Using DSPAM for Spam Filtering: Difference between revisions
(Adding Article Infobox) |
|||
Line 19: | Line 19: | ||
==History== | ==History== | ||
===ZCS 6.0.x=== | ===ZCS 6.0.x=== | ||
*ZCS 6.0.6 will be dspam 3.0 | *ZCS 6.0.6 will be dspam 3.9.0 final [http://bugzilla.zimbra.com/show_bug.cgi?id=43978 Bug 43978] | ||
*ZCS 6.0.5 it is DPSAM-3.9.0-RC2 [http://bugzilla.zimbra.com/show_bug.cgi?id=43550 Bug 43550] | *ZCS 6.0.5 it is DPSAM-3.9.0-RC2 [http://bugzilla.zimbra.com/show_bug.cgi?id=43550 Bug 43550] |
Revision as of 00:43, 22 July 2010
Article Information |
---|
This article applies to the following ZCS versions. |
Enabling
ZCS 5.0.11+
zmlocalconfig -e amavis_dspam_enabled=true
The zmmtaconfig will automatically reload amavis within 2 minutes or you can run "zmamavisdctl reload" to have it take effect immediately.
ZCS 3.1+
/opt/zimbra/conf/amavisd.conf.in
uncomment
#$dspam = '/opt/zimbra/dspam/bin/dspam';
zmamavisdctl stop
zmamavisdctl start
History
ZCS 6.0.x
- ZCS 6.0.6 will be dspam 3.9.0 final Bug 43978
- ZCS 6.0.5 it is DPSAM-3.9.0-RC2 Bug 43550
- ZCS 6.0.4 it is DSPAM-3.9.0-BETA1 which is completely broken http://www.zimbra.com/forums/mod-stump/35789-solved-6-0-4-dspam-av-problems.html
- ZCS 6.0.x may need to chown zimbra.zimbra the dspam folder
ZCS 5.0.x
- ZCS 5.0.11 fixed dspam stability, zmfixperms adjusted, added localconfig key Bug 20555
ZCS 4.5.x
- ZCS 4.5.1 Dspam disabled on upgrades or fresh installs
ZCS 3.x
- Dspam upgraded to v3.6.8 - June 7, 2006 (4.5/5.0 betas?)
- Dspam uses v3.8.0 - March 19, 2007
- ZCS 3.1 GA (April 2006) DSPAM is integrated into the core product.
Original How-To
Original How-To by Joshua Prismon before it was integrated into ZCS follows:
Download and decompress DSPAM
Note, everything I am doing here, I do as the user zimbra. If I need super user, I use sudo.
The configuration options I used were: .
./configure \ --prefix=/opt/dspam \ --sysconfdir=/opt/dspam/conf \ --with-dspam-home=/var/dspam \ --with-dspam-home-mode=2770 \ --with-dspam-home-owner=zimbra \ --with-dspam-home-group=zimbra \ --with-storage-driver=mysql_drv \ --enable-preferences-extension \ --with-mysql-includes=/usr/include/mysql \ --with-mysql-libraries=/usr/lib/mysql \ --enable-signature-headers \ --without-delivery-agent \ --without-quarantine-agent \ --with-dspam-owner=zimbra \ --with-dspam-group=zimbra
make
(as root)
make install
After this login as the zimbra user. Make sure that MySQL is running. Then create a new table for DSPAM related info:
mysqladmin create dspam
After that load the schema for the dspam tables
mysql dspam < ~/dspam-3.6.1/src/tools.mysql_drv/mysql_objects-4.1.sql
We don't want to use the same user that we use for zimbra for dspam for the database. So create a new user:
mysql grant all on dspam.* to dspam@localhost identified by 'ThisIsMyPassword';
(Obviously change your password)
Inside of your dspam.conf add the following lines (they are commented out be default)
MySQLServer /opt/zimbra/db/mysql.sock MySQLPort 7306 MySQLUser dspam MySQLPass ThisIsMyPassword MySQLDb dspam
Now we have to tell amavisd-new (which serves as a pipeline for various steps proccessing email before zimbra's java code sees emails) to enable dspam Search for the $path and $dspam variables and replace them.
To make things a bit tricky, dspam uses auto-generated files, so modify the file amavisd.conf.in rather then amavisd.conf.
$path = '/opt/zimbra/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/opt/dspam/bin'; $dspam = 'dspam';
I suggest you run amavisd once by hand with the debug options to make sure everything works:
/opt/zimbra/amavisd/sbin/amavisd -c /opt/zimbra/conf/amavisd.conf debug
And if everything is happy you should see lines like:
Nov 16 18:57:32 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: starting. /opt/zimbra/amavisd/sbin/amavisd at bldmail01 amavisd-new-2.3.1 (20050509), Unicode aware, LANG=en_US.UTF-8 Nov 16 18:57:32 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: user=515, EUID: 515 (515); group=, EGID: 515 516 515 5 (515 516 515 5) Nov 16 18:57:32 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Perl version 5.008006 Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Net::Server: 2005/11/16-18:57:33 Amavis (type Net::Server::PreForkSimple) starting! pid(31241) Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1 Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Net::Server: Group Not Defined. Defaulting to EGID '515 516 515 5' Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Net::Server: User Not Defined. Defaulting to EUID '515' Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Net::Server: Setting up serialization via flock Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Module Amavis::Conf 2.038 Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Module Archive::Tar 1.26 Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Module Archive::Zip 1.16 [LINES DELETED] Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No primary av scanner: Norman Virus Control v5 / Linux Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No primary av scanner: Panda Antivirus for Linux Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No primary av scanner: NAI McAfee AntiVirus (uvscan) Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No primary av scanner: VirusBuster Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No primary av scanner: CyberSoft VFind Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No primary av scanner: Ikarus AntiVirus for Linux Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No primary av scanner: BitDefender Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Found secondary av scanner ClamAV-clamscan at /usr/local/bin/clamscan Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No secondary av scanner: FRISK F-Prot Antivirus Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No secondary av scanner: Trend Micro FileScanner Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No secondary av scanner: drweb - DrWeb Antivirus Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: No secondary av scanner: KasperskyLab kavscanner Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Creating db in /opt/zimbra/amavisd/db/; BerkeleyDB 0.26, libdb 4.3 Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: SpamControl: initializing Mail::SpamAssassin Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: SpamControl: done Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Net::Server: Beginning prefork (5 processes) Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Net::Server: Starting "5" children Nov 16 18:57:33 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31242]: Net::Server: Child Preforked (31242) Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31242]: TIMING [total 19 ms] - bdb-open: 19 (100%)100, rundown: 0 (0%)100 Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31243]: Net::Server: Child Preforked (31243)\ Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31243]: TIMING [total 10 ms] - bdb-open: 10 (100%)100, rundown: 0 (0%)100 Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31244]: Net::Server: Child Preforked (31244) Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31244]: TIMING [total 10 ms] - bdb-open: 10 (100%)100, rundown: 0 (0%)100 Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31245]: Net::Server: Child Preforked (31245) Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31245]: TIMING [total 9 ms] - bdb-open: 9 (100%)100, rundown: 0 (0%)100 Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31246]: Net::Server: Child Preforked (31246) Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31241]: Net::Server: Parent ready for children. Nov 16 18:57:34 bldmail01 /opt/zimbra/amavisd/sbin/amavisd[31246]: TIMING [total 12 ms] - bdb-open: 12 (100%)100, rundown: 0 (0%)100
That should get you to where both DSPAM and SpamAssassin check for spams.
Later once DSPAM's own database has been built up, I suggest that you add the following lines to one of SpamAssassin's rule files (salocal.cf?) to filter out mail that DSPAM thinks is bogus:
header DSPAM_SPAM X-DSPAM-Result =~ /^Spam$/ describe DSPAM_SPAM DSPAM claims it is spam score DSPAM_SPAM 0.5 header DSPAM_HAM X-DSPAM-Result =~ /^Innocent$/ describe DSPAM_HAM DSPAM claims it is ham score DSPAM_HAM -0.1
Anyways, what I write here is my own, with the exceptions that I lifted off of the amavis-new list, esp this message: [url]http://sourceforge.net/mailarchive/message.php?msg_id=11025890[/url]
This works for me so far, filtering seems to work, and seems to be effective. I will post about training as soon as I have finished up doing it.