Hi, I've just upgraded my etch server to lenny. Before dspam + clamav+ postfix + dovecot + virtual domains/users works fine. Now, I had a problem with dspam.sock (dspam wouldn't start). I've edited my master.cf and dspam.conf to place dspam.sock in /var/run/dspam/ (instead of /var/spool/postfix). Now all mails are distribued to mailboxs. But dspam didn't tag header with his flags anymore... Maybe someone here can tell me what should I fix ? Here is my master.cf file : Code: # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== ###smtp inet n - - - - smtpd smtp inet n - y - - smtpd -o content_filter=lmtp:unix:/var/run/dspam/dspam.sock #submission inet n - - - - smtpd # -o smtpd_enforce_tls=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} smtp-amavis unix - - n - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks -o local_header_rewrite_clients= ### pour dspam 127.0.0.1:10026 inet n - - - - smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o smtpd_authorized_xforward_hosts=127.0.0.0/8 retry unix - - - - - error Here is my dspam.conf file : Code: #MySQLDb.DECAlpha dspam #MySQLCompress.DECAlpha true # #Profile Sun420R #MySQLServer.Sun420R 10.0.0.2 #MySQLPort.Sun420R 3306 #MySQLUser.Sun420R dspam #MySQLPass.Sun420R changeme #MySQLDb.Sun420R dspam #MySQLCompress.Sun420R false # #DefaultProfile DECAlpha # # If you're using storage profiles, you can set failovers for each profile. # Of course, if you'll be failing over to another database, that database # must have the same information as the first. If you're using a global # database with no training, this should be relatively simple. If you're # configuring per-user data, however, you'll need to set up some type of # replication between databases. # #Failover.DECAlpha SUN420R #Failover.Sun420R DECAlpha # If the storage fails, the agent will follow each profile's failover up to # a maximum number of failover attempts. This should be set to a maximum of # the number of profiles you have, otherwise the agent could loop and try # the same profile multiple times (unless this is your desired behavior). # #FailoverAttempts 1 # # Ignored headers: If DSPAM is behind other tools which may add a header to # incoming emails, it may be beneficial to ignore these headers - especially # if they are coming from another spam filter. If you are _not_ using one of # these tools, however, leaving the appropriate headers commented out will # allow DSPAM to use them as telltale signs of forged email. # #IgnoreHeader X-Spam-Status #IgnoreHeader X-Spam-Scanned #IgnoreHeader X-Virus-Scanner-Result # # Lookup: Perform lookups on streamlined blackhole list servers (see # http://www.nuclearelephant.com/projects/sbl/). The streamlined blacklist # server is machine-automated, unsupervised blacklisting system designed to # provide real-time and highly accurate blacklisting based on network spread. # When performing a lookup, DSPAM will automatically learn the inbound message # as spam if the source IP is listed. Until an official public RABL server is # available, this feature is only useful if you are running your own # streamlined blackhole list server for internal reporting among multiple mail # servers. Provide the name of the lookup zone below to use. # # This function performs standard reverse-octet.domain lookups, and while it # will function with many RBLs, it's strongly discouraged to use those # maintained by humans as they're often inaccurate and could hurt filter # learning and accuracy. # #Lookup "sbl.yourdomain.com" # # RBLInoculate: If you want to inoculate the user from RBL'd messages it would # have otherwise missed, set this to on. # #RBLInoculate off # # Notifications: Enable the sending of notification emails to users (first # message, quarantine full, etc.) # Notifications off # # Purge configuration: Set dspam_clean purge default options, if not otherwise # specified on the commandline # PurgeSignatures 14 # Stale signatures PurgeNeutral 90 # Tokens with neutralish probabilities PurgeUnused 90 # Unused tokens PurgeHapaxes 30 # Tokens with less than 5 hits (hapaxes) PurgeHits1S 15 # Tokens with only 1 spam hit PurgeHits1I 15 # Tokens with only 1 innocent hit # # Purge configuration for SQL-based installations using purge.sql # #PurgeSignature off # Specified in purge.sql #PurgeNeutral 90 #PurgeUnused off # Specified in purge.sql #PurgeHapaxes off # Specified in purge.sql #PurgeHits1S off # Specified in purge.sql #PurgeHits1I off # Specified in purge.sql # # Local Mail Exchangers: Used for source address tracking, tells DSPAM which # mail exchangers are local and therefore should be ignored in the Received: # header when tracking the source of an email. Note: you should use the address # of the host as appears between brackets [ ] in the Received header. # LocalMX 127.0.0.1 # # Logging: Disabling logging for users will make usage graphs unavailable to # them. Disabling system logging will make admin graphs unavailable. # SystemLog on UserLog on # # TrainPristine: for systems where the original message remains server side # and can therefore be presented in pristine format for retraining. This option # will cause DSPAM to cease all writing of signatures and DSPAM headers to the # message, and deliver the message in as pristine format as possible. This mode # REQUIRES that the original message in its pristine format (as of delivery) # be presented for retraining, as in the case of webmail, imap, or other # applications where the message is actually kept server-side during reading, # and is preserved. DO NOT use this switch unless the original message can be # presented for retraining with the ORIGINAL HEADERS and NO MODIFICATIONS. # #TrainPristine on # # Opt: in or out; determines DSPAM's default filtering behavior. If this value # is set to in, users must opt-in to filtering by dropping a .dspam file in # /var/dspam/opt-in/user.dspam (or if you have homedirs configured, a .dspam # folder in their home directory). The default is opt-out, which means all # users will be filtered unless a .nodspam file is dropped in # /var/dspam/opt-out/user.nodspam # Opt out # # TrackSources: specify which (if any) source addresses to track and report # them to syslog (mail.info). This is useful if you're running a firewall or # blacklist and would like to use this information. Spam reporting also drops # RABL blacklist files (see http://www.nuclearelephant.com/projects/rabl/). # TrackSources spam virus # # ParseToHeaders: In lieu of setting up individual aliases for each user, # DSPAM can be configured to automatically parse the To: address for spam and # false positive forwards. From there, it can be configured to either set the # DSPAM user based on the username specified in the header and/or change the # training class and source accordingly. The options below can be used to # customize most common types of header parsing behavior to avoid the need for # multiple aliases, or if using LMTP, aliases entirely.. # # ParseToHeader: Parse the To: headers of an incoming message. This must be # set to 'on' to use either of the following features. # # ChangeModeOnParse: Automatically change the class (to spam or innocent) # depending on whether spam- or notspam- was specified, and change the source # to 'error'. This is convenient if you're not using aliases at all, but # are delivering via LMTP. # # ChangeUserOnParse: Automatically change the username to match that specified # in the To: header. For example, [email protected] will set the username # to bob, ignoring any --user passed in. This may not always be desirable if # you are using virtual email addresses as usernames. Options: # on or user take the portion before the @ sign only # full take everything after the initial {spam,notspam}-. # ParseToHeaders on ChangeModeOnParse on ChangeUserOnParse off # # Broken MTA Options: Some MTAs don't support the proper functionality # necessary. In these cases you can activate certain features in DSPAM to # compensate. 'returnCodes' causes DSPAM to return an exit code of 99 if # the message is spam, 0 if not, or a negative code if an error has occured. # Specifying 'case' causes DSPAM to force the input usernames to lowercase. # Spceifying 'lineStripping' causes DSPAM to strip ^M's from messages passed # in. # #Broken returnCodes #Broken case #Broken lineStripping # # MaxMessageSize: You may specify a maximum message size for DSPAM to process. # If the message is larger than the maximum size, it will be delivered # without processing. Value is in bytes. # #MaxMessageSize 4194304 MaxMessageSize 15728640 # # Virus Checking: If you are running clamd, DSPAM can perform stream-based # virus checking using TCP. Uncomment the values below to enable virus # checking. # # ClamAVResponse: reject (reject or drop the message with a permanent failure) # accept (accept the message and quietly drop the message) # spam (treat as spam and quarantine/tag/whatever) # ClamAVPort 3310 ClamAVHost 127.0.0.1 ClamAVResponse reject # # Daemonized Server: If you are running DSPAM as a daemonized server using # --daemon, the following parameters will override the default. Use the # ServerPass option to set up accounts for each client machine. The DSPAM # server will process and deliver the message based on the parameters # specified. If you want the client machine to perform delivery, use # the --stdout option in conjunction with a local setup. # #ServerPort 24 #ServerQueueSize 32 ServerPID /var/run/dspam/dspam.pid # # ServerMode specifies the type of LMTP server to start. This can be one of: # dspam: DSPAM-proprietary DLMTP server, for communicating with dspamc # standard: Standard LMTP server, for communicating with Postfix or other MTA # auto: Speak both DLMTP and LMTP; auto-detect by ServerPass.IDENT # ServerMode auto # If supporting DLMTP (dspam) mode, dspam clients will require authentication # as they will be passing in parameters. The idents below will be used to # determine which clients will be speaking DLMTP, so if you will be using # both LMTP and DLMTP from the same host, be sure to use something other # than the server's hostname below (which will be sent by the MTA during a # standard LMTP LHLO). # ServerPass.Relay1 "secret" #ServerPass.Relay2 "password" # If supporting standard LMTP mode, server parameters will need to be specified # here, as they will not be passed in by the mail server. The ServerIdent # specifies the 250 response code ident sent back to connecting clients and # should be set to the hostname of your server, or an alias. # # NOTE: If you specify --user in ServerParameters, the RCPT TO will be # used only for delivery, and not set as the active user for processing. # ServerParameters "--deliver=innocent" ServerIdent "localhost.localdomain" # If you wish to use a local domain socket instead of a TCP socket, uncomment # the following. It is strongly recommended you use local domain sockets if # you are running the client and server on the same machine, as it eliminates # much of the bandwidth overhead. # ServerDomainSocketPath "/var/run/dspam/dspam.sock" # # Client Mode: If you are running DSPAM in client/server mode, uncomment and # set these variables. A ClientHost beginning with a / will be treated as # a domain socket. # #ClientHost /tmp/dspam.sock #ClientIdent "secret@Relay1" # #ClientHost 127.0.0.1 #ClientPort 24 #ClientIdent "secret@Relay1" ClientHost /var/run/dspam/dspam.sock ClientIdent "secret@Relay1" # RABLQueue: Touch files in the RABL queue # If you are a reporting streamlined blackhole list participant, you can # touch ip addresses within the directory the rabl_client process is watching. # #RABLQueue /var/spool/rabl # DataSource: If you are using any type of data source that does not include # email-like headers (such as documents), uncomment the line below. This # will cause the entire input to be treated like a message "body" # #DataSource document # ProcessorWordFrequency: By default, words are only counted once per message. # If you are classifying large documents, however, you may wish to count once # per occurrence instead. # #ProcessorWordFrequency occurrence # ProcessorBias: Bias causes the filter to lean more toward 'innocent', and # usually greatly reduces false positives. It is the default behavior of # most Bayesian filters (including dspam). # # NOTE: You probably DONT want this if you're using Markovian Weighting, unless # you are paranoid about false positives. # ProcessorBias on # Include a directory with configuration items. Include /etc/dspam/dspam.d/ ## EOF And I see that clamav didn't filter mail anymore ... I've followed this guide for my setup : http://workaround.org/articles/ispmail-etch/#step-10-amavis-filtering-spam-and-viruses But after it, I've upgraded to lenny... so I think I have a error between postfix <=>clamav <=> dspam ... Have you any tips ? Thanks !
Seem permissions for dspam aren't correct ... People who upgrade from etch to lenny, do that : chown -R root.dspam /var/spool/dspam/data/local/ "local" directory is'nt owned by dspam group. After this, clamav works fine too ! Have a good day, and thanks to people on #[email protected]
