Re: [Dovecot] Dovecot-antispam does not work
Hi all, just to say that finally the patch of Marcin worked great. Just my configuration is different from yours to get it work: antispam_signature = X-DSPAM-Signature antispam_trash = trash;Trash;Deleted Items antispam_spam = SPAM;Junk antispam_dspam_binary = /usr/bin/dspam antispam_dspam_args = --client;--source=error;--user;%u antispam_mail_tmpdir = /tmp The difference here is in the syntax. You write "--user=somemail" though in the manual, it is written "--user somemail". But also you were proposing 2 lines "antispam_dspam_args" though in all my tests, when I was doing such a thing, the second line seemed to override the first (in the launch logs, only the second line was displayed, so I guess...). Are you sure that it works exactly the way you intend to, Marcin? And that the "--source=error" (your first line) is indeed added as a parameter to the call of dspam? For the patch to the dovecot-antispam, probably it should not be integrated "as is", but I guess that the return code of call_dspam function must probably be checked and fixed if the call can succeed but still give a failure return code. I set Johannes as a main recipient, maybe you will see this email. Bye and thanks all. Jehan On Wed, Feb 4, 2009 at 12:45 PM, Jehan Pagès wrote: > Hi, > > On Wed, Feb 4, 2009 at 12:40 PM, Marcin Rzepecki > wrote: > >> Wed, Feb 04, 2009 at 12:12:44PM +0100, Jehan Pag?s wrote: >> > I saw this piece of code and did the same as you in my change of course. >> > Unfortunately, it didn't work (no logged "marked as SPAM", nor change in >> my >> > stats. I have dovecot 1.1.7-r1 though, so it is probably the reason. >> >> Logging '...markes as SPAM..' lines to syslog is my idea, I can send some >> dspam patches, to make it work. It's usefull for me. > > > Ok. Anyway the stats don't change... > > >> >> Are you using mbox or maildir? If you are using mbox, try to upgrade to >> Dovecot >=1.1.8 - it contains several mbox bug fixes (e.g 'Next message >> unexpectedly lost') which are needed to make antispam plugin work. > > > No maildir... > I am doing some stuffs about another way to interact dspam/dovecot/postfix > and will go back to this issue soon. > > Jehan >
[Dovecot] Hi all,
Hi all,
as I told earlier, I am installing an email server with
postfix/dovecot/dspam (for now that's all, though some programs may come
later). For now, what works good enough is that I receive mails and spams
are tagged. Dovecot version 1.1.7-r1 compiled from the gentoo depository
with debug.
The path of a mail is
1/ to be passed to dspam by postfix as a virtual transport with this in
master.cf:
dspam unix- n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/dspam --client
--deliver=innocent,spam --user ${recipient}
and this in main.cf:
virtual_transport = dspam
2/ Then in dspam.conf, I have:
TrustedDeliveryAgent "/usr/libexec/dovecot/deliver -d %u"
UntrustedDeliveryAgent "/usr/libexec/dovecot/deliver -d %u"
QuarantineAgent "/usr/libexec/dovecot/deliver -d %u -m Junk"
Now dspam is tagging a lot of my spams, with [SPAM] on the subject and in
the header stuffs like this:
X-DSPAM-Result: Spam
X-DSPAM-Processed: Thu Feb 5 23:49:02 2009
X-DSPAM-Confidence: 0.5232
X-DSPAM-Probability: 0.9869
X-DSPAM-Signature: 498b6cde61901804284693
X-DSPAM-Factors: 27,
Subject*watch, 0.99000,
a+loved, 0.99000,
Subject*for+all, 0.99000,
...
...
But I wanted spam to go in my Junk folder (using maildir, this is the
directory .maildir/.Junk for my configuration. Hence the above
configuration of QuarantineAgent.
But it doesn't work as my emails are still deliverd to INBOX. How
could I check that dovecot deliver is taking into account the option
"-m Junk"?
Or maybe I don't use it well? (I tried also "-m .Junk" as it it the
name of the directory but it is the same)
Note also that I use maildir format, so maybe this option works only
with mailbox?
The doc says: -m : Destination mailbox (default is INBOX).
In my dovecot.conf, I have:
protocol lda {
hostname = mydomain.tld
log_path = /home/vmail/dovecot-deliver.log
info_log_path = /home/vmail/dovecot-deliver.log
auth_socket_path = /var/run/dovecot/auth-master
}
And when a deliver occures, that's all I have in dovecot-deliver.log:
deliver(recipi...@mydomain.tld): Feb 06 00:59:47 Info: auth input:
recipi...@mydomain.tld
deliver(recipi...@mydomain.tld): Feb 06 00:59:47 Info: auth input:
home=/home/vmail/mydomain.tld/recipient/
deliver(recipi...@mydomain.tld): Feb 06 00:59:47 Info: auth input: uid=1004
deliver(recipi...@mydomain.tld): Feb 06 00:59:47 Info: auth input: gid=1004
deliver(recipi...@mydomain.tld): Feb 06 00:59:47 Info: maildir:
data=/home/vmail/mydomain.tld/recipient/.maildir
deliver(recipi...@mydomain.tld): Feb 06 00:59:47 Info: maildir++:
root=/home/vmail/mydomain.tld/recipient/.maildir, index=, control=,
inbox=
=/home/vmail/mydomain.tld/recipient/.maildir
deliver(recipi...@mydomain.tld): Feb 06 00:59:47 Warning: Growing pool
'Cache fields' with: 2048
deliver(recipi...@mydomain.tld): Feb 06 00:59:47 Info:
msgid=<000d01c987ed$879c82f0$6400a...@biancauj3>: saved mail to INBOX
Is there a way to check the options set on parameters in the logs, so
that I check that dspam runs indeed QuarantineAgent? Or would you have
other solution/hints?
Someone on the dspam ml told me that maildrop or sieve are more flexible.
So I explain here that my "reason" was simply that I thought it would
be better not to install another software/component to remain simple.
Moreover with the "-m" option, dovecot-deliver seemed to do just what
I needed (I don't need much more complicated). But maybe I am wrong or
it is really better not to
use dovecot-deliver. If so, just tell me.
Thanks.
Jehan
Re: [Dovecot] Deferred emails on alias emails
Hi, On Thu, Feb 5, 2009 at 9:33 PM, Charles Marcus wrote: > Um.. did you or did you not say: > > "In my case, most of these messages were forwarded to the gmail servers, > and as there were many spams unfortunately in these emails forwarded > (and it's not my server's purpose to remove the spams when forwarding)," > > Did you mis-speak? > > "... as there were many spams..." means that your server DID forward > 'many spams' - and you even said it got your server temporarily > blacklisted... Yes but the issue was only this one time because I sent in one single row several days of emails on an account which exists for years and years (so unfortunately my friend has now many spams in several days, as well as many real excepted emails, just as I) because they were blocked before on my misconfigured new email server. That's not going to happen every day that I will suddenly forward all the emails of several days for my friend. > Its your server, do what you want... just don't be surprised when people > respond accordingly. Thanks for the concern, but don't worry, I take all the necessary actions. I just don't trust spam systems because they are not reliable, except for finale destination when they can be checked (that's why I install dspam for locale users using IMAP), that's all. But I am looking for other more reliable methods (cf. for instance the whitelister program...). Regards, Jehan
Re: [Dovecot] Deferred emails on alias emails
Hi, On Thu, Feb 5, 2009 at 7:37 PM, Scott Silva wrote: > But if you relay any spam and get blacklisted for it, you will be the one > that > suffers. The blacklists don't care what your point of view is or if you > generated the spam or just relayed it. > > Then everyone on your server will suffer for the actions of another. > > That is why ISP's try and block as much spam as they can. > > Society is full of entities that decide what is good for you or not. > Yes that's true and for many of them, I really don't agree that it is "the way to do". In some dictatorial country, they would say that sending an email criticizing your governement is bas (is it spam?! Maybe for these governments), and then you would go to jail. This is not because "things are this way" that they are the right way. > > The Government decides that driving too fast is dangerous, so they set > speed > limits. > > Someone might get some tainted food from a manufacturer, and they are > stopped > from shipping anymore goods until it can be determined what happened. > > Drinking and driving is dangerous to others, so you are not allowed to do > it. > > Spam is a bane to the normal flow of e-mail, and is considered by some as > theft of service since you are stealing someone elses paid for bandwidth to > send the junk to people that don't want it anyway. > Really, I try, but I cannot see the parallel between just forwarding messages (as I was asked to when setting this alias!) and getting other people's live in danger. > > > I stop a lot of spam before it ever enters or leaves my servers. It is just > good practice, no matter how Libertarian my users might be. > > Your servers are yours, and if someone wants to use your server to relay > mail, > they should have to also follow good practice. If your server sends me > junk, > it will get blacklisted. I will not look at the messages and see if they > came > from someone else, and most other systems won't either. You forward it, you > are considered just as guilty. > I won't forward spam to you, I already told you. This is just an email alias for a friend. It is just a email translation for a single external email which has been explicitely asked. My smtp server is not an open relay for any organized spammer who would like to forwards hundreds of spams to the world... Nobody can use my server for spamming the world, so neither your server. > If your friend robs a bank, and you are "just driving the car" you still go > to > jail with him, don't you? The police won't let you go because it isn't > "your > problem". > No because you participate actively to the robbery. But let's just say that you are a taxi that passes by and you don't know that the guy is a robber and has a bank's money in his bag because you are not here to investigate on all your customers nor to look in their bag. As long as the guy don't ask you to drive fast over speed limitation or to try to flee the cops, then you have no reason to be suspicious, do you? Then you just drive your customer and leaves him his intimacy. If ever the cops ask to stop your car (then the taximan just stops), you should not be sent to jail. And really you should have nothing to be blamed for in such situation. You provide a service: getting people from one place to another, and you just do it when you are asked to. The reason of this all is that this is not your job to spy on anyone, trying to guess if they do bad things, or whatever. This is among the worse that could happen in a society and results in a society of denunciation, where you cannot trust anyone (not even your family or friends), where everyone spies each other, etc. Of course all of this change if you are sure that the guy is a robber (for instance, you saw him rob the bank with his gun for instance). Then you would not drive him (but not because this is the law for my own, but just because it is bad) of course. That's the same for spam. If ever you are sure, of course, don't send. Still as I say again and again: the problem is to be sure! If you have even a slight uncertaincy, then what should you do? Refuse him the lift? Maybe he was running because his wife is going to have her baby and he needs to go back fast. Or he is going to miss his fly or his job meeting... You don't know and that's not because you think this guy "look strange" for instance that you should refuse him in your car. This leads also to bad behavior (if one can accept this, then one can accept to refuse people on "liking their face or not"...). > > Rant over! > > Anyway I have the impression that we may never agree... I don't know if we should continue this discussion on this list. ;-) Jehan
Re: [Dovecot] Deferred emails on alias emails
Hi, On Thu, Feb 5, 2009 at 3:14 PM, Charles Marcus wrote: > Not sure what net neutrality has to do with this... unless you are > syaing you are operating an ISP service? > As for I, net neutrality is not about ISP only, but also for service providers (even if not professional like I, just for the fun). Being a neutral service means not trying to control data. Hence providing email service implies that I must do my possible so that the user receives all one's data. Spam is not data, only annoyance, so if I can remove it safely, it is OK. But expected emails are data, and if there is a risk to lose it (which is still better than "using" it, for instance for commercial use, or said "security", but still is bad), then it is not neutral. It is becoming a "judge" on my users' data (deciding alone what is good or not... and maybe making mistakes). This is my opinion at least. > Even for ISPs, there are a number of ways to dramatically reduce spam > with pretty much zero false positives... > I read some documents about such methodology and was planning to probably implement whitelister ( http://blog.madism.org/index.php/2006/03/25/79-debianorg-and-spam The concept looks interesting because it is not just a stupid email blocker as using RBL which can blocks a lot of real email. Just have a look to bad email provider as hotmail or Yahoo! on which I met many people having issues of unreceived emails. These are what I call pretty unneutral service which decides that such or that small server is probably bad, without knowing it) on my server... But first I need to have my server fully functional, and currently I am first fighting with dspam. I make stuffs in the right order and whitelister (or other systems) is the next step. ;-) > ASSP (and now ASSPS) is a great tool... > > http://apps.sourceforge.net/mediawiki/assp/ > I will have a look at this, thanks. Just the website on such a complicated topic does not say much about the methodology. :-) > Forwarding OBVIOUS spam is simply passing on what should be your problem > to others. > I am right when you are 100% sure, once again. In any other cases, it is a question of point of view as I said. Many users (I included) would consider that it is not the service provider issue to decide what is good or bad for me. Regards, Jehan
Re: [Dovecot] Deferred emails on alias emails
Hi, I don't agree. If antispam systems were really 100% sure to never have any false positive, I would agree (having false negative is less an issue). But we all know that such system does not exist yet (and probably never will IMHO, even though efficiency may increase to close to 100%, as it is still humans behind emails, we will never be able to trust fully a machine to class them). For such reason, I cannot do such a thing as blocking spams for users (I could tag them, but not block them) without giving possibility to check the blocked email. As it is an alias, then it is more difficult to manage (you can provide such system to local users, but when someone makes a redirection from one of his emails to another, this is usually to deal all of one's emails with the finale account). I don't think any email provider does "just block" spams. For what happened here, the issue was that I have had an issue of the emails for aliases which were blocked in my spool for days. Then I managed to deblock them, but they have been all sent on the row (so this looked suspicious by the gmail server, which is normal). And as for many accounts, they receive a lot of spam (I receive a hundred everyday myself because of the age of my address). On normal use, they are simply received slowly during the day. That's unfortunate, but I cannot do what you say for these reasons. This is somehow a question of network neutrality ( http://dig.csail.mit.edu/breadcrumbs/node/144 ). But don't make me tell what I don't: I would love to be able to block spam and if a secure antispam system appears, then I would use it. I don't argue that spam is potentially interesting and that we should allow it for people loving it (who?!) of course; the neutrality is only lost when the antispam fails and caught non-spam as well, because it is then a regulation system which controls people's personal data and would improve net experience of many at the price of data loss for others. As a conclusion: email hosting is not my business, I am a developper, not an admin, and this server is only for my personal use and of a few friends... (you guess I wouldn't have such issue if it was a professional server). So there will never be tons of spam redirected to other servers (and only one guy in my server has such a redirection anyway, moreover my smtp servers is not accepting email relaying from unknown users). Regards, Jehan On Thu, Feb 5, 2009 at 12:47 PM, Charles Marcus wrote: > On 2/5/2009, Jehan Pagès (jehan.marmott...@gmail.com) wrote: > > and as there were many spams unfortunately in these emails forwarded > > (and it's not my server's purpose to remove the spams when > > forwarding), all requeued and sent in the following minutes, I saw in > > my logs that gmail has temporarily blocked my server with a human > > readable message from Google in my logs. Bye. > > You should make it your servers business to do just that, otherwise you > risk getting blocked (like you said you just did), when your server > blindly forwards a ton of spam to other servers that DO care. > > -- > > Best regards, > > Charles >
Re: [Dovecot] Deferred emails on alias emails
Hi, I finally found my solution so I give it here if ever it interestes anyone. I needed to use "postsuper -r ALL" in order to requeue the whole message list and they were then using the new postfix configuration. Note though that if you have a lot lot of spooled messages, the "ALL" is maybe not a good idea if they are mainly for a single server. In my case, most of these messages were forwarded to the gmail servers, and as there were many spams unfortunately in these emails forwarded (and it's not my server's purpose to remove the spams when forwarding), all requeued and sent in the following minutes, I saw in my logs that gmail has temporarily blocked my server with a human readable message from Google in my logs. Bye. Jehan Anyway now it works. On Wed, Feb 4, 2009 at 1:46 PM, Jehan Pagès wrote: > Hi, > > I am currently making a fresh install of email server. I am having some > issue with dovecot-antispam (cf. other emails), and noticed that I was > having issues on aliases, which apparently where not forwarded to the actual > SMTP server after passing through dspam. Still don't figure why but > temporarily disable the dspam filter, which anyway is not useful in the > current state of this installation. > Now the email to an alias are well forwarded to the real finale server. But > I still have many emails which were deferred in the last days and I cannot > have them decrease. > > # ls -l /var/spool/postfix/defer/* | wc -l > 297 > > If I run "postqueue -f" to flush this all, I can see the number down, but > fastly comes back to 297. Reading the logs, they are passed to dovecot, > which was probably the issue before I disabled dspam. It was trying to > deliver a message after filtering it, but in the case of aliases, of course, > it cannot because the account is not local (so it does not find the account > and defers the email forever)! So it should give it back to postfix so that > this one contacts the aliased server (gmail.com in the example below). > > > Feb 4 13:33:18 ks34186 postfix/lmtp[31100]: 82769869FA: to=< > someem...@gmail.com>, orig to=, > relay=mail.mydomain.tld[/var/run/dspam/dspam.sock] conn use=28, > delay=142296, delays=142277/19/0/0.41, dsn=4.3.0, status=deferred (host > mail.mydomain.tld[/var/run/dspam/dspam.sock] > said: 421 4.3.0 Auto-Whitelisted (in reply to end of > DATA command)) > Feb 4 13:33:18 ks34186 dovecot: auth(default): master in: USER 1 > someem...@gmail.com service=deliver > Feb 4 13:33:18 ks34186 dovecot: auth(default): passwd(someem...@gmail.com): > lookup > Feb 4 13:33:18 ks34186 dovecot: auth(default): passwd(someem...@gmail.com): > unknown user > Feb 4 13:33:18 ks34186 dovecot: auth-worker(default): sql( > someem...@gmail.com): SELECT maildir as home, 1004 as uid, 1004 as gid > FROM mailbox WHERE username = 'someem...@gmail.com' AND active = '1' > Feb 4 13:33:18 ks34186 dovecot: auth-worker(default): sql( > someem...@gmail.com): Unknown user > Feb 4 13:33:18 ks34186 dovecot: auth(default): master out: NOTFOUND1 > > So is there a way please to flush this whole spool so that it now uses the > new method (which is stop using dspam until I figure how to use it) and so > that I can forward these emails to their recipient? > Thanks. > > Jehan > > P.S.: this is maybe more a postfix issue than a dovecot issue though... but > you probably all know well postfix as well. > >
[Dovecot] Deferred emails on alias emails
Hi, I am currently making a fresh install of email server. I am having some issue with dovecot-antispam (cf. other emails), and noticed that I was having issues on aliases, which apparently where not forwarded to the actual SMTP server after passing through dspam. Still don't figure why but temporarily disable the dspam filter, which anyway is not useful in the current state of this installation. Now the email to an alias are well forwarded to the real finale server. But I still have many emails which were deferred in the last days and I cannot have them decrease. # ls -l /var/spool/postfix/defer/* | wc -l 297 If I run "postqueue -f" to flush this all, I can see the number down, but fastly comes back to 297. Reading the logs, they are passed to dovecot, which was probably the issue before I disabled dspam. It was trying to deliver a message after filtering it, but in the case of aliases, of course, it cannot because the account is not local (so it does not find the account and defers the email forever)! So it should give it back to postfix so that this one contacts the aliased server (gmail.com in the example below). Feb 4 13:33:18 ks34186 postfix/lmtp[31100]: 82769869FA: to=< someem...@gmail.com>, orig to=, relay=mail.mydomain.tld[/var/run/dspam/dspam.sock] conn use=28, delay=142296, delays=142277/19/0/0.41, dsn=4.3.0, status=deferred (host mail.mydomain.tld[/var/run/dspam/dspam.sock] said: 421 4.3.0 Auto-Whitelisted (in reply to end of DATA command)) Feb 4 13:33:18 ks34186 dovecot: auth(default): master in: USER 1 someem...@gmail.com service=deliver Feb 4 13:33:18 ks34186 dovecot: auth(default): passwd(someem...@gmail.com): lookup Feb 4 13:33:18 ks34186 dovecot: auth(default): passwd(someem...@gmail.com): unknown user Feb 4 13:33:18 ks34186 dovecot: auth-worker(default): sql( someem...@gmail.com): SELECT maildir as home, 1004 as uid, 1004 as gid FROM mailbox WHERE username = 'someem...@gmail.com' AND active = '1' Feb 4 13:33:18 ks34186 dovecot: auth-worker(default): sql( someem...@gmail.com): Unknown user Feb 4 13:33:18 ks34186 dovecot: auth(default): master out: NOTFOUND1 So is there a way please to flush this whole spool so that it now uses the new method (which is stop using dspam until I figure how to use it) and so that I can forward these emails to their recipient? Thanks. Jehan P.S.: this is maybe more a postfix issue than a dovecot issue though... but you probably all know well postfix as well.
Re: [Dovecot] Dovecot-antispam does not work
Hi, On Wed, Feb 4, 2009 at 12:45 AM, Marcin Rzepecki wrote: > Yes, it checks if dspam was called correctly, but it didn't worked > with dovecot >=1.1 > I've comment out checking call_dspam exit status, but: > --- > + call_dspam(item->sig, item->wanted); >item = item->next; > --- > it calls dspam anyway and it works for me fine. > I've patched dspam a little bit to make it log better, so when I move > message to SPAM folder I'm getting: > > dspam_stats mr: > mrTP: 0 TN: 340 FP:21 FN:33 SC: 0 NC: 4 > > dspam.log: > Feb 3 21:20:31 freebsd dspam[549]: Message from marked > as SPAM (signature=4988a7065441870592463, user=mr, status=Retrained, > time=0.016614s) > and so on. > > dspam_stats mr: > mrTP: 0 TN: 339 FP:21 FN:34 SC: 0 NC: 4 > So, you should see changes. I saw this piece of code and did the same as you in my change of course. Unfortunately, it didn't work (no logged "marked as SPAM", nor change in my stats. I have dovecot 1.1.7-r1 though, so it is probably the reason. > > Me I have: > > Feb 3 22:10:39 ks34186 dovecot: IMAP(jehan at mydomain.tld): antispam: > plugin > > initialising (unknown) > > [...] > > Feb 3 22:10:39 ks34186 dovecot: IMAP(jehan at mydomain.tld): antispam: > dspam > > binary set to /usr/bin/dspam > > Seems to be well configured. Check if messages are going to correct > dspam user. You are using jehan at mydomain.tld as imap user, so dspam user > have to be exactly the same. (i'm using hash driver, so all is in > $DSPAM_HOME/data directory). > Ok I will have a look at this dspam user stuffs. I may have misconfigured some parts... (I forgot to change my real email in my previous message but it looks that the ml's web archive changes it to some non "easily" readable by spam bots...). Thanks. Jehan
Re: [Dovecot] Dovecot-antispam does not work
Hi Marcin and everyone, On Tue, Feb 3, 2009 at 7:08 PM, Marcin Rzepecki wrote: > Tue, Feb 03, 2009 at 06:14:08PM +0100, Jehan Pag?s wrote: > > Hi, > > > > first of all, thanks for the answer. > > "(Un)fortunately", I don't have these error messages. For information, I > am > > using dovecot 1.1.7r1, compiled from the Gentoo package repository and > the > > only enabled debug I set was "mail_debug = yes". > > The file where I see all debug messages is /var/log/messages, which is > the > > one where all messages from dovecot and postfix are stored under Gentoo > > apparently. > > > > I am recompiling the package with "debug" to see if I see any more debug > > messages. I will make more tests and try to understand this all better, > > because currently it is pretty messy in my head as well about how all > this > > work together (postfix, dovecot, dspam, antispam plugin, etc.). I will > keep > > you up to date, but if ever you have any idea, don't hesitate... > > Hi, > > please, don't forget to CC: your replies to dovecot@dovecot.org, maybe > solution would be helpfull for someone else :) > yes sorry for this. I though I was replying to the whole ml. Apparently the ml is not very well configured because a reply does not reply to the whole ml, but to the single sender. I will take care now. > > Errors which I wrote are sent to IMAP client, so are you getting > getting eg. some pop-up window in your client with error message while > trying to move message? I was using the RoundCube web client on my server and had no such message. It was just telling me that it could not move the message. I configured a Thunderbird then and it displayed indeed this message 'Failed to call dspam'. So I made your trick, I compiled myself the dovecot-antispam library and now I can move messages... But are you sure that it is the right method and that the dspam training is indeed called? Because if I read well this piece of code, it looks like it was checking if the dspam training was successful. We commented out this check, so now maybe it fails and we copy the messages anyway to Junk/ even though no training really occurred. And when I check the logs or the dspam_stats, I don't see any change, even though I guess this retraining should be seen as a change in the stats, no? > > Antispam plugin is easy to understand: when you configure antispam_spam > = SPAM it will set SPAM folder as his special folder to observe. When > You get e-mail that was classified incorrect by DSPAM, you can move it > to SPAM folder. Antispam plugin will trigger dspam command to mark this > message as retrained-spam. You can do this of course in reverse order - > moving message _from_ SPAM folder to another will run dspam and mark > message as innocent. Message you are moving must have X-DSPAM-Signature > header (you can check in msg source to see if dspam adds it correctly) > I have the header on every emails. By the way, when one has the item "X-DSPAM-Result: Innocent" in the header, it means the email is not a spam, does'nt it (right now I am focusing on having this plugin working for training purpose, but currently not much is working perfectly as expected in my email spam system)? > > You can provide some info from your log files, i'll try to help. Debug > flag for plugin should effect with some info in debug-logs: > Dec 15 23:54:18 freebsd imap: antispam: plugin initialising (1.1-notgit) > Dec 15 23:54:18 freebsd imap: antispam: no trash folders > Dec 15 23:54:18 freebsd imap: antispam: "SPAM" is spam folder > Dec 15 23:54:18 freebsd imap: antispam: no unsure folders > Dec 15 23:54:18 freebsd imap: antispam: dspam binary set to > /usr/local/bin/dspam > Dec 15 23:54:18 freebsd imap: antispam: dspam extra arg > --user=dump-capability > Dec 15 23:54:18 freebsd imap: antispam: signature header line is > "X-DSPAM-Signature" > Dec 15 23:54:18 freebsd imap: antispam: will silently move mails with > missing signature > [...] > Me I have: Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): antispam: plugin initialising (unknown) Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): antispam: "trash" is trash folder Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): antispam: "Trash" is trash folder Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): antispam: "Deleted Items" is trash folder Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): antispam: "SPAM" is spam folder Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): antispam: "Junk" is spam folder Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): antispam: no unsure folders Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): antispam: dspam binary set to /usr/bin/dspam Feb 3 22:10:39 ks34186 dovecot: IMAP(je...@zemarmot.net): Growing pool 'antispam-pool' with: 2048 > Cheers, > > -- > Marcin Rzepecki > m.rzepecki(at)iem.pw.edu.pl > > Thanks. Jehan
[Dovecot] Dovecot-antispam does not work
Hi,
I have installed dovecot-antispam and configured it this way (as in the doc)
with the dspam exe:
protocol imap {
mail_plugins = antispam
mail_plugin_dir = /usr/lib64/dovecot/imap
}
plugin {
# For dovecot-antispam:
antispam_signature = X-DSPAM-Signature
antispam_trash = trash;Trash;Deleted Items
antispam_spam = SPAM;Junk
#antispam_unsure = unsure
antispam_dspam_binary = /usr/bin/dspam
antispam_dspam_args = --deliver=;--user;%u
antispam_mail_tmpdir = /tmp
}
But it does not work and really I cannot figure it out for two days, because
I can find no log wherever, where it writes it does (or try to do)
something, nor in the dovecot logs, nor in the dspam logs. But I know
something is happening because when I try to move a spam from my inbox to
the Junk folder, it fails with an error telling it could not move the email.
At the opposite, when I deactivate the antispam plugin, I can move normally
the emails.
So what could I do to fix my issue or at least diagnose it (where would I
find logs of what is happening?)?
Thanks.
Jehan
