use vdelivermail (or anything else I guess), beware that dspam will get called prior to any vpopmail alias processing you may have setup, since any redirection vdelivermail wants to make happens AFTER dspam.

I have the setup where some email addresses are common to a group of our staff. I set up an email account called common@domainname.com.

Then I can add any alias to that address.

then I connect that address as an alias for any user that I wish to add to the "common group".
like this:
Code:
ns1 # valias -s domainname.com
contact@domainname.com -> common@domainname.com
info@domainname.com -> common@domainname.com
kontakt@domainname.com -> common@domainname.com
ky@domainname.com -> common@domainname.com
[... split for readability]
common@domainname.com -> me@domainname.com
common@domainname.com -> him@domainname.com
common@domainname.com -> her@domainname.com
ns1 domainname.com #


so if one sends email to info@domainname.com, it first gets redirected to common@domainname.com, which redirects to all the guys me, him and her.
If DSPAM is called before vdelivermail like I show above, this means dspam will process the email and add its headers three times before it reaches the destination account. I confirmed this by sending an email to common as well, and got the headers added twice instead of thrice.

This is really space waste, not to mention the tripled server load... :roll:

So don't do that!
Instead, do something like the suggestion in the guide above.


Last edited by jonaswidarsson on Mon Jul 11, 2005 12:00 pm; edited 1 time in total
Back to top
View user's profile Send private message
bruor
Apprentice
Apprentice


Joined: 08 Jul 2003
Posts: 239

PostPosted: Fri Jul 08, 2005 11:41 pm    Post subject: Reply with quote

thanks for the update on this howto a bit, it was my first hack at getting qmail working with all this stuff and i wasnt quite sure if everything was working or not.

can you confirm that dspam is working in this configuration? i wasnt able to confirm any results other than the database was logging that the email had passed through it. perhaps a version or 2 has gone by since, but either way its a good thing that its working for you ;)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum