Chinaunix首页 | 论坛 | 博客

linux学习

首页 |  博文目录 |  关于我

zhanghui8059

  • 博客访问: 236442
  • 博文数量: 59
  • 博客积分: 2016
  • 博客等级: 大尉
  • 技术积分: 660
  • 用 户 组: 普通用户
  • 注册时间: 2008-08-04 17:30
文章分类

全部博文(59)

文章存档

2013年(1)

2011年(2)

2010年(7)

2009年(30)

2008年(19)

我的朋友
最近访客
推荐博文
相关博文
maildrop调用DSPAM

分类: LINUX

2008-08-06 10:34:26

Invoking DSPAM from Maildrop

Using maildrop, you have per-user control over:

  • Whether or not to use dspam at all.

  • Whether to use other filtering mechanisms before or after dspam.

  • Whether to mark spam by tagging the subject line any way you choose.

  • Whether to automatically delete spam.

  • Whether to automatically filter spam into a separate email folder (ideal for webmail or IMAP users).

  • Whether to redirect all spam to a different E-mail address.

  • Conditions on when dspam is run. For example, you could call dspam to process the message only if spamassassin did not first tag it as spam (trains dspam automatically).

  • Conditions on when other mechanisms are used to additionally process a message. For example, you might want to filter all non-spam through clamav to ensure it is virus-free. You could also run clamav first, and delete any virus mails before spam filtering. Two different approaches to reducing overall resource utilization by reducing the number of steps that are used to eliminate unwanted mail.

  • Whether to further filter E-mail into different folders for the user. You could give them a web interface to create/modify/delete their email filters.

Major advantages of this approach include

  • No in-message signature required.

  • User training is not required.

  • You can make all of your users happy, even the crazy ones.

  • This will work on any platform dspam will run on.

  • One configuration file.

Step One: Compile/Install Maildrop

This will vary greatly by platform and package management system, so figure it out for your own setup if it's not listed here. Please add yours if it is not shown: 

Linux - Gentoo:  emerge maildrop  # (no USE flags are required)

Step Two: Configure your MTA to deliver via Maildrop

This topic will not be covered here, as this howto aims to be free of ties to a specific MTA as it should be suitable for any. The author uses Qmail 1.03-r15 and VPopMail 5.4.6-r1 as provided by Gentoo Linux, and plans to publish a guide for that setup. You may choose to enable maildrop globally (saves administration time), or only for accounts you configure.

Step Three: Set up your mail filter

Create/edit a file named .mailfilter in whichever location is appropriate for your setup. The author uses /var/vpopmail/domains/$domain/$username/.mailfilter. This file may be configured globally or per-user.

The file should contain at the very least the following single line:

File: .mailfilter: 

to .maildir/

...or whatever path is appropriate for your system. You may use either mbox or maildir stores: append a trailing slash for a maildir, and leave off for an mbox file.

The above hardly gives any reason for using maildrop, though, and dspam is not yet called. You'll probably want at least the following mailfilter (username@domain.com should match the user you're setting this up for):

File: .mailfilter: 

xfilter "/usr/bin/dspam --user username@domain.com --stdout --deliver=innocent,spam"
# If it's spam, we'll delete it.
if (/^X-DSPAM-Result: Spam.*$/)
{
        to "/dev/null"
}
to ".maildir/"

NOTE: Please ensure that the user maildrop runs as has permission to run dspam as any user if you use virtual domains! For me, this meant adding "Trust vpopmail" to dspam.conf.

The maildrop filter file man page (man maildropfilter) is very good. Please read it for a more thorough explanation of what the available commands are.

Please feel free to E-mail me at if you have any questions. SomeLinuxGuy on AIM or Yahoo, 194523 on ICQ.

Example Setups follow - please add your own

Along with the man page, these examples should be enough to get you started. When you have a working setup, please post your results and configuration below!

Example 1: DSpam trained by SpamAssassin, plus antivirus filtering, user training by moving messages into special folder only

I wanted to use dspam as the main spam fighting tool for stuff that gets past RBL checks (which I do at the SMTP level). I further wanted to use spamassassin to catch anything dspam missed, especially during the initial training period or for lazy users. It occured to me that I could use these messages identified as spam to train dspam automatically. I also wanted antivirus filtering, and for the sake of efficiency, I wanted the mailfilter configured so that no more checks than necessary are ever run - as soon as the message is known as a spam/virus, processing ends. Thus SpamAssassin is only used as a final check on mail known to be virus-free which dspam believes to be innocent. I turned off all the network checks and bayesian functionality in spamassassin, and configured it to attach the Spam-Level header I'm filtering by.

I also really hate dspam setups which require forwarding messages around, using some screwy CGI to manage quarantined messages, sticking signatures in message bodies, spamassassin-marked subject lines, and other evil stuff. I'm happy enough getting my users competant enough to use "E-Mail", without going for "Uber-l33t hacked-up Spam Filtration MegaSystem". I believe that A> E-mail should remain as unmangled as possible (extra headers are okay) and B> spam filtering must be transparent and not require extra user interfaces. Thus, the user "trains" the system simply by dragging spam messages into their Spam folder, and false positives into Spam/Not Spam. BASH and cron do the rest. Your users will have to use IMAP for this to work. Outlook Express, Thunderbird, KMail, and Apple Mail are all great IMAP clients. Squirrelmail makes a great web-based counterpart.

File: dspam-antispam: 

DEST=".maildir"
# If it's a virus, we delete it without further processing.
if (`/usr/bin/clamdscan --no-summary --stdout - | grep -c 'FOUND'` == 1)
{
        to "/dev/null"
}
xfilter "/usr/bin/dspam --user username@domain.com --stdout --deliver=innocent,spam"
# If it's spam, we'll filter it.
if (/^X-DSPAM-Result: Spam.*$/)
{
        to "$DEST/.Spam.Filtered/"
}
xfilter "/usr/bin/spamc"
# SpamAssassin-tagged spam goes into Spam folder so DSpam picks it up for learning (script runs every 5 minutes from cron):
if (/^X-Spam-Level: \*\*\*\*\*.*$/)
{
        to "$DEST/.Spam/"
}
to "$DEST/"

And the accompanying BASH script which should be called from cron (crontab -e) once every 5 minutes with the following entry in the crontab: 

*/5 * * * * dspam-antispam_update

Place the file anywhere within your path, or specify any directory in the crontab.

File: dspam-antispam_update: 

#!/bin/sh
(c) 2005 Casey Allen Shobe 
Released under BSD license.  See 

# Bail if already running (in case we are slammed with spam to train from):
processes=$(ps ax)
if [ `echo "${processes}" | grep dspam-antispam_update | wc -l` -gt 1 ]; then
        echo "ERROR: dspam_antispam_update is already running!"
        exit 1
fi

# Subscripts (these should be in your path, otherwise specify the directory here:
cutscript=dspam-antispam_update-cut
filterscript=dspam-antispam_update-filter

vmailroot=/var/vpopmail/domains
for domain in `find "${vmailroot}" -type d -maxdepth 1 -mindepth 1 | cut -d '/' -f 5 | sort`; do
  if [ `find "${vmailroot}/${domain}/" -type d -name ".Spam" | wc -l` -gt 0 ]; then
    echo ${domain}
    for user in `find "${vmailroot}/${domain}/" -type d -maxdepth 1 -mindepth 1 | cut -d '/' -f 6 | sort`; do
      maildir="${vmailroot}/${domain}/${user}/.maildir"
      if [ `find "${vmailroot}/${domain}/${user}/" -type d -name ".Spam" | wc -l` -gt 0 ]; then
        echo " - ${user}@${domain}"
        for dir in {cur,new}; do  # because SA delivers to new
          if [ -d "${maildir}/.Spam/${dir}/" ]; then
            find "${maildir}/.Spam/${dir}/" -type f \
                 -exec ${cutscript} {} Spam \; \
                 -exec ${filterscript} "${user}@${domain}" spam error {} \; \
                 -exec mv {} "${maildir}/.Spam.Filtered/cur/" \;
          fi
        done
        if [ -d "${maildir}/.Spam.Not Spam/cur" ]; then
          find "${maildir}/.Spam.Not Spam/cur/" -type f \
               -exec ${cutscript} {} Non-Spam \; \
               -exec ${filterscript} "${user}@${domain}" innocent error {} \; \
               -exec mv {} "${maildir}/cur/" \; #TODO: Should call maildrop? 
        fi
      fi
    done
  fi
done

File: dspam-antispam_update-cut: 

#!/bin/sh
output=`echo "${1}" | cut -d '/' -f 10`
echo "    ${2} - ${output}"

File: dspam-antispam_update-filter: 

#!/bin/sh
cat "${4}" | /usr/bin/dspam --user ${1} --class=${2} --source=${3} --stdout
# Note: this isn't actually piped to stdout without --deliver=spam,innocent

2006-01-07 02:50:36由编辑

阅读(920) | 评论(0) | 转发(0) |
0

上一篇:DSPAM学习笔记

下一篇:dspam文章

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6