I run Qmail and VPopMail on my mail server. A friend of mine recommended DSPAM as a supplement to my mail system, so I began to investigate. After having read the articles on Bayesian Filtering and the accuracy associated with it, I decided to give it a try.
The first thing I noticed is that there isn't anything really concise about integrating these three packages on the DSPAM website, nor is there much out there that really explains how things work. As is typical in my world, I embarked upon the learning curve and performed a little trial-and-error which culminated in quite a nice setup.
One note of interest: I have not set up the web-based admin tools, and really don't care to at this point. If someone wants to contribute a section to this text on how to handle that, I'll be happy to include it (after review) and credit you for your work.
This document also assumes that you have procmail installed. While you can use safecat, I have no experience with how to use it. Besides, procmail gives you some really great options if you're using IMAP, such as pre-sorting mail into folders. Don't worry ... I'll provide you with the needed procmail recipe to tie everything together.
This document assumes that you have MySQL installed and running as well. The authors of DSPAM recommend this storage option. If you want to use a different storage option, that's fine. All of the instructions here are still relevant except for the database part, at which point you'll be on your own.
A note on configuration of VPopMail:
While I do things a bit differently, DSPAM requires a way to feed misclassified SPAMs back to it for re-processing. This is usually done by forwarding the SPAM to a special email address. If your existing email address is dave@yourdomain.dom, then your special address would be dave-spam@yourdomain.dom. If you're going to do it this way, then you will want to make sure that you configure VpopMail with the parameter:
--enable-qmail-ext=yAs a really nice alternative (and if you're running Courier IMAP), you can simply copy your misclassifications to a special IMAP folder which gets re-processed as SPAM by a crontask in the middle of the night. This is how I do it, and it saves me from having to forward every misclassification.
Some variations you can make to this script:
If you want to BOUNCE incoming SPAM rather than silently discarding it, you can also add
Of course, change "dspam-password" to something meaningful. Also, this
probably isn't the most secure way in the world to do things, so be aware that
the user vpopmail has ALL privileges (including the ability to delete the
database) unless you do something otherwise.
Create the following file called
Once again, change "dspam-password" to whatever you decided upon in the last step.
tar -zxvf /wherever/you/put/it/dspam-3.0.0.tar.gz
cd dspam-3.0.0
./configure \
--with-dspam-home=/ops/dspam \
--prefix=/ops/dspam \
--enable-domain-scale \
--with-delivery-agent='/usr/local/bin/procmail' \
--with-storage-driver=mysql_drv \
--enable-chi-square \
--with-mysql-includes=/usr/local/include/mysql \
--with-mysql-libraries=/usr/local/lib/mysql \
--enable-virtual-users \
--with-dspam-home-owner=vpopmail \
--with-dspam-home-group=vchkpw \
--with-dspam-owner=vpopmail \
--with-dspam-group=vchkpw
--enable-broken-return-codes to your configuration.
Be aware, however, that spammers have taken to stealing people's email
addresses and using them to SPAM with. Under some circumstances, this may
result in you bouncing SPAM to an innocent party.make && make install
cd tools.mysql_drv
mysqladmin create dspamdb
cat mysql_objects.sql.speed.optimized | mysql dspamdb
cat virtual_users.sql | mysql dspamdb
echo "grant all privileges on dspamdb.* to vpopmail@localhost identified by 'dspam-password'" | mysql dspamdbcd /ops/dspam (or wherever you installed DSPAM)mysql.data
/tmp/mysql.sock
vpopmail
dspam-password
dspamdb
trusted.users file:cd /ops/dspam (or wherever you installed DSPAM)
echo "vpopmail" >trusted.users
NOTE:Any files you create here should be owned by
vpopmail and should have the group vchkpw
cd ~vpopmail/domains/yourdomain.dom/dave
Create the following file and name it .procmailrc
MAILDIR=$HOME/domains/yourdomain.dom/dave/Maildir DEFAULT=$MAILDIR/ LOGFILE=$HOME/domains/yourdomain.dom/dave/procmail.log # OPTIONAL: I always BCC stuff to myself. The following will automatically # put these emails in your "Sent" IMAP folder. :0: * ^From:.*dave@yourdomain.dom .Sent/
cd ~vpopmail/domains/yourdomain.dom/
Create a file called .qmail-dave and put the following in it:
|/ops/dspam/bin/dspam --user dave@yourdomain.dom --deliver=innocent --mode=teft --feature=chained,noise,whitelist -m -p ./dave/.procmailrc
This can be done in one of two ways:
Create an IMAP folder called Spam
su - vpopmail
cd /ops/dspam (or wherever you put installed DSPAM)
Create a schell script called reclass.sh, and put the following
content in it, adjusting anything necessary to get the desired effect:
#!/bin/sh VPOPDIR=/ops/vpopmail DSPAMDIR=/ops/dspam if [ $# -ne 2 ]; then echo Usage: $0 domainname username exit 1 fi cd $VPOPDIR/domains/$1/$2/Maildir/.Spam/cur for NAME in `ls -1`; do cat $NAME | $DSPAMDIR/bin/dspam --user $2@$1 --mode=teft --class=spam --source=error rm -f $NAME done
Set permissions on the script:
chmod u+x reclass.sh
Now edit vpopmail's crontab (This can go in root's crontab if necessary):
crontab -e
Add the following line:
0 4 * * * /ops/dspam/reclass.sh yourdomain.dom dave
Everyday at 4:00AM, cron will come along and cause all of the SPAM you've copied to your IMAP "Spam" folder to get reclassified, and it'll automatically delete it all for you.
cd ~vpopmail/domains/yourdomain.dom/
Create a file called .qmail-dave-spam and put the following in it:
|/ops/dspam/bin/dspam --user dave@yourdomain.dom --mode=teft --class=spam --source=error