Konstantin Boyandin wrote:
Greetings,
I've installed DPAM 3.8.0 to be called by Exim4. The configure command:
./configure --prefix=/usr/local/dspam-3.8.0 \
--enable-daemon \
--enable-clamav \
--enable-syslog \
--enable-homedir \
--with-dspam-home-owner=exim \
--with-dspam-group=mail \
--with-delivery-agent=/usr/sbin/exim \
--with-quarantine-agent=/usr/sbin/exim
The Exim routers:
dspam_router:
no_verify
check_local_user
condition = "${if and { \
{!def:h_X-Spam-Flag:} \
{!def:h_X-FILTER-DSPAM:} \
{!eq {$received_protocol}{local}} \
{ <= {$message_size}{512k}} \
}\
{1}{0}}"
headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
driver = accept
transport = dspam_spamcheck
dspam_addspam_router:
driver = accept
local_part_prefix = spam-
transport = dspam_addspam
dspam_falsepositive_router:
driver = accept
local_part_prefix = nospam-
transport = dspam_falsepositive
The Exim transports:
dspam_spamcheck:
driver = pipe
command = "/usr/local/dspam-3.8.0/bin/dspam --debug --deliver=innocent,s
pam --user ${lc:$local_part} -f \
'$sender_address' -- %u"
home_directory = "/tmp"
current_directory = "/tmp"
user = exim
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
dspam_addspam:
driver = pipe
command = "/usr/local/dspam-3.8.0/bin/dspam --debug --class=spam --source=er
ror --user \
${lc:$local_part} -f '$sender_address' -- %u"
home_directory = "/tmp"
current_directory = "/tmp"
user = exim
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
dspam_falsepositive:
driver = pipe
command = "/usr/local/dspam-3.8.0/bin/dspam --debug --class=innocent --sourc
e=error \
--deliver=innocent,spam --user ${lc:$local_part}\
-f '$sender_address' -- %u"
home_directory = "/tmp"
current_directory = "/tmp"
user = exim
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
This is what I see in the maillog when a message is sent to :
Apr 2 08:37:25 dev dspam[11734]: Unable to create directory:
/home/user/.dspam: Permission denied
Apr 2 08:37:25 dev dspam[11734]: Unable to open file for reading:
/home/user/.dspam/user.lock: Permission denied
Apr 2 08:37:25 dev dspam[11734]: Unable to attach DSPAM context
Apr 2 08:37:25 dev dspam[11734]: process_message returned error -2.
delivering.
May I ask, what is requried to allow DSPAM to cerate the per-user
.dspam directories and all the required data in them?
Thanks.
All the best,
Konstantin
I think I explained this to you in IRC, but here it goes.
You are using --enable-homedir, which requires that dspam be setuid root
so that it has access to the users home directory.
If you are running dspam as user 'mail' or 'dspam' etc... then dspam
won't have permission to read/write to the users home directory.
In addition by using --enable-homedir you can't use the WebUI (which
isn't required), unless you run the dspam.cgi as root, which is a
security issue.
The alternative would be to omit --enable-homedir, in which case the
opt-in & opt-out data will be stored in
/usr/local/var/dspam/data/username (or $Home/data/username)
If you plan to have multiple domains then use --enable-domain-scale
which places the opt-in & opt-out data in
/usr/local/var/dspam/data/domain.tld/username
All of this information can be found in the README located here:
http://dspam.nuclearelephant.com/text/README-3.6.7.txt
Good Luck.
-Jeff Harris
