On Sep 4, 2007, at 1:38 PM, Charles Steinkuehler wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm looking at ways to integrate dspam into our qmail
infrastructure and
am considering doing site-wide filtering to bounce particularly
'spammy'
spam at SMTP time. I'm currently running qmail with spamassassin
and no
per-user spamassassin configuration tweaks. This lets me bounce mails
with really high spam scores, while passing more questionable mail
through to the user.
OK.
I'd like to have dspam run at smtp time with 'generic' user settings.
Individual settings could be pulled in at local-delivery time, once
address aliases and forwarding has been dealt with. This probably
means
dspam would scan delivered messages twice, but that doesn't worry
me too
much (the amount of real mail is pretty insignificant compared to the
amount of spam we receive, so scanning ham mail multiple times isn't a
serious load issue).
You could start dspam like this form daemontools:
cat /service/dspam/run-
#!/bin/bash
exec setuidgid dspam /usr/local/bin/dspam --daemon 2>&1
We use individual setting via mysql preferences.
We also use qmail-qfilter, using qmail-qfilter write a small dspam.sh
script and call dspamc with the user.
This will scan an email one time for each user.
In
ex:
/usr/local/bin/dspamc --client --user $QMAILRCPTS --deliver=innocent
--mail-from="[EMAIL PROTECTED]" < ${tmpFile}
Then you can check the return code of dspamc, (with Broken
returnCodes in dspam.conf), you can exit the script depending on the
return code.
From here it gets a little tricky.
If you are scanning per user, you need to deliver a different message
to each user. ( or block the message for some users )
You have 2 options;
1) Let dspam handle the delivery.
Which also has 2 options:
a) Inject the message with qmail-inject (in dspam.conf set
TrustedDeliveryAgent "/var/qmail/bin/qmail-inject")
b) SMTP delivery ( set DeliveryHost in dspam.conf )
I think option b is better, since qmail-inject is not really meant
to be used in such a way.
Qmail-inject will parse an email and try to correct errors, and
since many MUA's produce emails that are not RFC compliant, qmail-
inject could possibly reject an email because it cannot parse it. Or
could could make changes to a message that would be unacceptable.
2) If you want to run it with generic setting, you can just replace
QMAILRCPTS with a generic name. All emails will be scanned as that
user and you can just continue with the qmail-qfilter pipeline, since
you will be sending the same message to all users.
This way dspam will run in the SMTP pipeline, and you don't need to
run messages through dspam twice.
I'm thinking about having spamd run at smtp time using a 'global' user
combined amd making all users members of an innoculate group, but
am not
sure if this will do what I'm after.
Is anyone doing anything similar, and if so, how do you have dspam
configured?
- --
Charles Steinkuehler
[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG3bQlenk4xp+mH40RAnt7AKDoWZGRsvnExJbGu14yuzeTsx0jpgCfcLDW
j2Iy57vn6pJsIORgKcDCbEs=
=fyCy
-----END PGP SIGNATURE-----
