[Dspam-user] Dspam is not tagging spam mail

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Dspam-user] Dspam is not tagging spam mail

Carlos Alberto M. B.
Hi,

I'm testing a fresh new DSPAM instalation with Postfix, and it seems to be working fine, tagging with X-DSPAM-* the mail header. 
But when I retrain a message, the next similar messages (that would be marked as spam) are not being tagged with X-DSPAM-* and the subject is not changed with the "[SPAM]" at the begining, as it should be.

Can someone give me any idea how to solve that?

Thanks.
Carlos Alberto

PS: the preferences of dspam.conf:
Preference "trainingMode=TEFT"          # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
Preference "spamAction=tag"             # { quarantine | tag | deliver } -> default:quarantine
Preference "spamSubject=[SPAM]"         # { string } -> default:[SPAM]
Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
Preference "enableBNR=on"               # { on | off } -> default:off
Preference "enableWhitelist=on"         # { on | off } -> default:on
Preference "signatureLocation=headers"  # { message | headers } -> default:message
Preference "tagSpam=on"                 # { on | off } 
Preference "tagNonspam=off"             # { on | off }
Preference "showFactors=off"            # { on | off } -> default:off
Preference "optIn=off"                  # { on | off }
Preference "optOut=off"                 # { on | off }
Preference "whitelistThreshold=10"      # { Integer } -> default:10
Preference "makeCorpus=off"             # { on | off } -> default:off
Preference "storeFragments=off"         # { on | off } -> default:off
Preference "localStore="                # { on | off } -> default:username
Preference "processorBias=on"           # { on | off } -> default:on
Preference "fallbackDomain=off"         # { on | off } -> default:off
Preference "trainPristine=off"          # { on | off } -> default:off
Preference "optOutClamAV=off"           # { on | off } -> default:off
Preference "ignoreRBLLookups=off"       # { on | off } -> default:off
Preference "RBLInoculate=off"           # { on | off } -> default:off
Preference "notifications=on"           # { on | off } -> default:off

------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Tom Hendrikx
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 23-05-14 15:34, Carlos Alberto M. B. wrote:
> Hi,
>
> I'm testing a fresh new DSPAM instalation with Postfix, and it
> seems to be working fine, tagging with X-DSPAM-* the mail header.
> But when I retrain a message, the next similar messages (that would
> be marked as spam) are not being tagged with X-DSPAM-* and the
> subject is not changed with the "[SPAM]" at the begining, as it
> should be.

What does your logging say when the next message arrives. At first
sight, this might be a permission problem: you're retraining using the
wrong user account, resulting in files that are no longer
readable/writable due to changed permissions.


>
> Can someone give me any idea how to solve that?
>
> Thanks. Carlos Alberto
>
> PS: the preferences of dspam.conf: Preference "trainingMode=TEFT"
> # { TOE | TUM | TEFT | NOTRAIN } -> default:teft Preference
> "spamAction=tag"             # { quarantine | tag | deliver } ->
> default:quarantine Preference "spamSubject=[SPAM]"         # {
> string } -> default:[SPAM] Preference "statisticalSedation=5"
> # { 0 - 10 } -> default:0 Preference "enableBNR=on"               #
> { on | off } -> default:off Preference "enableWhitelist=on"
> # { on | off } -> default:on Preference "signatureLocation=headers"
> # { message | headers } -> default:message Preference "tagSpam=on"
> # { on | off } Preference "tagNonspam=off"             # { on | off
> } Preference "showFactors=off"            # { on | off } ->
> default:off Preference "optIn=off"                  # { on | off }
> Preference "optOut=off"                 # { on | off } Preference
> "whitelistThreshold=10"      # { Integer } -> default:10 Preference
> "makeCorpus=off"             # { on | off } -> default:off
> Preference "storeFragments=off"         # { on | off } ->
> default:off Preference "localStore="                # { on | off }
> -> default:username Preference "processorBias=on"           # { on
> | off } -> default:on Preference "fallbackDomain=off"         # {
> on | off } -> default:off Preference "trainPristine=off"          #
> { on | off } -> default:off Preference "optOutClamAV=off"
> # { on | off } -> default:off Preference "ignoreRBLLookups=off"
> # { on | off } -> default:off Preference "RBLInoculate=off"
> # { on | off } -> default:off Preference "notifications=on"
> # { on | off } -> default:off
>

>
> ------------------------------------------------------------------------------
>
>
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE

> Instantly run your Selenium tests across 300+ browser/OS combos.
> Get unparalleled scalability from the best Selenium testing
> platform available Simple to use. Nothing to install. Get started
> now for free." http://p.sf.net/sfu/SauceLabs
>
>
>
> _______________________________________________ Dspam-user mailing
> list [hidden email]
> https://lists.sourceforge.net/lists/listinfo/dspam-user
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTf55EAAoJEJPfMZ19VO/1G/0QAJmE5cKCh1nDvCowvQgZP4Mm
YwVnV9vZDVgzU5djMOREkZDexARKyMAdPkBcKDydTqEmdkQG+KYXetp84e/Z1Htl
XlfFRRi9SLbwEhDB1WNt11BHVEjbd4YT/pKEGns7+Ywy9zhBnKkVRGCSvl2sI8ZG
oSPY95nPNwSvW806y5fXMD5QoZIsxdP45EnobKFpXXcBYHewp5JvXgsKQ6oDocYs
KpKCb+dLEjrScqmrIEA9HBxRuqn//62hlx7G8Cjqm0ZmRH3SfUxE1MWNLIxRruOv
gTNCcVOdr7JeRQDUZ2jdYQtBB5OMthUuAEP5Maq75Yk95drXDwA4U8Oc43DBQYU7
yT2hXSCVrJprBjCCwmM0+iqzCNFpnJxUb1CbwLjDOTo/xxwHxKyjAwnzV/NbVKp+
jrRefLnKL2o/SePw5eWrdf3jgKn5MfR43281AvuwkCmKBGkPfWcTVQ4qPH+bsT4p
1azrGcJgZgTg2aParuxO4+sUwpDt9XT00EdIGtZdu4z76GzfbF70YhQizPwdg/2+
TNLmM2S62DuKSALChk25AraVi3PdiUEZqD4/M8hRmdiopzNayy9/plN0yh3mfKP5
SdU67g4PAZHIv4nuqkxIyl2vIHEaGcg2u+34HoWWCQFV5nQcHJNpvIOc8S+UgR23
NjOBeV37amXSpKx6bp1P
=1Tiv
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Carlos Alberto M. B.
In reply to this post by Carlos Alberto M. B.
I didn't receive the anwer by e-mail, but I found at https://www.mail-archive.com/dspam-user%40lists.sourceforge.net/msg03875.html that Tom Hendrikx answered my issue saying:
What does your logging say when the next message arrives. At first
sight, this might be a permission problem: you're retraining using the
wrong user account, resulting in files that are no longer
readable/writable due to changed permissions.
I'm running the "dspam --daemon" with the root user. The retraining is also done with root.
One example of the user log (with some info hidden) is below. I sent one test email, retrained and sent it again. The log says it was tagged, but I receive the message without any changes in title and without X-DSPAM-* header tags:
 
1401196416    I    "User X" <user[....]@gma[...].com>    53848f8083415187710707    ❤_Happy_Mother’s_Day_❤_Nixon_watches,_Louis_Ga    Delivered    <CAH+8XR5BtmQ90+KKSRo2wbakf1i+xAfhW[...][hidden email][...].com>

1401196440    M    <None Specified>    53848f8083415187710707    <None Specified>    Retrained   

1401196498    S    "User X" <user[....]@gma[...].com>    53848fd283411296265869    ❤_Happy_Mother’s_Day_❤_Nixon_watches,_Louis_Ga    Tagged    <CAH+8XR6pSQUArrTgb7A0R9LBjr_FhB7KVP3P-vS4X[...][hidden email][...].com>



2014-05-23 10:34 GMT-03:00 Carlos Alberto M. B. <[hidden email]>:
Hi,

I'm testing a fresh new DSPAM instalation with Postfix, and it seems to be working fine, tagging with X-DSPAM-* the mail header. 
But when I retrain a message, the next similar messages (that would be marked as spam) are not being tagged with X-DSPAM-* and the subject is not changed with the "[SPAM]" at the begining, as it should be.

Can someone give me any idea how to solve that?

Thanks.
Carlos Alberto

PS: the preferences of dspam.conf:
Preference "trainingMode=TEFT"          # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
Preference "spamAction=tag"             # { quarantine | tag | deliver } -> default:quarantine
Preference "spamSubject=[SPAM]"         # { string } -> default:[SPAM]
Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
Preference "enableBNR=on"               # { on | off } -> default:off
Preference "enableWhitelist=on"         # { on | off } -> default:on
Preference "signatureLocation=headers"  # { message | headers } -> default:message
Preference "tagSpam=on"                 # { on | off } 
Preference "tagNonspam=off"             # { on | off }
Preference "showFactors=off"            # { on | off } -> default:off
Preference "optIn=off"                  # { on | off }
Preference "optOut=off"                 # { on | off }
Preference "whitelistThreshold=10"      # { Integer } -> default:10
Preference "makeCorpus=off"             # { on | off } -> default:off
Preference "storeFragments=off"         # { on | off } -> default:off
Preference "localStore="                # { on | off } -> default:username
Preference "processorBias=on"           # { on | off } -> default:on
Preference "fallbackDomain=off"         # { on | off } -> default:off
Preference "trainPristine=off"          # { on | off } -> default:off
Preference "optOutClamAV=off"           # { on | off } -> default:off
Preference "ignoreRBLLookups=off"       # { on | off } -> default:off
Preference "RBLInoculate=off"           # { on | off } -> default:off
Preference "notifications=on"           # { on | off } -> default:off


------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Reindl Harald


Am 27.05.2014 20:14, schrieb Carlos Alberto M. B.:
> I'm running the "dspam --daemon" with the root user. The retraining is also done with root

after that any sysadmin stops to read

don't do *anything* as root without a *hard* requirement to do so


------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user

signature.asc (254 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Carlos Alberto M. B.

2014-05-27 15:24 GMT-03:00 Reindl Harald <[hidden email]>:


Am 27.05.2014 20:14, schrieb Carlos Alberto M. B.:
> I'm running the "dspam --daemon" with the root user. The retraining is also done with root

after that any sysadmin stops to read
 
don't do *anything* as root without a *hard* requirement to do so


That's not the point,  Mr. Harald_The_Sysadmin! :)

I'm using root to test it, and avoid any permission issues, since this is a DSPAM new instalation (as I said), in a controlled environment. After everything running ok, I can start using the "dspam" user.
 

------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user



------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Reindl Harald

Am 27.05.2014 21:28, schrieb Carlos Alberto M. B.:

>
> 2014-05-27 15:24 GMT-03:00 Reindl Harald <[hidden email] <mailto:[hidden email]>>:
>
>
>
>     Am 27.05.2014 20:14, schrieb Carlos Alberto M. B.:
>     > I'm running the "dspam --daemon" with the root user. The retraining is also done with root
>
>     after that any sysadmin stops to read
>
>     don't do *anything* as root without a *hard* requirement to do so
>
> That's not the point,  Mr. Harald_The_Sysadmin! :)
>
> I'm using root to test it, and avoid any permission issues, since this is a DSPAM new instalation (as I said), in a
> controlled environment. After everything running ok, I can start using the "dspam" user
no - what you are doing is testing with a most likely untested environment

having full permissions don't say anything, as example set some
file permissions for sshd, sendmail and other sensible servcies
too wide open and they even refuse to start / work


------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user

signature.asc (254 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Troy Ayers
In reply to this post by Carlos Alberto M. B.
A Retrained message has no X-DSPAM-* in the headers?

This would seem to indicate an issue with the method used to retrain.  How do you retrain exactly?  Does dspam-stats change after you retrain?  Sounds like the existing x-spam-* headers are getting stripped out somehow?

Or does the retraining work, but similar or identical emails are not being flagged as spam?  TEFT, If I remember properly, may need more than one training.  If the test emails are otherwise identical, the x-dpsam-probability would change with each retrain.  You could turn on ShowFactors to see more detail in the headers.

In any case, you could turn on verbose logging and see what shows up there.

If I mis-understand something, please clarify.

It sounds like some messages are not being scanned with dspam at all.

-Troy

On 5/23/2014 8:34 AM, Carlos Alberto M. B. wrote:
Hi,

I'm testing a fresh new DSPAM instalation with Postfix, and it seems to be working fine, tagging with X-DSPAM-* the mail header. 
But when I retrain a message, the next similar messages (that would be marked as spam) are not being tagged with X-DSPAM-* and the subject is not changed with the "[SPAM]" at the begining, as it should be.

Can someone give me any idea how to solve that?

Thanks.
Carlos Alberto

PS: the preferences of dspam.conf:
Preference "trainingMode=TEFT"          # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
Preference "spamAction=tag"             # { quarantine | tag | deliver } -> default:quarantine
Preference "spamSubject=[SPAM]"         # { string } -> default:[SPAM]
Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
Preference "enableBNR=on"               # { on | off } -> default:off
Preference "enableWhitelist=on"         # { on | off } -> default:on
Preference "signatureLocation=headers"  # { message | headers } -> default:message
Preference "tagSpam=on"                 # { on | off } 
Preference "tagNonspam=off"             # { on | off }
Preference "showFactors=off"            # { on | off } -> default:off
Preference "optIn=off"                  # { on | off }
Preference "optOut=off"                 # { on | off }
Preference "whitelistThreshold=10"      # { Integer } -> default:10
Preference "makeCorpus=off"             # { on | off } -> default:off
Preference "storeFragments=off"         # { on | off } -> default:off
Preference "localStore="                # { on | off } -> default:username
Preference "processorBias=on"           # { on | off } -> default:on
Preference "fallbackDomain=off"         # { on | off } -> default:off
Preference "trainPristine=off"          # { on | off } -> default:off
Preference "optOutClamAV=off"           # { on | off } -> default:off
Preference "ignoreRBLLookups=off"       # { on | off } -> default:off
Preference "RBLInoculate=off"           # { on | off } -> default:off
Preference "notifications=on"           # { on | off } -> default:off


------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs


_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user


------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Carlos Alberto M. B.


2014-05-27 17:52 GMT-03:00 Troy Ayers <[hidden email]>:
A Retrained message has no X-DSPAM-* in the headers?

To clarify the experiments:
The  message comes with X-DSPAM-* in the headers.
After retrainig it, it still with those headers.
The retraining seems to work, and it is done with the command: /usr/bin/dspam --client --user [hidden email] --class=spam --source=error --signature=53863fd1156344451714589
The retraining is working, since the stats change and it is logged.

Otherwise, the next identical message I sent after a/some retrain is described in logs as "Tagged", as it should be, but it comes without X-DSPAM-* in the headers and without the "[SPAM]" in the Subject of the message.



This would seem to indicate an issue with the method used to retrain.  How do you retrain exactly?  Does dspam-stats change after you retrain?  Sounds like the existing x-spam-* headers are getting stripped out somehow?

Or does the retraining work, but similar or identical emails are not being flagged as spam? 

yes
 
TEFT, If I remember properly, may need more than one training.  If the test emails are otherwise identical, the x-dpsam-probability would change with each retrain.  You could turn on ShowFactors to see more detail in the headers.

the logs show as an email was tagged as spam, but don't tag it as it should be.
 

In any case, you could turn on verbose logging and see what shows up there.

If I mis-understand something, please clarify.

It sounds like some messages are not being scanned with dspam at all.

The messages are being scanned, but somehow, when classified as Spam and "Tagged", nothing is written in the message: No X-DSPAM-* tags, nor the [SPAM] in the title...

Any idea? :/

-Carlos Alberto


-Troy


On 5/23/2014 8:34 AM, Carlos Alberto M. B. wrote:
Hi,

I'm testing a fresh new DSPAM instalation with Postfix, and it seems to be working fine, tagging with X-DSPAM-* the mail header. 
But when I retrain a message, the next similar messages (that would be marked as spam) are not being tagged with X-DSPAM-* and the subject is not changed with the "[SPAM]" at the begining, as it should be.

Can someone give me any idea how to solve that?

Thanks.
Carlos Alberto

PS: the preferences of dspam.conf:
Preference "trainingMode=TEFT"          # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
Preference "spamAction=tag"             # { quarantine | tag | deliver } -> default:quarantine
Preference "spamSubject=[SPAM]"         # { string } -> default:[SPAM]
Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
Preference "enableBNR=on"               # { on | off } -> default:off
Preference "enableWhitelist=on"         # { on | off } -> default:on
Preference "signatureLocation=headers"  # { message | headers } -> default:message
Preference "tagSpam=on"                 # { on | off } 
Preference "tagNonspam=off"             # { on | off }
Preference "showFactors=off"            # { on | off } -> default:off
Preference "optIn=off"                  # { on | off }
Preference "optOut=off"                 # { on | off }
Preference "whitelistThreshold=10"      # { Integer } -> default:10
Preference "makeCorpus=off"             # { on | off } -> default:off
Preference "storeFragments=off"         # { on | off } -> default:off
Preference "localStore="                # { on | off } -> default:username
Preference "processorBias=on"           # { on | off } -> default:on
Preference "fallbackDomain=off"         # { on | off } -> default:off
Preference "trainPristine=off"          # { on | off } -> default:off
Preference "optOutClamAV=off"           # { on | off } -> default:off
Preference "ignoreRBLLookups=off"       # { on | off } -> default:off
Preference "RBLInoculate=off"           # { on | off } -> default:off
Preference "notifications=on"           # { on | off } -> default:off


------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs


_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user


------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user



------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Troy Ayers
I suppose that user prefs could be overriding your dspam.conf preferences, if the corresponding AllowOverride directive allows it. Check that?

Make sure that there is not a second preference for spamAction, spamSubject, or  spamTag specified in dspam.conf

I don't have any other ideas on what could be causing the issue, except for the idea to turn on verbose logging, and looking at that.

-Troy

On 5/28/2014 4:00 PM, Carlos Alberto M. B. wrote:


2014-05-27 17:52 GMT-03:00 Troy Ayers <[hidden email]>:
A Retrained message has no X-DSPAM-* in the headers?

To clarify the experiments:
The  message comes with X-DSPAM-* in the headers.
After retrainig it, it still with those headers.
The retraining seems to work, and it is done with the command: /usr/bin/dspam --client --user [hidden email] --class=spam --source=error --signature=53863fd1156344451714589
The retraining is working, since the stats change and it is logged.

Otherwise, the next identical message I sent after a/some retrain is described in logs as "Tagged", as it should be, but it comes without X-DSPAM-* in the headers and without the "[SPAM]" in the Subject of the message.



This would seem to indicate an issue with the method used to retrain.  How do you retrain exactly?  Does dspam-stats change after you retrain?  Sounds like the existing x-spam-* headers are getting stripped out somehow?

Or does the retraining work, but similar or identical emails are not being flagged as spam? 

yes
 
TEFT, If I remember properly, may need more than one training.  If the test emails are otherwise identical, the x-dpsam-probability would change with each retrain.  You could turn on ShowFactors to see more detail in the headers.

the logs show as an email was tagged as spam, but don't tag it as it should be.
 

In any case, you could turn on verbose logging and see what shows up there.

If I mis-understand something, please clarify.

It sounds like some messages are not being scanned with dspam at all.

The messages are being scanned, but somehow, when classified as Spam and "Tagged", nothing is written in the message: No X-DSPAM-* tags, nor the [SPAM] in the title...

Any idea? :/

-Carlos Alberto


-Troy


On 5/23/2014 8:34 AM, Carlos Alberto M. B. wrote:
Hi,

I'm testing a fresh new DSPAM instalation with Postfix, and it seems to be working fine, tagging with X-DSPAM-* the mail header. 
But when I retrain a message, the next similar messages (that would be marked as spam) are not being tagged with X-DSPAM-* and the subject is not changed with the "[SPAM]" at the begining, as it should be.

Can someone give me any idea how to solve that?

Thanks.
Carlos Alberto

PS: the preferences of dspam.conf:
Preference "trainingMode=TEFT"          # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
Preference "spamAction=tag"             # { quarantine | tag | deliver } -> default:quarantine
Preference "spamSubject=[SPAM]"         # { string } -> default:[SPAM]
Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
Preference "enableBNR=on"               # { on | off } -> default:off
Preference "enableWhitelist=on"         # { on | off } -> default:on
Preference "signatureLocation=headers"  # { message | headers } -> default:message
Preference "tagSpam=on"                 # { on | off } 
Preference "tagNonspam=off"             # { on | off }
Preference "showFactors=off"            # { on | off } -> default:off
Preference "optIn=off"                  # { on | off }
Preference "optOut=off"                 # { on | off }
Preference "whitelistThreshold=10"      # { Integer } -> default:10
Preference "makeCorpus=off"             # { on | off } -> default:off
Preference "storeFragments=off"         # { on | off } -> default:off
Preference "localStore="                # { on | off } -> default:username
Preference "processorBias=on"           # { on | off } -> default:on
Preference "fallbackDomain=off"         # { on | off } -> default:off
Preference "trainPristine=off"          # { on | off } -> default:off
Preference "optOutClamAV=off"           # { on | off } -> default:off
Preference "ignoreRBLLookups=off"       # { on | off } -> default:off
Preference "RBLInoculate=off"           # { on | off } -> default:off
Preference "notifications=on"           # { on | off } -> default:off


------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Carlos Alberto M. B.



2014-05-28 18:17 GMT-03:00 Troy Ayers <[hidden email]>:
I suppose that user prefs could be overriding your dspam.conf preferences, if the corresponding AllowOverride directive allows it. Check that?

No, all AllowOverride directives are commented #
 
Make sure that there is not a second preference for spamAction, spamSubject, or  spamTag specified in dspam.conf
 
No, just one  of each. In fact, I'm using tagSpam=on instead of this spamTag directive.
 
I don't have any other ideas on what could be causing the issue, except for the idea to turn on verbose logging, and looking at that.

Is there a possibility to increase the vebosity in logging, I didn't find a way to do that, unless the --debug mode. Part of the debug log, that really interest is found below. The interesting/hard thing is that it says that "message result: SPAM", says that appends the "X-DSPAM" tags in the message, and send the message successfully, but when the message result is SPAM, the email still getting in my inbox without those X-DSPAM directives, and the [SPAM] in the subjetct... :/

I also sent my dspam.conf below.

Thanks for the help!

22051: [05/29/2014 14:43:16] using Graham factors

22051: [05/29/2014 14:43:16] MISS: Chi-Square

22051: [05/29/2014 14:43:16] Result Confidence: 0.99

22051: [05/29/2014 14:43:16] BNR Decision Concurs

22051: [05/29/2014 14:43:16] match attribute 'ProcessorWordFrequency' with value 'occurrence'

22051: [05/29/2014 14:43:16] find attribute 'ProcessorWordFrequency'

22051: [05/29/2014 14:43:16] -> match: not found attribute 'ProcessorWordFrequency'

22051: [05/29/2014 14:43:16] _pgsql_drv_getpwnam: returning cached name 'carlos.alberto@[hidden-domain]'

22051: [05/29/2014 14:43:16] Control: [10 10] [11 10] Delta: [1 0]

22051: [05/29/2014 14:43:16] total processing time: 0.52775s

22051: [05/29/2014 14:43:16] match attribute 'Notifications' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'Notifications'

22051: [05/29/2014 14:43:16] -> found attribute 'Notifications' with value 'off'

22051: [05/29/2014 14:43:16] -> match: not found attribute 'Notifications' with value 'on'

22051: [05/29/2014 14:43:16] read attribute 'Home'

22051: [05/29/2014 14:43:16] find attribute 'Home'

22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] match attribute 'Notifications' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'Notifications'

22051: [05/29/2014 14:43:16] -> found attribute 'Notifications' with value 'off'

22051: [05/29/2014 14:43:16] -> match: not found attribute 'Notifications' with value 'on'

22051: [05/29/2014 14:43:16] read attribute 'Home'

22051: [05/29/2014 14:43:16] find attribute 'Home'

22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] match attribute 'Notifications' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'Notifications'

22051: [05/29/2014 14:43:16] -> found attribute 'Notifications' with value 'off'

22051: [05/29/2014 14:43:16] -> match: not found attribute 'Notifications' with value 'on'

22051: [05/29/2014 14:43:16] read attribute 'QuarantineWarnSize'

22051: [05/29/2014 14:43:16] find attribute 'QuarantineWarnSize'

22051: [05/29/2014 14:43:16] -> read: not found attribute 'QuarantineWarnSize'

22051: [05/29/2014 14:43:16] read attribute 'Home'

22051: [05/29/2014 14:43:16] find attribute 'Home'

22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] match attribute 'PgSQLUIDInSignature' with value 'on'

22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] match attribute 'PgSQLUIDInSignature' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'PgSQLUIDInSignature'

22051: [05/29/2014 14:43:16] -> match: not found attribute 'PgSQLUIDInSignature'

22051: [05/29/2014 14:43:16] _pgsql_drv_getpwnam: returning cached name 'carlos.alberto@[hidden-domain]'

22051: [05/29/2014 14:43:16] saving signature as 538771b4220512300131016

22051: [05/29/2014 14:43:16] _pgsql_drv_getpwnam: returning cached name 'carlos.alberto@[hidden-domain]'

22051: [05/29/2014 14:43:16] match attribute 'WebStats' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'WebStats'

22051: [05/29/2014 14:43:16] -> found attribute 'WebStats' with value 'off'

22051: [05/29/2014 14:43:16] -> match: not found attribute 'WebStats' with value 'on'

22051: [05/29/2014 14:43:16] libdspam returned probability of 1.000000

22051: [05/29/2014 14:43:16] message result: SPAM

22051: [05/29/2014 14:43:16] match attribute 'SystemLog' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'SystemLog'

22051: [05/29/2014 14:43:16] -> found attribute 'SystemLog' with value 'on'

22051: [05/29/2014 14:43:16] -> matched attribute 'SystemLog' with value 'on'

22051: [05/29/2014 14:43:16] read attribute 'Home'

22051: [05/29/2014 14:43:16] find attribute 'Home'

22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] match attribute 'UserLog' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'UserLog'

22051: [05/29/2014 14:43:16] -> found attribute 'UserLog' with value 'on'

22051: [05/29/2014 14:43:16] -> matched attribute 'UserLog' with value 'on'

22051: [05/29/2014 14:43:16] match attribute 'SystemLog' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'SystemLog'

22051: [05/29/2014 14:43:16] -> found attribute 'SystemLog' with value 'on'

22051: [05/29/2014 14:43:16] -> matched attribute 'SystemLog' with value 'on'

22051: [05/29/2014 14:43:16] read attribute 'Home'

22051: [05/29/2014 14:43:16] find attribute 'Home'

22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] appending header X-DSPAM-Result: Spam

22051: [05/29/2014 14:43:16] appending header X-DSPAM-Processed: Thu May 29 14:43:16 2014

22051: [05/29/2014 14:43:16] appending header X-DSPAM-Confidence: 0.9899

22051: [05/29/2014 14:43:16] match attribute 'ImprobabilityDrive' with value 'on'

22051: [05/29/2014 14:43:16] find attribute 'ImprobabilityDrive'

22051: [05/29/2014 14:43:16] -> match: not found attribute 'ImprobabilityDrive'

22051: [05/29/2014 14:43:16] appending header X-DSPAM-Probability: 1.0000

22051: [05/29/2014 14:43:16] appending header X-DSPAM-Signature: 538771b4220512300131016

22051: [05/29/2014 14:43:16] appending header X-DSPAM-Factors: 15,

330+ida, 0.99000,

id+c9a7de1b44, 0.99000,

de+#+#+#+dicas, 0.99000,

Leia+#+#+tem, 0.99000,

pr%e1tica+#+#+n%e3o, 0.99000,

est%e1+#+#+da, 0.99000,

%85+http, 0.99000,

H%e1+ainda, 0.99000,

u+#+#+#+4a12f3849e, 0.99000,

passagens+pelo, 0.99000,

N%e3o+#+#+#+e, 0.99000,

uma+#+promo%e7%e3o, 0.99000,

para+#+#+#+melhoresdestinos, 0.99000,

10+#+#+#+passada, 0.99000,

05+#+#+#+A, 0.99000

22051: [05/29/2014 14:43:16] read attribute 'TxtDirectory'

22051: [05/29/2014 14:43:16] find attribute 'TxtDirectory'

22051: [05/29/2014 14:43:16] -> read: not found attribute 'TxtDirectory'

22051: [05/29/2014 14:43:16] read attribute 'Home'

22051: [05/29/2014 14:43:16] find attribute 'Home'

22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value '/var/spool/dspam'

22051: [05/29/2014 14:43:16] _pgsql_drv_getpwnam: returning cached name 'carlos.alberto@[hidden-domain]'

22051: [05/29/2014 14:43:16] destroying/freeing configuration

22051: [05/29/2014 14:43:16] match attribute 'Broken' with value 'returnCodes'

22051: [05/29/2014 14:43:16] find attribute 'Broken'

22051: [05/29/2014 14:43:16] -> match: not found attribute 'Broken'

22051: [05/29/2014 14:43:16] delivering message

22051: [05/29/2014 14:43:16] read attribute 'QuarantineMailbox'

22051: [05/29/2014 14:43:16] find attribute 'QuarantineMailbox'

22051: [05/29/2014 14:43:16] -> read: not found attribute 'QuarantineMailbox'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with value 'SMTP'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryIdent'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryIdent'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryIdent' with value 'dspam'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryIdent' with value 'dspam'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryHost'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryHost'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryHost' with value '[hidden-postfix-IP]'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryHost' with value '[hidden-postfix-IP]'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryPort'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryPort'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryPort' with value '10034'

22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryPort' with value '10034'

22051: [05/29/2014 14:43:16] read attribute 'DeliveryPort'

22051: [05/29/2014 14:43:16] find attribute 'DeliveryPort'

22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryPort' with value '10034'

22051: [05/29/2014 14:43:16] SEND: HELO dspam

22051: [05/29/2014 14:43:16] RECV: 250 mx.[hidden-domain]^M

22051: [05/29/2014 14:43:16] SEND: MAIL FROM:<xpidx@[hidden-from-domain]>

22051: [05/29/2014 14:43:16] RECV: 250 2.1.0 Ok^M

22051: [05/29/2014 14:43:16] SEND: RCPT TO:<carlos.alberto@[hidden-domain]>

22051: [05/29/2014 14:43:16] RECV: 250 2.1.5 Ok^M

22051: [05/29/2014 14:43:16] SEND: DATA

22051: [05/29/2014 14:43:16] RECV: 354 End data with <CR><LF>.<CR><LF>^M

22051: [05/29/2014 14:43:16] SEND: ^M

.

22051: [05/29/2014 14:43:16] RECV: 250 2.0.0 Ok: queued as 8E5FC2A064A^M

22051: [05/29/2014 14:43:16] SEND: QUIT

22051: [05/29/2014 14:43:16] RECV: 221 2.0.0 Bye^M

22051: [05/29/2014 14:43:16] DSPAM Instance Shutdown. Exit Code: 0

22051: [05/29/2014 14:43:16] SEND: 250 2.6.0 <carlos.alberto@[hidden-domain]> Message accepted for delivery

22051: [05/29/2014 14:43:16] checking trusted user list for root(0)

22051: [05/29/2014 14:43:16] SRECV: QUIT^M

22051: [05/29/2014 14:43:16] SEND: 221 2.0.0 OK

22051: [05/29/2014 14:43:20] connection id 10 from 200.134.33.2.

22051: [05/29/2014 14:43:20] read attribute 'ServerIdent'

22051: [05/29/2014 14:43:20] find attribute 'ServerIdent'

22051: [05/29/2014 14:43:20] -> found attribute 'ServerIdent' with value 'anti-spam.[hidden-domain]'

22051: [05/29/2014 14:43:20] -> read attribute 'ServerIdent' with value 'anti-spam.[hidden-domain]'

22051: [05/29/2014 14:43:20] read attribute 'ServerMode'

22051: [05/29/2014 14:43:20] find attribute 'ServerMode'

22051: [05/29/2014 14:43:20] -> found attribute 'ServerMode' with value 'standard'

22051: [05/29/2014 14:43:20] -> read attribute 'ServerMode' with value 'standard'

22051: [05/29/2014 14:43:20] read attribute 'ServerMode'

22051: [05/29/2014 14:43:20] find attribute 'ServerMode'

22051: [05/29/2014 14:43:20] -> found attribute 'ServerMode' with value 'standard'

22051: [05/29/2014 14:43:20] -> read attribute 'ServerMode' with value 'standard'

22051: [05/29/2014 14:43:20] read attribute 'ServerMode'

22051: [05/29/2014 14:43:20] find attribute 'ServerMode'

22051: [05/29/2014 14:43:20] -> found attribute 'ServerMode' with value 'standard'

22051: [05/29/2014 14:43:20] -> read attribute 'ServerMode' with value 'standard'

22051: [05/29/2014 14:43:20] SEND: 220 DSPAM LMTP 3.10.2 Ready

22051: [05/29/2014 14:43:20] SRECV: LHLO mx.[hidden-domain]^M

22051: [05/29/2014 14:43:20] SEND: 250-anti-spam.[hidden-domain]

22051: [05/29/2014 14:43:20] SEND: 250-PIPELINING

22051: [05/29/2014 14:43:20] SEND: 250-ENHANCEDSTATUSCODES

22051: [05/29/2014 14:43:20] SEND: 250-8BITMIME

22051: [05/29/2014 14:43:20] SEND: 250 SIZE

22051: [05/29/2014 14:43:20] checking trusted user list for root(0)

22051: [05/29/2014 14:43:20] SRECV: MAIL FROM:<[hidden email]> SIZE=3879 BODY=8BITMIME^M

22051: [05/29/2014 14:43:20] SEND: 250 2.1.0 OK

---------------------------------

## $Id: dspam.conf.in,v 1.103 2011/11/10 00:27:34 tomhendr Exp $
## dspam.conf -- DSPAM configuration file
##

#
# DSPAM Home: Specifies the base directory to be used for DSPAM storage
#
Home /var/spool/dspam

#
# StorageDriver: Specifies the storage driver backend (library) to use.
# You'll only need to set this if you are using dynamic storage driver plugins
# from a binary distribution. The default build statically links the storage
# driver (when only one is specified at configure time), overriding this
# setting, which only comes into play if multiple storage drivers are specified
# at configure time. When using dynamic linking, be sure to include the path
# to the library if necessary, and some systems may use an extension other
# than .so (e.g. OSX uses .dylib).
#
# Options include:
#
#   libmysql_drv.so     libpgsql_drv.so   libsqlite_drv.so
#   libsqlite3_drv.so   libhash_drv.so
#
# IMPORTANT: Switching storage drivers requires more than merely changing
# this option. If you do not wish to lose all of your data, you will need to
# migrate it to the new backend before making this change.
#
StorageDriver /usr/lib/dspam/libpgsql_drv.so

#
# Trusted Delivery Agent: Specifies the local delivery agent DSPAM should call
# when delivering mail as a trusted user. Use %u to specify the user DSPAM is
# processing mail for. It is generally a good idea to allow the MTA to specify
# the pass-through arguments at run-time, but they may also be specified here.
#
# Most operating system defaults:
#TrustedDeliveryAgent "/usr/bin/procmail"       # Linux
#TrustedDeliveryAgent "/usr/bin/mail"           # Solaris
#TrustedDeliveryAgent "/usr/libexec/mail.local" # FreeBSD
#TrustedDeliveryAgent "/usr/bin/procmail"       # Cygwin
#
# Other popular configurations:
#TrustedDeliveryAgent "/usr/cyrus/bin/deliver"    # Cyrus
#TrustedDeliveryAgent "/bin/maildrop"        # Maildrop
#TrustedDeliveryAgent "/usr/local/sbin/exim -oMr spam-scanned" # Exim
#
TrustedDeliveryAgent "/usr/bin/procmail"

#
# Untrusted Delivery Agent: Specifies the local delivery agent and arguments
# DSPAM should use when delivering mail and running in untrusted user mode.
# Because DSPAM will not allow pass-through arguments to be specified to
# untrusted users, all arguments should be specified here. Use %u to specify
# the user DSPAM is processing mail for. This configuration parameter is only
# necessary if you plan on allowing untrusted processing.
#
#UntrustedDeliveryAgent "/usr/bin/procmail -d %u"

#
# SMTP or LMTP Delivery: Alternatively, you may wish to use SMTP or LMTP
# delivery to deliver your message to the mail server instead of using a
# delivery agent. You will need to configure with --enable-daemon to use host
# delivery, however you do not need to operate in daemon mode. Specify an IP
# address or UNIX path to a domain socket below as a host.
#
# If you would like to set up DeliveryHost's on a per-domain basis, use
# the syntax: DeliveryHost.example.org 1.2.3.4
#
DeliveryHost            [hidden-ip]    #original era 127.0.0.1
DeliveryPort        10034           #original era 24
DeliveryIdent        dspam           #original era  localhost
DeliveryProto        SMTP            #original era LMTP

#
# FallbackDomains: If you want to specify certain domains as fallback domains,
# enable this option. For example, you could create a user @example.org, and
# if [hidden email] does not resolve to a known user on the system, the user
# could default to your @example.org user. NOTE: This also requires designating
# fallbackDomain for the domain name;
# e.g. dspam_admin ch pref example.org fallbackDomain on
#
#FallbackDomains on

#
# Quarantine Agent: DSPAM's default behavior is to quarantine all mail it
# thinks is spam. If you wish to override this behavior, you may specify
# a quarantine agent which will be called with all messages DSPAM thinks is
# spam. Use %u to specify the user DSPAM is processing mail for.
#
#QuarantineAgent    "/usr/bin/procmail -d spam"

#
# DSPAM can optionally process "plused users" (addresses in the user+detail
# form) by truncating the username just before the "+", so all internal
# processing occurs for "user", but delivery will be performed for
# "user+detail". This is only useful if the LDA can handle "plused users"
# (for example Cyrus IMAP) and when configured for LMTP delivery above
#
#EnablePlusedDetail    on

#
# Character to use as seperator between user names and address extensions.
# If you change this value then please adjust QuarantineMailbox to use the
# new specified character. The default is '+'.
#
#PlusedCharacter    +

#
# Turn this feature on if you want to force DSPAM to lowercase the "plused
# users" username.
#
#PlusedUserLowercase    on

#
# Quarantine Mailbox: DSPAM's LMTP code can send spam mail using LMTP to a
# "plused" mailbox (such as user+quarantine) leaving quarantine processing
# for retraining or deletion to be performed by the LDA and the mail client.
# "plused" mailboxes are supported by Cyrus IMAP and possibly other LDAs. If
# you don't set/change PlusedCharacter then the mailbox name must have the +
# since the + is the default used character.
#
#QuarantineMailbox    +quarantine

#
# OnFail: What to do if local delivery or quarantine should fail. If set
# to "unlearn", DSPAM will unlearn the message prior to exiting with an
# un successful return code. The default option, "error" will not unlearn
# the message but return the appropriate error code. The unlearn option
# is use-ful on some systems where local delivery failures will cause the
# message to be requeued for delivery, and could result in the message
# being processed multiple times. During a very large failure, however,
# this could cause a significant load increase.
#
OnFail error

#
# Trusted Users: Only the users specified below will be allowed to perform
# administrative functions in DSPAM such as setting the active user and
# accessing tools. All other users attempting to run DSPAM will be restricted;
# their uids will be forced to match the active username and they will not be
# able to specify delivery agent privileges or use tools.
#
Trust root
Trust dspam
Trust apache
Trust mail
Trust mailnull
Trust smmsp
Trust daemon
#Trust nobody
#Trust majordomo

#
# Debugging: Enables debugging for some or all users. IMPORTANT: DSPAM must
# be compiled with debug support in order to use this option. DSPAM should
# never be running in production with debug active unless you are
# troubleshooting problems.
#
# DebugOpt: One or more of: process, classify, spam, fp, inoculation, corpus
#   process     standard message processing
#   classify    message classification using --classify
#   spam        error correction of missed spam
#   fp          error correction of false positives
#   inoculation message inoculations (source=inoculation)
#   corpus      corpusfed messages (source=corpus)
#
#Debug *
Debug carlos.alberto@[local-domain]
#
DebugOpt process spam fp

#
# ClassAlias: Alias a particular class to spam/nonspam. This is useful if
# classifying things other than spam.
#
#ClassAliasSpam badstuff
#ClassAliasNonspam goodstuff

#
# Training Mode: The default training mode to use for all operations, when
# one has not been specified on the commandline or in the user's preferences.
# Acceptable values are:
#     toe     Train on Error (Only)
#     teft    Train Everything (Trains on every message)
#     tum     Train Until Mature (Train only tokens without enough data)
#     notrain Do not train or store signatures (large ISP systems, post-train)
#
TrainingMode teft

#
# TestConditionalTraining: By default, dspam will retrain certain errors
# until the condition is no longer met. This usually accelerates learning.
# Some people argue that this can increase the risk of errors, however.
#
TestConditionalTraining on

#
# Features: Specify features to activate by default; can also be specified
# on the commandline. See the documentation for a list of available features.
# If _any_ features are specified on the commandline, these are ignored.
#
#Feature noise
Feature whitelist

# Training Buffer: The training buffer waters down statistics during training.
# It is designed to prevent false positives, but can also dramatically reduce
# dspam's catch rate during initial training. This can be a number from 0
# (no buffering) to 10 (maximum buffering). If you are paranoid about false
# positives, you should probably enable this option.
#
#Feature tb=5

#
# Algorithms: Specify the statistical algorithms to use, overriding any
# defaults configured in the build. The options are:
#    naive       Naive-Bayesian (All Tokens)
#    graham      Graham-Bayesian ("A Plan for Spam")
#    burton      Burton-Bayesian (SpamProbe)
#    robinson    Robinson's Geometric Mean Test (Obsolete)
#    chi-square  Fisher-Robinson's Chi-Square Algorithm
#
# You may have multiple algorithms active simultaneously, but it is strongly
# recommended that you group Bayesian algorithms with other Bayesian
# algorithms, and any use of Chi-Square remain exclusive.
#
# NOTE: For standard "CRM114" Markovian weighting, use 'naive', or consider
#       using 'burton' for slightly better accuracy
#
# Don't mess with this unless you know what you're doing
#
#Algorithm chi-square
#Algorithm naive
Algorithm graham burton

#
# Tokenizer: Specify the tokenizer to use. The tokenizer is the piece
# responsible for parsing the message into individual tokens. Depending on
# how many resources you are willing to trade off vs. accuracy, you may
# choose to use a less or more detailed tokenizer:
#   word    uniGram (single word) tokenizer
#           Tokenizes message into single individual words/tokens
#           example: "free" and "viagra"
#   chain   biGram (chained tokens) tokenizer (default)
#           Single words + chains adjacent tokens together
#           example: "free" and "viagra" and "free viagra"
#   sbph    Sparse Binary Polynomial Hashing tokenizer
#           Creates sparse token patterns across sliding window of 5-tokens
#           example: "the quick * fox jumped" and "the * * fox jumped"
#   osb     Orthogonal Sparse biGram tokenizer
#           Similar to SBPH, but only uses the biGrams
#           example: "the * * fox" and "the * * * jumped"
#
# In general the reccomendation is to use 'osb' for new installations.
# The default value of 'chain' remains here as not to surprise anyone upgrading
# that has not changed from the default value.
#
Tokenizer osb

#
# PValue: Specify the technique used for calculating Probability Values,
# overriding any defaults configured in the build. These options are:
#    bcr         Bayesian Chain Rule (Graham's Technique - "A Plan for Spam")
#    robinson    Robinson's Technique (used in Chi-Square)
#    markov      Markovian Weighted Technique (for Markovian discrimination)
#
# Unlike the "Algorithms" property, you may only have one of these defined.
# Use of the chi-square algorithm automatically changes this to robinson.
#
# Don't mess with this unless you know what you're doing.
#
#PValue robinson
#PValue markov
PValue bcr

#
# WebStats: Enable this if you are using the CGI, which writes .stats files
#####WebStats on
WebStats off

#
# ImprobabilityDrive: Calculate odds-ratios for ham/spam, and add to
# X-DSPAM-Improbability headers
#
#ImprobabilityDrive on

#
# Preferences: Specify any preferences to set by default, unless otherwise
# overridden by the user (see next section) or a default.prefs file.
# If user or default.prefs are found, the user's preferences will override any
# defaults.
#
Preference "trainingMode=TEFT"        # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
Preference "spamAction=tag"         # { quarantine | tag | deliver } -> default:quarantine
Preference "spamSubject=[SPAM]"        # { string } -> default:[SPAM]
Preference "statisticalSedation=5"    # { 0 - 10 } -> default:0
Preference "enableBNR=on"        # { on | off } -> default:off
Preference "enableWhitelist=on"        # { on | off } -> default:on
Preference "signatureLocation=headers"    # { message | headers } -> default:message
Preference "tagSpam=on"         # { on | off } 
Preference "tagNonspam=off"        # { on | off }
Preference "showFactors=on"        # { on | off } -> default:off
Preference "optIn=off"            # { on | off }
Preference "optOut=off"            # { on | off }
Preference "whitelistThreshold=10"    # { Integer } -> default:10
Preference "makeCorpus=off"        # { on | off } -> default:off
Preference "storeFragments=off"        # { on | off } -> default:off
Preference "localStore="        # { on | off } -> default:username
Preference "processorBias=on"        # { on | off } -> default:on
Preference "fallbackDomain=off"        # { on | off } -> default:off
Preference "trainPristine=off"        # { on | off } -> default:off
Preference "optOutClamAV=off"        # { on | off } -> default:off
Preference "ignoreRBLLookups=off"    # { on | off } -> default:off
Preference "RBLInoculate=off"        # { on | off } -> default:off
Preference "notifications=on"        # { on | off } -> default:off

#
# Overrides: Specifies the user preferences which may override configuration
# and commandline defaults. Any other preferences supplied by an untrusted user
# will be ignored.
#
#AllowOverride enableBNR
#AllowOverride enableWhitelist
#AllowOverride fallbackDomain
#AllowOverride ignoreGroups
#AllowOverride ignoreRBLLookups
#AllowOverride localStore
#AllowOverride makeCorpus
#AllowOverride optIn
#AllowOverride optOut
#AllowOverride optOutClamAV
#AllowOverride processorBias
#AllowOverride RBLInoculate
###AllowOverride showFactors
#AllowOverride signatureLocation
###AllowOverride spamAction
###AllowOverride spamSubject
#AllowOverride statisticalSedation
#AllowOverride storeFragments
###AllowOverride tagNonspam
###AllowOverride tagSpam
#AllowOverride trainPristine
#AllowOverride trainingMode
#AllowOverride whitelistThreshold
#AllowOverride dailyQuarantineSummary
#AllowOverride notifications

# --- MySQL ---

#
# Storage driver settings: Specific to a particular storage driver. Uncomment
# the configuration specific to your installation, if applicable.
#
#MySQLServer        /var/lib/mysql/mysql.sock
#MySQLPort       
#MySQLUser        dspam
#MySQLPass        changeme
#MySQLDb        dspam
#MySQLCompress        true
#MySQLReconnect        true

# If you are using replication for clustering, you can also specify a separate
# server to perform all writes to.
#
#MySQLWriteServer    /var/lib/mysql/mysql.sock
#MySQLWritePort       
#MySQLWriteUser        dspam
#MySQLWritePass        changeme
#MySQLWriteDb        dspam_write
#MySQLCompress        true
#MySQLReconnect        true

# If your replication isn't close to real-time, your retraining might fail if
# the  signature isn't found. One workaround for this is to use the write
# database for all signature reads:
#
#MySQLReadSignaturesFromWriteDb    on

# If you're running DSPAM in client/server (daemon) mode, uncomment the
# setting below to override the default connection cache size (the number
# of connections the server pools between all clients). The connection cache
# represents the maximum number of database connections *available* and should
# be set based on the maximum number of concurrent connections you're likely
# to have. Each connection may be used by only one thread at a time, so all
# other threads _will block_ until another connection becomes available.
#
#MySQLConnectionCache    10

# If you're using vpopmail or some other type of virtual setup and wish to
# change the table dspam uses to perform username/uid lookups, you can over-
# ride it below

#MySQLVirtualTable        dspam_virtual_uids
#MySQLVirtualUIDField        uid
#MySQLVirtualUsernameField    username

# UIDInSignature: MySQL supports the insertion of the user id into the DSPAM
# signature. This allows you to create one single spam or fp alias
# (pointing to some arbitrary user), and the uid in the signature will
# switch to the correct user. Result: you need only one spam alias

#MySQLUIDInSignature    on

# --- PostgreSQL ---

# For PgSQLServer you can Use a TCP/IP address or a socket. If your socket is
# in /var/run/postgresql/.s.PGSQL.5432 specify just the path where the socket
# resits (without .s.PGSQL.5432).

PgSQLServer        127.0.0.1   #/var/run/postgresql/
PgSQLPort        5432        #
PgSQLUser        xyz
PgSQLPass        xyz-hidden
PgSQLDb                  dspam

# If you're running DSPAM in client/server (daemon) mode, uncomment the
# setting below to override the default connection cache size (the number
# of connections the server pools between all clients).
#
PgSQLConnectionCache    6

# UIDInSignature: PgSQL supports the insertion of the user id into the DSPAM
# signature. This allows you to create one single spam or fp alias
# (pointing to some arbitrary user), and the uid in the signature will
# switch to the correct user. Result: you need only one spam alias

#PgSQLUIDInSignature    on

# If you're using vpopmail or some other type of virtual setup and wish to
# change the table dspam uses to perform username/uid lookups, you can over-
# ride it below

#PgSQLVirtualTable        dspam_virtual_uids
#PgSQLVirtualUIDField        uid
#PgSQLVirtualUsernameField    username

# --- SQLite ---

#SQLitePragma        "synchronous = OFF"

# --- Hash ---

#
# HashRecMax: Default number of records to create in the initial segment when
# building hash files. 100,000 yields files 1.6MB in size, but can fill up
# fast, so be sure to increase this (to a million or more) if you're not using
# autoextend.
#
# NOTE: If you're using a heavy-weight tokenizer, such as SBPH, you should be
#       looking for settings in the 'millions' of records.
#
# Primes List:
#  53, 97, 193, 389, 769, 1543, 3079, 6151, 12289, 24593, 49157, 98317, 196613,
#  393241, 786433, 1572869, 3145739, 6291469, 12582917, 25165843, 50331653,
#  100663319, 201326611, 402653189, 805306457, 1610612741, 3221225473,
#  4294967291
#
HashRecMax        98317

#
# HashAutoExtend: Autoextend hash databases when they fill up. This allows
# them to continue to train by adding extents (extensions) to the file. There
# will be a small delay during the growth process, as everything needs to be
# closed and remapped.
#
HashAutoExtend        on

#
# HashMaxExtents: The maximum number of extents that may be created in a single
# hash file. Set this to zero for unlimited
#
HashMaxExtents        0

#
# HashExtentSize: The initial record size for newly created extents. Creating
# this too small could result in many extents being created. Creating this too
# large could result in excessive disk space usage. Typically, a value close
# to half of the HashRecMax size is good.
#
HashExtentSize        49157

#
# HashPctIncrease: Increase the next extent size by n% from the size of the
# last extent. This is useful in accommodating systems where the default
# HashExtentSize can be too small for certain high-volume users, and can also
# help keep seeks nice and speedy and/or prevent too many unnecessary extents
# from being created when using a low HashMaxSeek. The default behavior, when
# HashPctIncrease is not used, is to always use # HashExtentSize with no
# increase.
#
HashPctIncrease        10

#
# HashMaxSeek: The maximum number of record seeks when inserting a new record
# before failing or adding a new extent. This ultimately translates into the
# max # of acceptable seeks per segment. Setting this too high will exhaustively
# scan each segment and hurt performance. Typically, a low value is acceptable
# as even older extents will continue to fill as training progresses.
#
HashMaxSeek        10

#
# HashConcurrentUser: If you are using a single, stateful hash database in
# daemon mode, specifying a concurrent user below will cause the user to be
# permanently mapped into memory and shared via rwlocks. This is very fast and
# very cool if you are running a "userless" relay appliance.
#
#HashConcurrentUser    user

#
# HashConnectionCache: If running in daemon mode, this is the max # of
# concurrent connections that will be supported. NOTE: If you are using
# HashConcurrentUser, this option is ignored, as all connections are read-
# write locked instead of mutex locked.
#
HashConnectionCache    100


# --- ExtLookup ---

# ExtLookup: Perform various external lookup functions depending on user-
# defined variables. ExtLookup can either be set to 'on' or 'off'. The
# behavior of such lookups are defined by the use of ExtLookupMode, which
# can be set to 'verify', 'map' and 'strict'.
#
#  verify   Will cause dspam to validate the user, prior to
#           creating the user entry in the system.
#
#  map      Will cause dspam to try to map the user address
#           to a certain unique identifier.
#
#  strict   Will cause dspam to enforce both 'verify' and 'map'.
#
# ExtLookupDriver will set the engine behind the lookups. For now the only
# supported mechanisms are 'ldap' and 'program'. The first will make dspam
# talk directly to the configured LDAP server. The second will prefrom the
# various lookup functions by running a certain binary program or executable
# script. The program MUST be a binary executable or a script with a well
# defined interpreter in its first line ( #!/path/to/interpreter ). There
# are plans to support TLS/SSL connections to backend databases.
#
#ExtLookup        on                # Turns on/off external lookup
#ExtLookupMode        strict                # available modes are 'verify', 'map' and 'strict'.
                            # 'strict' enforces both verify and map
#ExtLookupDriver    ldap                # Currently only ldap and program are supported.
                            # There are plans to support both MySQL and Postgres.
#ExtLookupServer    ldap.example.org        # Can either be a database hostname or the full path to
                            # an executable lookup program and its arguments.
#ExtLookupPort        389                # Desired port when connecting to the lookup database.
#ExtLookupDB        "ou=Users,dc=domain,dc=com"    # Can either be an LDAP search base or a database name (TODO).
#ExtLookupQuery        "(&(objectClass=qmailUser)(|(mail=%u)(mailAlternateAddress=%u)))"    # Can either be an LDAP search filter or an SQL query (TODO)
#ExtLookupLDAPAttribute    "mail"                # Attribute to be used when ExtLookupDriver is 'ldap'
                            # and ExtLookupMode 'map' or 'strict'
#ExtLookupLDAPScope    sub                # Can be set to 'base', 'sub' or 'one'. Only used when ExtLookupDriver is 'ldap'.
#ExtLookupLDAPVersion    3                # Sets the LDAP protocol version (1, 2 or 3)
#ExtLookupLogin        "cn=admin,dc=domain,dc=com"    # Login to be used when connecting to any direct database backend.
#ExtLookupPassword    itsasecret            # Password to use with ExtLookupLogin.
#ExtLookupCrypto    tls                # Sets the use of TLS on backend communication (only compatible with LDAPv3)


# --- Profiles ---

#
# You can specify multiple storage profiles, and specify the server to
# use on the commandline with --profile. For example:
#
#Profile DECAlpha
#MySQLServer.DECAlpha    10.0.0.1
#MySQLPort.DECAlpha    3306
#MySQLUser.DECAlpha    dspam
#MySQLPass.DECAlpha    changeme
#MySQLDb.DECAlpha    dspam
#MySQLCompress.DECAlpha    true
#MySQLReconnect.DECAlpha    true
#
#Profile Sun420R
#MySQLServer.Sun420R    10.0.0.2
#MySQLPort.Sun420R    3306
#MySQLUser.Sun420R    dspam
#MySQLPass.Sun420R    changeme
#MySQLDb.Sun420R    dspam
#MySQLCompress.Sun420R    false
#MySQLReconnect.Sun420R    true
#
#DefaultProfile    DECAlpha

#
# If you're using storage profiles, you can set failovers for each profile.
# Of course, if you'll be failing over to another database, that database
# must have the same information as the first. If you're using a global
# database with no training, this should be relatively simple. If you're
# configuring per-user data, however, you'll need to set up some type of
# replication between databases.
#
#Failover.DECAlpha    SUN420R
#Failover.Sun420R    DECAlpha

# If the storage fails, the agent will follow each profile's failover up to
# a maximum number of failover attempts. This should be set to a maximum of
# the number of profiles you have, otherwise the agent could loop and try
# the same profile multiple times (unless this is your desired behavior).
#
#FailoverAttempts    1

#
# Ignored headers: If DSPAM is behind other tools which may add a header to
# incoming emails, it may be beneficial to ignore these headers - especially
# if they are coming from another spam filter. If you are _not_ using one of
# these tools, however, leaving the appropriate headers commented out will
# allow DSPAM to use them as telltale signs of forged email.
#
#IgnoreHeader X-Spam-Status
#IgnoreHeader X-Spam-Scanned
#IgnoreHeader X-Virus-Scanner-Result

#
# Lookup: Perform lookups on streamlined blackhole list servers (see
# http://www.nuclearelephant.com/projects/sbl/). The streamlined blacklist
# server is machine-automated, unsupervised blacklisting system designed to
# provide real-time and highly accurate blacklisting based on network spread.
# When performing a lookup, DSPAM will automatically learn the inbound message
# as spam if the source IP is listed. Until an official public RABL server is
# available, this feature is only useful if you are running your own
# streamlined blackhole list server for internal reporting among multiple mail
# servers. Provide the name of the lookup zone below to use.
#
# This function performs standard reverse-octet.domain lookups, and while it
# will function with many RBLs, it's strongly discouraged to use those
# maintained by humans as they're often inaccurate and could hurt filter
# learning and accuracy.
#
#Lookup        "sbl.example.org"

#
# RBLInoculate: If you want to inoculate the user from RBL'd messages it would
# have otherwise missed, set this to on.
#
#RBLInoculate    off

#
# Notifications: Enable the sending of notification emails to users (first
# message, quarantine full, etc.)
#
Notifications    off

# TxtDirectory: the directory that holds the templates for notification
# messages (see Notifications) and tagging (see tagSpam/tagNonspam).
#
#TxtDirectory /var/spool/dspam/txt

#
# QuarantineWarnSize: You may specify a size when DSPAM should send a "Quarantine
# Full" message to each user. This is only working if you enable notifications
# (see above). Value is in bytes. Default is 2097152 -> 2MB.
#
#QuarantineWarnSize 2097152

#
# Purge configuration: Set dspam_clean purge default options, if not otherwise
# specified on the commandline
#
PurgeSignatures 14    # Stale signatures
PurgeNeutral    90    # Tokens with neutralish probabilities
PurgeUnused    90    # Unused tokens
PurgeHapaxes    30    # Tokens with less than 5 hits (hapaxes)
PurgeHits1S    15    # Tokens with only 1 spam hit
PurgeHits1I    15    # Tokens with only 1 innocent hit

#
# Purge configuration for SQL-based installations using purge.sql
#
#PurgeSignature    off    # Specified in purge.sql
#PurgeNeutral    90
#PurgeUnused    off    # Specified in purge.sql
#PurgeHapaxes    off    # Specified in purge.sql
#PurgeHits1S    off    # Specified in purge.sql
#PurgeHits1I    off    # Specified in purge.sql

#
# Local Mail Exchangers: Used for source address tracking, tells DSPAM which
# mail exchangers are local and therefore should be ignored in the Received:
# header when tracking the source of an email. Note: you should use the address
# of the host as appears between brackets [ ] in the Received header.
# By default DSPAM is considering the following IPs always as LocalMX:
#    10.0.0.0/8    - Private IP addresses (RFC 1918)
#    127.0.0.0/8    - Localhost Loopback Address (RFC 1700)
#    169.254.0.0/16    - Zeroconf / APIPA (RFC 3330)
#    172.16.0.0/12    - Private IP addresses (RFC 1918)
#    192.168.0.0/16    - Private IP addresses (RFC 1918)
#### adicionado em 6/5/14 para tentar ignorar emails locais
LocalMX 127.0.0.1 [hidden-postfix-ip]

#
# Logging: Disabling logging for users will make usage graphs unavailable to
# them. Disabling system logging will make admin graphs unavailable.
#
SystemLog    on
UserLog        on

#
# TrainPristine: for systems where the original message remains server side
# and can therefore be presented in pristine format for retraining. This option
# will cause DSPAM to cease all writing of signatures and DSPAM headers to the
# message, and deliver the message in as pristine format as possible. This mode
# REQUIRES that the original message in its pristine format (as of delivery)
# be presented for retraining, as in the case of webmail, imap, or other
# applications where the message is actually kept server-side during reading,
# and is preserved. DO NOT use this switch unless the original message can be
# presented for retraining with the ORIGINAL HEADERS and NO MODIFICATIONS.
#
# NOTE: You can't use this setting with dspam_trian; if you're going to use it,
#       wait until after you train any corpora.
#
#TrainPristine on

#
# Opt: in or out; determines DSPAM's default filtering behavior. If this value
# is set to in, users must opt-in to filtering by dropping a .dspam file in
# /var/dspam/opt-in/user.dspam (or if you have homedirs configured, a .dspam
# folder in their home directory).  The default is opt-out, which means all
# users will be filtered unless a .nodspam file is dropped in
# /var/dspam/opt-out/user.nodspam
#
Opt out

#
# TrackSources: specify which (if any) source addresses to track and report
# them to syslog (mail.info). This is useful if you're running a firewall or
# blacklist and would like to use this information. Spam reporting also drops
# RABL blacklist files (see http://www.nuclearelephant.com/projects/rabl/).
#
#TrackSources spam nonspam virus

#
# ParseToHeaders: In lieu of setting up individual aliases for each user,
# DSPAM can be configured to automatically parse the To: address for spam and
# false positive forwards. From there, it can be configured to either set the
# DSPAM user based on the username specified in the header and/or change the
# training class and source accordingly. The options below can be used to
# customize most common types of header parsing behavior to avoid the need for
# multiple aliases, or if using LMTP, aliases entirely..
#
# ParseToHeader: Parse the To: headers of an incoming message. This must be
#                set to 'on' to use either of the following features.
#
# ChangeModeOnParse: Automatically change the class (to spam or innocent)
#   depending on whether spam- or notspam- was specified, and change the source
#   to 'error'. This is convenient if you're not using aliases at all, but
#   are delivering via LMTP.
#
# ChangeUserOnParse: Automatically change the username to match that specified
#   in the To: header. For example, [hidden email] will set the username
#   to bob, ignoring any --user passed in. This may not always be desirable if
#   you are using virtual email addresses as usernames. Options:
#     on or user    take the portion before the @ sign only
#     full        take everything after the initial {spam,notspam}-.
#
#ParseToHeaders on
#ChangeModeOnParse on
#ChangeUserOnParse on

#
# Broken MTA Options: Some MTAs don't support the proper functionality
# necessary. In these cases you can activate certain features in DSPAM to
# compensate. 'returnCodes' causes DSPAM to return an exit code of 99 if
# the message is spam, 0 if not, or a negative code if an error has occured.
# Specifying 'case' causes DSPAM to force the input usernames to lowercase.
# Specifying 'lineStripping' causes DSPAM to strip ^M's from messages passed
# in.
#
#Broken returnCodes
#Broken case
#Broken lineStripping

#
# MaxMessageSize: You may specify a maximum message size for DSPAM to process.
# If the message is larger than the maximum size, it will be delivered
# without processing. Value is in bytes.
#
#MaxMessageSize 4194304

# --- ClamAV ---

#
# Virus Checking: If you are running clamd, DSPAM can perform stream-based
# virus checking using TCP. Uncomment the values below to enable virus
# checking.
#
# ClamAVResponse: reject (reject or drop the message with a permanent failure)
#                 accept (accept the message and quietly drop the message)
#                 spam   (treat as spam and quarantine/tag/whatever)
#
#ClamAVPort        3310
#ClamAVHost        127.0.0.1
#ClamAVResponse        accept

# --- CLIENT / SERVER ---

#
# Daemonized Server: If you are running DSPAM as a daemonized server using
# --daemon, the following parameters will override the default. Use the
# ServerPass option to set up accounts for each client machine. The DSPAM
# server will process and deliver the message based on the parameters
# specified. If you want the client machine to perform delivery, use
# the --stdout option in conjunction with a local setup.
#
# ServerHost: Not enabling ServerHost will bind DSPAM server to all available
# interfaces.
#
#ServerHost           [hidden-server-host]             #original era 127.0.0.1   
ServerPort            10033                      #original era 24   
ServerQueueSize            3000
ServerPID        /var/run/dspam.pid

#
# ServerMode specifies the type of LMTP server to start. This can be one of:
#     dspam: DSPAM-proprietary DLMTP server, for communicating with dspamc
#  standard: Standard LMTP server, for communicating with Postfix or other MTA
#      auto: Speak both DLMTP and LMTP; auto-detect by ServerPass.IDENT
#
ServerMode standard

# If supporting DLMTP (dspam) mode, dspam clients will require authentication
# as they will be passing in parameters. The idents below will be used to
# determine which clients will be speaking DLMTP, so if you will be using
# both LMTP and DLMTP from the same host, be sure to use something other
# than the server's hostname below (which will be sent by the MTA during a
# standard LMTP LHLO).
#
#ServerPass.Relay1    "secret"
#ServerPass.Relay2    "password"

# If supporting standard LMTP mode, server parameters will need to be specified
# here, as they will not be passed in by the mail server. The ServerIdent
# specifies the 250 response code ident sent back to connecting clients and
# should be set to the hostname of your server, or an alias.
#
# NOTE: If you specify --user in ServerParameters, the RCPT TO will be
#       used only for delivery, and not set as the active user for processing.
#
ServerParameters    "--deliver=innocent -d %u"
ServerIdent        "anti-spam.[local-domain]"

# If you wish to use a local domain socket instead of a TCP socket, uncomment
# the following. It is strongly recommended you use local domain sockets if
# you are running the client and server on the same machine, as it eliminates
# much of the bandwidth overhead.
#
#ServerDomainSocketPath    "/tmp/dspam.sock"

#
# Client Mode: If you are running DSPAM in client/server mode, uncomment and
# set these variables. A ClientHost beginning with a / will be treated as
# a domain socket.
#
#ClientHost    /tmp/dspam.sock
#ClientIdent    "secret@Relay1"
#
#ClientHost    127.0.0.1
#ClientPort    24
#ClientIdent    "secret@Relay1"

# --- RABL ---

# RABLQueue: Touch files in the RABL queue
# If you are a reporting streamlined blackhole list participant, you can
# touch ip addresses within the directory the rabl_client process is watching.
#
#RABLQueue    /var/spool/rabl

# ---  ---

# DataSource: If you are using any type of data source that does not include
# email-like headers (such as documents), uncomment the line below. This
# will cause the entire input to be treated like a message "body"
#
#DataSource document

# ProcessorWordFrequency: By default, words are only counted once per message.
# If you are classifying large documents, however, you may wish to count once
# per occurrence instead.
#
#ProcessorWordFrequency occurrence

# ProcessorURLContext: By default, a URL context is generated for URLs, which
# records their tokens as separate from words found in documents. To use
# URL tokens in the same context as words, turn this feature off.
#
####ProcessorURLContext on  --> desligado para tentar melhorar performance
ProcessorURLContext off

# ProcessorBias: Bias causes the filter to lean more toward 'innocent', and
# usually greatly reduces false positives. It is the default behavior of
# most Bayesian filters (including dspam).
#
# NOTE: You probably DONT want this if you're using Markovian Weighting, unless
# you are paranoid about false positives.
#
ProcessorBias on

# StripRcptDomain: Cut the domain (including the at sign) from recipients.
# This is particularly useful if the recipient name is equal to real user
# accounts as recipients with domains tend to cause permission issues with
# dspam-web.
#
StripRcptDomain off

# GroupConfig: The configuration file for groups. See the README file
# for details on how to enable users to combine their training data to
# get better results.
GroupConfig /var/spool/dspam/group

# --- Split Configuration File Support ---

# Include a directory with configuration items.
#Include /etc/dspam/dspam.d/

# ---  ---

## EOF

 

-Troy


On 5/28/2014 4:00 PM, Carlos Alberto M. B. wrote:


2014-05-27 17:52 GMT-03:00 Troy Ayers <[hidden email]>:
A Retrained message has no X-DSPAM-* in the headers?

To clarify the experiments:
The  message comes with X-DSPAM-* in the headers.
After retrainig it, it still with those headers.
The retraining seems to work, and it is done with the command: /usr/bin/dspam --client --user [hidden email] --class=spam --source=error --signature=53863fd1156344451714589
The retraining is working, since the stats change and it is logged.

Otherwise, the next identical message I sent after a/some retrain is described in logs as "Tagged", as it should be, but it comes without X-DSPAM-* in the headers and without the "[SPAM]" in the Subject of the message.



This would seem to indicate an issue with the method used to retrain.  How do you retrain exactly?  Does dspam-stats change after you retrain?  Sounds like the existing x-spam-* headers are getting stripped out somehow?

Or does the retraining work, but similar or identical emails are not being flagged as spam? 

yes
 
TEFT, If I remember properly, may need more than one training.  If the test emails are otherwise identical, the x-dpsam-probability would change with each retrain.  You could turn on ShowFactors to see more detail in the headers.

the logs show as an email was tagged as spam, but don't tag it as it should be.
 

In any case, you could turn on verbose logging and see what shows up there.

If I mis-understand something, please clarify.

It sounds like some messages are not being scanned with dspam at all.

The messages are being scanned, but somehow, when classified as Spam and "Tagged", nothing is written in the message: No X-DSPAM-* tags, nor the [SPAM] in the title...

Any idea? :/

-Carlos Alberto


-Troy


On 5/23/2014 8:34 AM, Carlos Alberto M. B. wrote:
Hi,

I'm testing a fresh new DSPAM instalation with Postfix, and it seems to be working fine, tagging with X-DSPAM-* the mail header. 
But when I retrain a message, the next similar messages (that would be marked as spam) are not being tagged with X-DSPAM-* and the subject is not changed with the "[SPAM]" at the begining, as it should be.

Can someone give me any idea how to solve that?

Thanks.
Carlos Alberto

PS: the preferences of dspam.conf:
Preference "trainingMode=TEFT"          # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
Preference "spamAction=tag"             # { quarantine | tag | deliver } -> default:quarantine
Preference "spamSubject=[SPAM]"         # { string } -> default:[SPAM]
Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
Preference "enableBNR=on"               # { on | off } -> default:off
Preference "enableWhitelist=on"         # { on | off } -> default:on
Preference "signatureLocation=headers"  # { message | headers } -> default:message
Preference "tagSpam=on"                 # { on | off } 
Preference "tagNonspam=off"             # { on | off }
Preference "showFactors=off"            # { on | off } -> default:off
Preference "optIn=off"                  # { on | off }
Preference "optOut=off"                 # { on | off }
Preference "whitelistThreshold=10"      # { Integer } -> default:10
Preference "makeCorpus=off"             # { on | off } -> default:off
Preference "storeFragments=off"         # { on | off } -> default:off
Preference "localStore="                # { on | off } -> default:username
Preference "processorBias=on"           # { on | off } -> default:on
Preference "fallbackDomain=off"         # { on | off } -> default:off
Preference "trainPristine=off"          # { on | off } -> default:off
Preference "optOutClamAV=off"           # { on | off } -> default:off
Preference "ignoreRBLLookups=off"       # { on | off } -> default:off
Preference "RBLInoculate=off"           # { on | off } -> default:off
Preference "notifications=on"           # { on | off } -> default:off


------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user



------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Dspam-user] Dspam is not tagging spam mail

Tom Hendrikx
On 05/30/2014 04:31 PM, Carlos Alberto M. B. wrote:

>
>
>
> 2014-05-28 18:17 GMT-03:00 Troy Ayers <[hidden email]
> <mailto:[hidden email]>>:
>
>     I suppose that user prefs could be overriding your dspam.conf
>     preferences, if the corresponding AllowOverride directive allows it.
>     Check that?
>
> No, all AllowOverride directives are commented #
>  
>
>     Make sure that there is not a second preference for spamAction,
>     spamSubject, or  spamTag specified in dspam.conf
>
>  
> No, just one  of each. In fact, I'm using tagSpam=on instead of this
> spamTag directive.
Check the README, tagSpam is for something else.

>  
>
>     I don't have any other ideas on what could be causing the issue,
>     except for the idea to turn on verbose logging, and looking at that.
>
>
> Is there a possibility to increase the vebosity in logging, I didn't
> find a way to do that, unless the --debug mode. Part of the debug log,
> that really interest is found below. The interesting/hard thing is that
> it says that "*message result: SPAM"*, says that appends the "X-DSPAM"
> tags in the message, and send the message successfully, but when the
> message result is SPAM, the email still getting in my inbox without
> those X-DSPAM directives, and the [SPAM] in the subjetct... :/
>
> I also sent my dspam.conf below.
>
> Thanks for the help!
>
> 22051: [05/29/2014 14:43:16] using Graham factors
>
> 22051: [05/29/2014 14:43:16] MISS: Chi-Square
>
> 22051: [05/29/2014 14:43:16] Result Confidence: 0.99
>
> 22051: [05/29/2014 14:43:16] BNR Decision Concurs
>
> 22051: [05/29/2014 14:43:16] match attribute 'ProcessorWordFrequency'
> with value 'occurrence'
>
> 22051: [05/29/2014 14:43:16] find attribute 'ProcessorWordFrequency'
>
> 22051: [05/29/2014 14:43:16] -> match: not found attribute
> 'ProcessorWordFrequency'
>
> 22051: [05/29/2014 14:43:16] _pgsql_drv_getpwnam: returning cached name
> 'carlos.alberto@[hidden-domain]'
>
> 22051: [05/29/2014 14:43:16] Control: [10 10] [11 10] Delta: [1 0]
>
> 22051: [05/29/2014 14:43:16] total processing time: 0.52775s
>
> 22051: [05/29/2014 14:43:16] match attribute 'Notifications' with value
> 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Notifications'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Notifications' with
> value 'off'
>
> 22051: [05/29/2014 14:43:16] -> match: not found attribute
> 'Notifications' with value 'on'
>
> 22051: [05/29/2014 14:43:16] read attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] match attribute 'Notifications' with value
> 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Notifications'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Notifications' with
> value 'off'
>
> 22051: [05/29/2014 14:43:16] -> match: not found attribute
> 'Notifications' with value 'on'
>
> 22051: [05/29/2014 14:43:16] read attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] match attribute 'Notifications' with value
> 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Notifications'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Notifications' with
> value 'off'
>
> 22051: [05/29/2014 14:43:16] -> match: not found attribute
> 'Notifications' with value 'on'
>
> 22051: [05/29/2014 14:43:16] read attribute 'QuarantineWarnSize'
>
> 22051: [05/29/2014 14:43:16] find attribute 'QuarantineWarnSize'
>
> 22051: [05/29/2014 14:43:16] -> read: not found attribute
> 'QuarantineWarnSize'
>
> 22051: [05/29/2014 14:43:16] read attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] match attribute 'PgSQLUIDInSignature' with
> value 'on'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] match attribute 'PgSQLUIDInSignature' with
> value 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'PgSQLUIDInSignature'
>
> 22051: [05/29/2014 14:43:16] -> match: not found attribute
> 'PgSQLUIDInSignature'
>
> 22051: [05/29/2014 14:43:16] _pgsql_drv_getpwnam: returning cached name
> 'carlos.alberto@[hidden-domain]'
>
> 22051: [05/29/2014 14:43:16] saving signature as 538771b4220512300131016
>
> 22051: [05/29/2014 14:43:16] _pgsql_drv_getpwnam: returning cached name
> 'carlos.alberto@[hidden-domain]'
>
> 22051: [05/29/2014 14:43:16] match attribute 'WebStats' with value 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'WebStats'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'WebStats' with value 'off'
>
> 22051: [05/29/2014 14:43:16] -> match: not found attribute 'WebStats'
> with value 'on'
>
> 22051: [05/29/2014 14:43:16] libdspam returned probability of 1.000000
>
> 22051: [05/29/2014 14:43:16] *message result: SPAM *
>
> 22051: [05/29/2014 14:43:16] match attribute 'SystemLog' with value 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'SystemLog'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'SystemLog' with value 'on'
>
> 22051: [05/29/2014 14:43:16] -> matched attribute 'SystemLog' with value
> 'on'
>
> 22051: [05/29/2014 14:43:16] read attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] match attribute 'UserLog' with value 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'UserLog'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'UserLog' with value 'on'
>
> 22051: [05/29/2014 14:43:16] -> matched attribute 'UserLog' with value 'on'
>
> 22051: [05/29/2014 14:43:16] match attribute 'SystemLog' with value 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'SystemLog'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'SystemLog' with value 'on'
>
> 22051: [05/29/2014 14:43:16] -> matched attribute 'SystemLog' with value
> 'on'
>
> 22051: [05/29/2014 14:43:16] read attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] *appending header X-DSPAM-Result: Spam *
>
> 22051: [05/29/2014 14:43:16] appending header X-DSPAM-Processed: Thu May
> 29 14:43:16 2014
>
> 22051: [05/29/2014 14:43:16] appending header X-DSPAM-Confidence: 0.9899
>
> 22051: [05/29/2014 14:43:16] match attribute 'ImprobabilityDrive' with
> value 'on'
>
> 22051: [05/29/2014 14:43:16] find attribute 'ImprobabilityDrive'
>
> 22051: [05/29/2014 14:43:16] -> match: not found attribute
> 'ImprobabilityDrive'
>
> 22051: [05/29/2014 14:43:16] appending header X-DSPAM-Probability: 1.0000
>
> 22051: [05/29/2014 14:43:16] appending header X-DSPAM-Signature:
> 538771b4220512300131016
>
> 22051: [05/29/2014 14:43:16] appending header X-DSPAM-Factors: 15,
>
> 330+ida, 0.99000,
>
> id+c9a7de1b44, 0.99000,
>
> de+#+#+#+dicas, 0.99000,
>
> Leia+#+#+tem, 0.99000,
>
> pr%e1tica+#+#+n%e3o, 0.99000,
>
> est%e1+#+#+da, 0.99000,
>
> %85+http, 0.99000,
>
> H%e1+ainda, 0.99000,
>
> u+#+#+#+4a12f3849e, 0.99000,
>
> passagens+pelo, 0.99000,
>
> N%e3o+#+#+#+e, 0.99000,
>
> uma+#+promo%e7%e3o, 0.99000,
>
> para+#+#+#+melhoresdestinos, 0.99000,
>
> 10+#+#+#+passada, 0.99000,
>
> 05+#+#+#+A, 0.99000
>
> 22051: [05/29/2014 14:43:16] read attribute 'TxtDirectory'
>
> 22051: [05/29/2014 14:43:16] find attribute 'TxtDirectory'
>
> 22051: [05/29/2014 14:43:16] -> read: not found attribute 'TxtDirectory'
>
> 22051: [05/29/2014 14:43:16] read attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Home'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'Home' with value
> '/var/spool/dspam'
>
> 22051: [05/29/2014 14:43:16] _pgsql_drv_getpwnam: returning cached name
> 'carlos.alberto@[hidden-domain]'
>
> 22051: [05/29/2014 14:43:16] destroying/freeing configuration
>
> 22051: [05/29/2014 14:43:16] match attribute 'Broken' with value
> 'returnCodes'
>
> 22051: [05/29/2014 14:43:16] find attribute 'Broken'
>
> 22051: [05/29/2014 14:43:16] -> match: not found attribute 'Broken'
>
> 22051: [05/29/2014 14:43:16] delivering message
>
> 22051: [05/29/2014 14:43:16] read attribute 'QuarantineMailbox'
>
> 22051: [05/29/2014 14:43:16] find attribute 'QuarantineMailbox'
>
> 22051: [05/29/2014 14:43:16] -> read: not found attribute
> 'QuarantineMailbox'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryProto'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryProto' with
> value 'SMTP'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryIdent'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryIdent'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryIdent' with
> value 'dspam'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryIdent' with
> value 'dspam'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryHost'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryHost'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryHost' with
> value '[hidden-postfix-IP]'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryHost' with value
> '[hidden-postfix-IP]'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryPort'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryPort'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryPort' with
> value '10034'
>
> 22051: [05/29/2014 14:43:16] -> read attribute 'DeliveryPort' with value
> '10034'
>
> 22051: [05/29/2014 14:43:16] read attribute 'DeliveryPort'
>
> 22051: [05/29/2014 14:43:16] find attribute 'DeliveryPort'
>
> 22051: [05/29/2014 14:43:16] -> found attribute 'DeliveryPort' with
> value '10034'
>
> 22051: [05/29/2014 14:43:16] SEND: HELO dspam
>
> 22051: [05/29/2014 14:43:16] RECV: 250 mx.[hidden-domain]^M
>
> 22051: [05/29/2014 14:43:16] SEND: MAIL FROM:<xpidx@[hidden-from-domain]>
>
> 22051: [05/29/2014 14:43:16] RECV: 250 2.1.0 Ok^M
>
> 22051: [05/29/2014 14:43:16] SEND: RCPT TO:<carlos.alberto@[hidden-domain]>
>
> 22051: [05/29/2014 14:43:16] RECV: 250 2.1.5 Ok^M
>
> 22051: [05/29/2014 14:43:16] SEND: DATA
>
> 22051: [05/29/2014 14:43:16] RECV: 354 End data with <CR><LF>.<CR><LF>^M
>
> 22051: [05/29/2014 14:43:16] SEND: ^M
>
> .
>
> 22051: [05/29/2014 14:43:16] RECV: 250 2.0.0 Ok: queued as 8E5FC2A064A^M
>
> 22051: [05/29/2014 14:43:16] SEND: QUIT
>
> 22051: [05/29/2014 14:43:16] RECV: 221 2.0.0 Bye^M
>
> 22051: [05/29/2014 14:43:16] DSPAM Instance Shutdown. Exit Code: 0
>
> 22051: [05/29/2014 14:43:16] SEND: 250 2.6.0
> <carlos.alberto@[hidden-domain]> Message accepted for delivery
>
> 22051: [05/29/2014 14:43:16] checking trusted user list for root(0)
>
> 22051: [05/29/2014 14:43:16] SRECV: QUIT^M
>
> 22051: [05/29/2014 14:43:16] SEND: 221 2.0.0 OK
>
> 22051: [05/29/2014 14:43:20] connection id 10 from 200.134.33.2.
>
> 22051: [05/29/2014 14:43:20] read attribute 'ServerIdent'
>
> 22051: [05/29/2014 14:43:20] find attribute 'ServerIdent'
>
> 22051: [05/29/2014 14:43:20] -> found attribute 'ServerIdent' with value
> 'anti-spam.[hidden-domain]'
>
> 22051: [05/29/2014 14:43:20] -> read attribute 'ServerIdent' with value
> 'anti-spam.[hidden-domain]'
>
> 22051: [05/29/2014 14:43:20] read attribute 'ServerMode'
>
> 22051: [05/29/2014 14:43:20] find attribute 'ServerMode'
>
> 22051: [05/29/2014 14:43:20] -> found attribute 'ServerMode' with value
> 'standard'
>
> 22051: [05/29/2014 14:43:20] -> read attribute 'ServerMode' with value
> 'standard'
>
> 22051: [05/29/2014 14:43:20] read attribute 'ServerMode'
>
> 22051: [05/29/2014 14:43:20] find attribute 'ServerMode'
>
> 22051: [05/29/2014 14:43:20] -> found attribute 'ServerMode' with value
> 'standard'
>
> 22051: [05/29/2014 14:43:20] -> read attribute 'ServerMode' with value
> 'standard'
>
> 22051: [05/29/2014 14:43:20] read attribute 'ServerMode'
>
> 22051: [05/29/2014 14:43:20] find attribute 'ServerMode'
>
> 22051: [05/29/2014 14:43:20] -> found attribute 'ServerMode' with value
> 'standard'
>
> 22051: [05/29/2014 14:43:20] -> read attribute 'ServerMode' with value
> 'standard'
>
> 22051: [05/29/2014 14:43:20] SEND: 220 DSPAM LMTP 3.10.2 Ready
>
> 22051: [05/29/2014 14:43:20] SRECV: LHLO mx.[hidden-domain]^M
>
> 22051: [05/29/2014 14:43:20] SEND: 250-anti-spam.[hidden-domain]
>
> 22051: [05/29/2014 14:43:20] SEND: 250-PIPELINING
>
> 22051: [05/29/2014 14:43:20] SEND: 250-ENHANCEDSTATUSCODES
>
> 22051: [05/29/2014 14:43:20] SEND: 250-8BITMIME
>
> 22051: [05/29/2014 14:43:20] SEND: 250 SIZE
>
> 22051: [05/29/2014 14:43:20] checking trusted user list for root(0)
>
> 22051: [05/29/2014 14:43:20] SRECV: MAIL
> FROM:<[hidden email]
> <mailto:[hidden email]>> SIZE=3879
> BODY=8BITMIME^M
>
> 22051: [05/29/2014 14:43:20] SEND: 250 2.1.0 OK
>
> ---------------------------------
>
> ## $Id: dspam.conf.in <http://dspam.conf.in>,v 1.103 2011/11/10 00:27:34
> tomhendr Exp $
> ## dspam.conf -- DSPAM configuration file
> ##
>
> #
> # DSPAM Home: Specifies the base directory to be used for DSPAM storage
> #
> Home /var/spool/dspam
>
> #
> # StorageDriver: Specifies the storage driver backend (library) to use.
> # You'll only need to set this if you are using dynamic storage driver
> plugins
> # from a binary distribution. The default build statically links the storage
> # driver (when only one is specified at configure time), overriding this
> # setting, which only comes into play if multiple storage drivers are
> specified
> # at configure time. When using dynamic linking, be sure to include the path
> # to the library if necessary, and some systems may use an extension other
> # than .so (e.g. OSX uses .dylib).
> #
> # Options include:
> #
> #   libmysql_drv.so     libpgsql_drv.so   libsqlite_drv.so
> #   libsqlite3_drv.so   libhash_drv.so
> #
> # IMPORTANT: Switching storage drivers requires more than merely changing
> # this option. If you do not wish to lose all of your data, you will need to
> # migrate it to the new backend before making this change.
> #
> StorageDriver /usr/lib/dspam/libpgsql_drv.so
>
> #
> # Trusted Delivery Agent: Specifies the local delivery agent DSPAM
> should call
> # when delivering mail as a trusted user. Use %u to specify the user
> DSPAM is
> # processing mail for. It is generally a good idea to allow the MTA to
> specify
> # the pass-through arguments at run-time, but they may also be specified
> here.
> #
> # Most operating system defaults:
> #TrustedDeliveryAgent "/usr/bin/procmail"       # Linux
> #TrustedDeliveryAgent "/usr/bin/mail"           # Solaris
> #TrustedDeliveryAgent "/usr/libexec/mail.local" # FreeBSD
> #TrustedDeliveryAgent "/usr/bin/procmail"       # Cygwin
> #
> # Other popular configurations:
> #TrustedDeliveryAgent "/usr/cyrus/bin/deliver"    # Cyrus
> #TrustedDeliveryAgent "/bin/maildrop"        # Maildrop
> #TrustedDeliveryAgent "/usr/local/sbin/exim -oMr spam-scanned" # Exim
> #
> TrustedDeliveryAgent "/usr/bin/procmail"
>
> #
> # Untrusted Delivery Agent: Specifies the local delivery agent and arguments
> # DSPAM should use when delivering mail and running in untrusted user mode.
> # Because DSPAM will not allow pass-through arguments to be specified to
> # untrusted users, all arguments should be specified here. Use %u to specify
> # the user DSPAM is processing mail for. This configuration parameter is
> only
> # necessary if you plan on allowing untrusted processing.
> #
> #UntrustedDeliveryAgent "/usr/bin/procmail -d %u"
>
> #
> # SMTP or LMTP Delivery: Alternatively, you may wish to use SMTP or LMTP
> # delivery to deliver your message to the mail server instead of using a
> # delivery agent. You will need to configure with --enable-daemon to use
> host
> # delivery, however you do not need to operate in daemon mode. Specify an IP
> # address or UNIX path to a domain socket below as a host.
> #
> # If you would like to set up DeliveryHost's on a per-domain basis, use
> # the syntax: DeliveryHost.example.org <http://DeliveryHost.example.org>
> 1.2.3.4
> #
> DeliveryHost            [hidden-ip]    #original era 127.0.0.1
> DeliveryPort        10034           #original era 24
> DeliveryIdent        dspam           #original era  localhost
> DeliveryProto        SMTP            #original era LMTP
>
> #
> # FallbackDomains: If you want to specify certain domains as fallback
> domains,
> # enable this option. For example, you could create a user @example.org
> <http://example.org>, and
> # if [hidden email] <mailto:[hidden email]> does not resolve to a
> known user on the system, the user
> # could default to your @example.org <http://example.org> user. NOTE:
> This also requires designating
> # fallbackDomain for the domain name;
> # e.g. dspam_admin ch pref example.org <http://example.org>
> fallbackDomain on
> #
> #FallbackDomains on
>
> #
> # Quarantine Agent: DSPAM's default behavior is to quarantine all mail it
> # thinks is spam. If you wish to override this behavior, you may specify
> # a quarantine agent which will be called with all messages DSPAM thinks is
> # spam. Use %u to specify the user DSPAM is processing mail for.
> #
> #QuarantineAgent    "/usr/bin/procmail -d spam"
>
> #
> # DSPAM can optionally process "plused users" (addresses in the user+detail
> # form) by truncating the username just before the "+", so all internal
> # processing occurs for "user", but delivery will be performed for
> # "user+detail". This is only useful if the LDA can handle "plused users"
> # (for example Cyrus IMAP) and when configured for LMTP delivery above
> #
> #EnablePlusedDetail    on
>
> #
> # Character to use as seperator between user names and address extensions.
> # If you change this value then please adjust QuarantineMailbox to use the
> # new specified character. The default is '+'.
> #
> #PlusedCharacter    +
>
> #
> # Turn this feature on if you want to force DSPAM to lowercase the "plused
> # users" username.
> #
> #PlusedUserLowercase    on
>
> #
> # Quarantine Mailbox: DSPAM's LMTP code can send spam mail using LMTP to a
> # "plused" mailbox (such as user+quarantine) leaving quarantine processing
> # for retraining or deletion to be performed by the LDA and the mail client.
> # "plused" mailboxes are supported by Cyrus IMAP and possibly other LDAs. If
> # you don't set/change PlusedCharacter then the mailbox name must have the +
> # since the + is the default used character.
> #
> #QuarantineMailbox    +quarantine
>
> #
> # OnFail: What to do if local delivery or quarantine should fail. If set
> # to "unlearn", DSPAM will unlearn the message prior to exiting with an
> # un successful return code. The default option, "error" will not unlearn
> # the message but return the appropriate error code. The unlearn option
> # is use-ful on some systems where local delivery failures will cause the
> # message to be requeued for delivery, and could result in the message
> # being processed multiple times. During a very large failure, however,
> # this could cause a significant load increase.
> #
> OnFail error
>
> #
> # Trusted Users: Only the users specified below will be allowed to perform
> # administrative functions in DSPAM such as setting the active user and
> # accessing tools. All other users attempting to run DSPAM will be
> restricted;
> # their uids will be forced to match the active username and they will
> not be
> # able to specify delivery agent privileges or use tools.
> #
> Trust root
> Trust dspam
> Trust apache
> Trust mail
> Trust mailnull
> Trust smmsp
> Trust daemon
> #Trust nobody
> #Trust majordomo
>
> #
> # Debugging: Enables debugging for some or all users. IMPORTANT: DSPAM must
> # be compiled with debug support in order to use this option. DSPAM should
> # never be running in production with debug active unless you are
> # troubleshooting problems.
> #
> # DebugOpt: One or more of: process, classify, spam, fp, inoculation, corpus
> #   process     standard message processing
> #   classify    message classification using --classify
> #   spam        error correction of missed spam
> #   fp          error correction of false positives
> #   inoculation message inoculations (source=inoculation)
> #   corpus      corpusfed messages (source=corpus)
> #
> #Debug *
> Debug carlos.alberto@[local-domain]
> #
> DebugOpt process spam fp
>
> #
> # ClassAlias: Alias a particular class to spam/nonspam. This is useful if
> # classifying things other than spam.
> #
> #ClassAliasSpam badstuff
> #ClassAliasNonspam goodstuff
>
> #
> # Training Mode: The default training mode to use for all operations, when
> # one has not been specified on the commandline or in the user's
> preferences.
> # Acceptable values are:
> #     toe     Train on Error (Only)
> #     teft    Train Everything (Trains on every message)
> #     tum     Train Until Mature (Train only tokens without enough data)
> #     notrain Do not train or store signatures (large ISP systems,
> post-train)
> #
> TrainingMode teft
>
> #
> # TestConditionalTraining: By default, dspam will retrain certain errors
> # until the condition is no longer met. This usually accelerates learning.
> # Some people argue that this can increase the risk of errors, however.
> #
> TestConditionalTraining on
>
> #
> # Features: Specify features to activate by default; can also be specified
> # on the commandline. See the documentation for a list of available
> features.
> # If _any_ features are specified on the commandline, these are ignored.
> #
> #Feature noise
> Feature whitelist
>
> # Training Buffer: The training buffer waters down statistics during
> training.
> # It is designed to prevent false positives, but can also dramatically
> reduce
> # dspam's catch rate during initial training. This can be a number from 0
> # (no buffering) to 10 (maximum buffering). If you are paranoid about false
> # positives, you should probably enable this option.
> #
> #Feature tb=5
>
> #
> # Algorithms: Specify the statistical algorithms to use, overriding any
> # defaults configured in the build. The options are:
> #    naive       Naive-Bayesian (All Tokens)
> #    graham      Graham-Bayesian ("A Plan for Spam")
> #    burton      Burton-Bayesian (SpamProbe)
> #    robinson    Robinson's Geometric Mean Test (Obsolete)
> #    chi-square  Fisher-Robinson's Chi-Square Algorithm
> #
> # You may have multiple algorithms active simultaneously, but it is strongly
> # recommended that you group Bayesian algorithms with other Bayesian
> # algorithms, and any use of Chi-Square remain exclusive.
> #
> # NOTE: For standard "CRM114" Markovian weighting, use 'naive', or consider
> #       using 'burton' for slightly better accuracy
> #
> # Don't mess with this unless you know what you're doing
> #
> #Algorithm chi-square
> #Algorithm naive
> Algorithm graham burton
>
> #
> # Tokenizer: Specify the tokenizer to use. The tokenizer is the piece
> # responsible for parsing the message into individual tokens. Depending on
> # how many resources you are willing to trade off vs. accuracy, you may
> # choose to use a less or more detailed tokenizer:
> #   word    uniGram (single word) tokenizer
> #           Tokenizes message into single individual words/tokens
> #           example: "free" and "viagra"
> #   chain   biGram (chained tokens) tokenizer (default)
> #           Single words + chains adjacent tokens together
> #           example: "free" and "viagra" and "free viagra"
> #   sbph    Sparse Binary Polynomial Hashing tokenizer
> #           Creates sparse token patterns across sliding window of 5-tokens
> #           example: "the quick * fox jumped" and "the * * fox jumped"
> #   osb     Orthogonal Sparse biGram tokenizer
> #           Similar to SBPH, but only uses the biGrams
> #           example: "the * * fox" and "the * * * jumped"
> #
> # In general the reccomendation is to use 'osb' for new installations.
> # The default value of 'chain' remains here as not to surprise anyone
> upgrading
> # that has not changed from the default value.
> #
> Tokenizer osb
>
> #
> # PValue: Specify the technique used for calculating Probability Values,
> # overriding any defaults configured in the build. These options are:
> #    bcr         Bayesian Chain Rule (Graham's Technique - "A Plan for
> Spam")
> #    robinson    Robinson's Technique (used in Chi-Square)
> #    markov      Markovian Weighted Technique (for Markovian discrimination)
> #
> # Unlike the "Algorithms" property, you may only have one of these defined.
> # Use of the chi-square algorithm automatically changes this to robinson.
> #
> # Don't mess with this unless you know what you're doing.
> #
> #PValue robinson
> #PValue markov
> PValue bcr
>
> #
> # WebStats: Enable this if you are using the CGI, which writes .stats files
> #####WebStats on
> WebStats off
>
> #
> # ImprobabilityDrive: Calculate odds-ratios for ham/spam, and add to
> # X-DSPAM-Improbability headers
> #
> #ImprobabilityDrive on
>
> #
> # Preferences: Specify any preferences to set by default, unless otherwise
> # overridden by the user (see next section) or a default.prefs file.
> # If user or default.prefs are found, the user's preferences will
> override any
> # defaults.
> #
> Preference "trainingMode=TEFT"        # { TOE | TUM | TEFT | NOTRAIN }
> -> default:teft
> Preference "spamAction=tag"         # { quarantine | tag | deliver } ->
> default:quarantine
> Preference "spamSubject=[SPAM]"        # { string } -> default:[SPAM]
> Preference "statisticalSedation=5"    # { 0 - 10 } -> default:0
> Preference "enableBNR=on"        # { on | off } -> default:off
> Preference "enableWhitelist=on"        # { on | off } -> default:on
> Preference "signatureLocation=headers"    # { message | headers } ->
> default:message
> Preference "tagSpam=on"         # { on | off }
> Preference "tagNonspam=off"        # { on | off }
> Preference "showFactors=on"        # { on | off } -> default:off
> Preference "optIn=off"            # { on | off }
> Preference "optOut=off"            # { on | off }
> Preference "whitelistThreshold=10"    # { Integer } -> default:10
> Preference "makeCorpus=off"        # { on | off } -> default:off
> Preference "storeFragments=off"        # { on | off } -> default:off
> Preference "localStore="        # { on | off } -> default:username
> Preference "processorBias=on"        # { on | off } -> default:on
> Preference "fallbackDomain=off"        # { on | off } -> default:off
> Preference "trainPristine=off"        # { on | off } -> default:off
> Preference "optOutClamAV=off"        # { on | off } -> default:off
> Preference "ignoreRBLLookups=off"    # { on | off } -> default:off
> Preference "RBLInoculate=off"        # { on | off } -> default:off
> Preference "notifications=on"        # { on | off } -> default:off
>
> #
> # Overrides: Specifies the user preferences which may override configuration
> # and commandline defaults. Any other preferences supplied by an
> untrusted user
> # will be ignored.
> #
> #AllowOverride enableBNR
> #AllowOverride enableWhitelist
> #AllowOverride fallbackDomain
> #AllowOverride ignoreGroups
> #AllowOverride ignoreRBLLookups
> #AllowOverride localStore
> #AllowOverride makeCorpus
> #AllowOverride optIn
> #AllowOverride optOut
> #AllowOverride optOutClamAV
> #AllowOverride processorBias
> #AllowOverride RBLInoculate
> ###AllowOverride showFactors
> #AllowOverride signatureLocation
> ###AllowOverride spamAction
> ###AllowOverride spamSubject
> #AllowOverride statisticalSedation
> #AllowOverride storeFragments
> ###AllowOverride tagNonspam
> ###AllowOverride tagSpam
> #AllowOverride trainPristine
> #AllowOverride trainingMode
> #AllowOverride whitelistThreshold
> #AllowOverride dailyQuarantineSummary
> #AllowOverride notifications
>
> # --- MySQL ---
>
> #
> # Storage driver settings: Specific to a particular storage driver.
> Uncomment
> # the configuration specific to your installation, if applicable.
> #
> #MySQLServer        /var/lib/mysql/mysql.sock
> #MySQLPort      
> #MySQLUser        dspam
> #MySQLPass        changeme
> #MySQLDb        dspam
> #MySQLCompress        true
> #MySQLReconnect        true
>
> # If you are using replication for clustering, you can also specify a
> separate
> # server to perform all writes to.
> #
> #MySQLWriteServer    /var/lib/mysql/mysql.sock
> #MySQLWritePort      
> #MySQLWriteUser        dspam
> #MySQLWritePass        changeme
> #MySQLWriteDb        dspam_write
> #MySQLCompress        true
> #MySQLReconnect        true
>
> # If your replication isn't close to real-time, your retraining might
> fail if
> # the  signature isn't found. One workaround for this is to use the write
> # database for all signature reads:
> #
> #MySQLReadSignaturesFromWriteDb    on
>
> # If you're running DSPAM in client/server (daemon) mode, uncomment the
> # setting below to override the default connection cache size (the number
> # of connections the server pools between all clients). The connection cache
> # represents the maximum number of database connections *available* and
> should
> # be set based on the maximum number of concurrent connections you're likely
> # to have. Each connection may be used by only one thread at a time, so all
> # other threads _will block_ until another connection becomes available.
> #
> #MySQLConnectionCache    10
>
> # If you're using vpopmail or some other type of virtual setup and wish to
> # change the table dspam uses to perform username/uid lookups, you can over-
> # ride it below
>
> #MySQLVirtualTable        dspam_virtual_uids
> #MySQLVirtualUIDField        uid
> #MySQLVirtualUsernameField    username
>
> # UIDInSignature: MySQL supports the insertion of the user id into the DSPAM
> # signature. This allows you to create one single spam or fp alias
> # (pointing to some arbitrary user), and the uid in the signature will
> # switch to the correct user. Result: you need only one spam alias
>
> #MySQLUIDInSignature    on
>
> # --- PostgreSQL ---
>
> # For PgSQLServer you can Use a TCP/IP address or a socket. If your
> socket is
> # in /var/run/postgresql/.s.PGSQL.5432 specify just the path where the
> socket
> # resits (without .s.PGSQL.5432).
>
> PgSQLServer        127.0.0.1   #/var/run/postgresql/
> PgSQLPort        5432        #
> PgSQLUser        xyz
> PgSQLPass        xyz-hidden
> PgSQLDb                  dspam
>
> # If you're running DSPAM in client/server (daemon) mode, uncomment the
> # setting below to override the default connection cache size (the number
> # of connections the server pools between all clients).
> #
> PgSQLConnectionCache    6
>
> # UIDInSignature: PgSQL supports the insertion of the user id into the DSPAM
> # signature. This allows you to create one single spam or fp alias
> # (pointing to some arbitrary user), and the uid in the signature will
> # switch to the correct user. Result: you need only one spam alias
>
> #PgSQLUIDInSignature    on
>
> # If you're using vpopmail or some other type of virtual setup and wish to
> # change the table dspam uses to perform username/uid lookups, you can over-
> # ride it below
>
> #PgSQLVirtualTable        dspam_virtual_uids
> #PgSQLVirtualUIDField        uid
> #PgSQLVirtualUsernameField    username
>
> # --- SQLite ---
>
> #SQLitePragma        "synchronous = OFF"
>
> # --- Hash ---
>
> #
> # HashRecMax: Default number of records to create in the initial segment
> when
> # building hash files. 100,000 yields files 1.6MB in size, but can fill up
> # fast, so be sure to increase this (to a million or more) if you're not
> using
> # autoextend.
> #
> # NOTE: If you're using a heavy-weight tokenizer, such as SBPH, you
> should be
> #       looking for settings in the 'millions' of records.
> #
> # Primes List:
> #  53, 97, 193, 389, 769, 1543, 3079, 6151, 12289, 24593, 49157, 98317,
> 196613,
> #  393241, 786433, 1572869, 3145739, 6291469, 12582917, 25165843, 50331653,
> #  100663319, 201326611, 402653189, 805306457, 1610612741, 3221225473,
> #  4294967291
> #
> HashRecMax        98317
>
> #
> # HashAutoExtend: Autoextend hash databases when they fill up. This allows
> # them to continue to train by adding extents (extensions) to the file.
> There
> # will be a small delay during the growth process, as everything needs to be
> # closed and remapped.
> #
> HashAutoExtend        on
>
> #
> # HashMaxExtents: The maximum number of extents that may be created in a
> single
> # hash file. Set this to zero for unlimited
> #
> HashMaxExtents        0
>
> #
> # HashExtentSize: The initial record size for newly created extents.
> Creating
> # this too small could result in many extents being created. Creating
> this too
> # large could result in excessive disk space usage. Typically, a value close
> # to half of the HashRecMax size is good.
> #
> HashExtentSize        49157
>
> #
> # HashPctIncrease: Increase the next extent size by n% from the size of the
> # last extent. This is useful in accommodating systems where the default
> # HashExtentSize can be too small for certain high-volume users, and can
> also
> # help keep seeks nice and speedy and/or prevent too many unnecessary
> extents
> # from being created when using a low HashMaxSeek. The default behavior,
> when
> # HashPctIncrease is not used, is to always use # HashExtentSize with no
> # increase.
> #
> HashPctIncrease        10
>
> #
> # HashMaxSeek: The maximum number of record seeks when inserting a new
> record
> # before failing or adding a new extent. This ultimately translates into the
> # max # of acceptable seeks per segment. Setting this too high will
> exhaustively
> # scan each segment and hurt performance. Typically, a low value is
> acceptable
> # as even older extents will continue to fill as training progresses.
> #
> HashMaxSeek        10
>
> #
> # HashConcurrentUser: If you are using a single, stateful hash database in
> # daemon mode, specifying a concurrent user below will cause the user to be
> # permanently mapped into memory and shared via rwlocks. This is very
> fast and
> # very cool if you are running a "userless" relay appliance.
> #
> #HashConcurrentUser    user
>
> #
> # HashConnectionCache: If running in daemon mode, this is the max # of
> # concurrent connections that will be supported. NOTE: If you are using
> # HashConcurrentUser, this option is ignored, as all connections are read-
> # write locked instead of mutex locked.
> #
> HashConnectionCache    100
>
>
> # --- ExtLookup ---
>
> # ExtLookup: Perform various external lookup functions depending on user-
> # defined variables. ExtLookup can either be set to 'on' or 'off'. The
> # behavior of such lookups are defined by the use of ExtLookupMode, which
> # can be set to 'verify', 'map' and 'strict'.
> #
> #  verify   Will cause dspam to validate the user, prior to
> #           creating the user entry in the system.
> #
> #  map      Will cause dspam to try to map the user address
> #           to a certain unique identifier.
> #
> #  strict   Will cause dspam to enforce both 'verify' and 'map'.
> #
> # ExtLookupDriver will set the engine behind the lookups. For now the only
> # supported mechanisms are 'ldap' and 'program'. The first will make dspam
> # talk directly to the configured LDAP server. The second will prefrom the
> # various lookup functions by running a certain binary program or executable
> # script. The program MUST be a binary executable or a script with a well
> # defined interpreter in its first line ( #!/path/to/interpreter ). There
> # are plans to support TLS/SSL connections to backend databases.
> #
> #ExtLookup        on                # Turns on/off external lookup
> #ExtLookupMode        strict                # available modes are
> 'verify', 'map' and 'strict'.
>                             # 'strict' enforces both verify and map
> #ExtLookupDriver    ldap                # Currently only ldap and
> program are supported.
>                             # There are plans to support both MySQL and
> Postgres.
> #ExtLookupServer    ldap.example.org <http://ldap.example.org>        #
> Can either be a database hostname or the full path to
>                             # an executable lookup program and its
> arguments.
> #ExtLookupPort        389                # Desired port when connecting
> to the lookup database.
> #ExtLookupDB        "ou=Users,dc=domain,dc=com"    # Can either be an
> LDAP search base or a database name (TODO).
> #ExtLookupQuery      
> "(&(objectClass=qmailUser)(|(mail=%u)(mailAlternateAddress=%u)))"    #
> Can either be an LDAP search filter or an SQL query (TODO)
> #ExtLookupLDAPAttribute    "mail"                # Attribute to be used
> when ExtLookupDriver is 'ldap'
>                             # and ExtLookupMode 'map' or 'strict'
> #ExtLookupLDAPScope    sub                # Can be set to 'base', 'sub'
> or 'one'. Only used when ExtLookupDriver is 'ldap'.
> #ExtLookupLDAPVersion    3                # Sets the LDAP protocol
> version (1, 2 or 3)
> #ExtLookupLogin        "cn=admin,dc=domain,dc=com"    # Login to be used
> when connecting to any direct database backend.
> #ExtLookupPassword    itsasecret            # Password to use with
> ExtLookupLogin.
> #ExtLookupCrypto    tls                # Sets the use of TLS on backend
> communication (only compatible with LDAPv3)
>
>
> # --- Profiles ---
>
> #
> # You can specify multiple storage profiles, and specify the server to
> # use on the commandline with --profile. For example:
> #
> #Profile DECAlpha
> #MySQLServer.DECAlpha    10.0.0.1
> #MySQLPort.DECAlpha    3306
> #MySQLUser.DECAlpha    dspam
> #MySQLPass.DECAlpha    changeme
> #MySQLDb.DECAlpha    dspam
> #MySQLCompress.DECAlpha    true
> #MySQLReconnect.DECAlpha    true
> #
> #Profile Sun420R
> #MySQLServer.Sun420R    10.0.0.2
> #MySQLPort.Sun420R    3306
> #MySQLUser.Sun420R    dspam
> #MySQLPass.Sun420R    changeme
> #MySQLDb.Sun420R    dspam
> #MySQLCompress.Sun420R    false
> #MySQLReconnect.Sun420R    true
> #
> #DefaultProfile    DECAlpha
>
> #
> # If you're using storage profiles, you can set failovers for each profile.
> # Of course, if you'll be failing over to another database, that database
> # must have the same information as the first. If you're using a global
> # database with no training, this should be relatively simple. If you're
> # configuring per-user data, however, you'll need to set up some type of
> # replication between databases.
> #
> #Failover.DECAlpha    SUN420R
> #Failover.Sun420R    DECAlpha
>
> # If the storage fails, the agent will follow each profile's failover up to
> # a maximum number of failover attempts. This should be set to a maximum of
> # the number of profiles you have, otherwise the agent could loop and try
> # the same profile multiple times (unless this is your desired behavior).
> #
> #FailoverAttempts    1
>
> #
> # Ignored headers: If DSPAM is behind other tools which may add a header to
> # incoming emails, it may be beneficial to ignore these headers - especially
> # if they are coming from another spam filter. If you are _not_ using one of
> # these tools, however, leaving the appropriate headers commented out will
> # allow DSPAM to use them as telltale signs of forged email.
> #
> #IgnoreHeader X-Spam-Status
> #IgnoreHeader X-Spam-Scanned
> #IgnoreHeader X-Virus-Scanner-Result
>
> #
> # Lookup: Perform lookups on streamlined blackhole list servers (see
> # http://www.nuclearelephant.com/projects/sbl/). The streamlined blacklist
> # server is machine-automated, unsupervised blacklisting system designed to
> # provide real-time and highly accurate blacklisting based on network
> spread.
> # When performing a lookup, DSPAM will automatically learn the inbound
> message
> # as spam if the source IP is listed. Until an official public RABL
> server is
> # available, this feature is only useful if you are running your own
> # streamlined blackhole list server for internal reporting among
> multiple mail
> # servers. Provide the name of the lookup zone below to use.
> #
> # This function performs standard reverse-octet.domain lookups, and while it
> # will function with many RBLs, it's strongly discouraged to use those
> # maintained by humans as they're often inaccurate and could hurt filter
> # learning and accuracy.
> #
> #Lookup        "sbl.example.org <http://sbl.example.org>"
>
> #
> # RBLInoculate: If you want to inoculate the user from RBL'd messages it
> would
> # have otherwise missed, set this to on.
> #
> #RBLInoculate    off
>
> #
> # Notifications: Enable the sending of notification emails to users (first
> # message, quarantine full, etc.)
> #
> Notifications    off
>
> # TxtDirectory: the directory that holds the templates for notification
> # messages (see Notifications) and tagging (see tagSpam/tagNonspam).
> #
> #TxtDirectory /var/spool/dspam/txt
>
> #
> # QuarantineWarnSize: You may specify a size when DSPAM should send a
> "Quarantine
> # Full" message to each user. This is only working if you enable
> notifications
> # (see above). Value is in bytes. Default is 2097152 -> 2MB.
> #
> #QuarantineWarnSize 2097152
>
> #
> # Purge configuration: Set dspam_clean purge default options, if not
> otherwise
> # specified on the commandline
> #
> PurgeSignatures 14    # Stale signatures
> PurgeNeutral    90    # Tokens with neutralish probabilities
> PurgeUnused    90    # Unused tokens
> PurgeHapaxes    30    # Tokens with less than 5 hits (hapaxes)
> PurgeHits1S    15    # Tokens with only 1 spam hit
> PurgeHits1I    15    # Tokens with only 1 innocent hit
>
> #
> # Purge configuration for SQL-based installations using purge.sql
> #
> #PurgeSignature    off    # Specified in purge.sql
> #PurgeNeutral    90
> #PurgeUnused    off    # Specified in purge.sql
> #PurgeHapaxes    off    # Specified in purge.sql
> #PurgeHits1S    off    # Specified in purge.sql
> #PurgeHits1I    off    # Specified in purge.sql
>
> #
> # Local Mail Exchangers: Used for source address tracking, tells DSPAM which
> # mail exchangers are local and therefore should be ignored in the Received:
> # header when tracking the source of an email. Note: you should use the
> address
> # of the host as appears between brackets [ ] in the Received header.
> # By default DSPAM is considering the following IPs always as LocalMX:
> #    10.0.0.0/8 <http://10.0.0.0/8>    - Private IP addresses (RFC 1918)
> #    127.0.0.0/8 <http://127.0.0.0/8>    - Localhost Loopback Address
> (RFC 1700)
> #    169.254.0.0/16 <http://169.254.0.0/16>    - Zeroconf / APIPA (RFC 3330)
> #    172.16.0.0/12 <http://172.16.0.0/12>    - Private IP addresses (RFC
> 1918)
> #    192.168.0.0/16 <http://192.168.0.0/16>    - Private IP addresses
> (RFC 1918)
> #### adicionado em 6/5/14 para tentar ignorar emails locais
> LocalMX 127.0.0.1 [hidden-postfix-ip]
>
> #
> # Logging: Disabling logging for users will make usage graphs unavailable to
> # them. Disabling system logging will make admin graphs unavailable.
> #
> SystemLog    on
> UserLog        on
>
> #
> # TrainPristine: for systems where the original message remains server side
> # and can therefore be presented in pristine format for retraining. This
> option
> # will cause DSPAM to cease all writing of signatures and DSPAM headers
> to the
> # message, and deliver the message in as pristine format as possible.
> This mode
> # REQUIRES that the original message in its pristine format (as of delivery)
> # be presented for retraining, as in the case of webmail, imap, or other
> # applications where the message is actually kept server-side during
> reading,
> # and is preserved. DO NOT use this switch unless the original message
> can be
> # presented for retraining with the ORIGINAL HEADERS and NO MODIFICATIONS.
> #
> # NOTE: You can't use this setting with dspam_trian; if you're going to
> use it,
> #       wait until after you train any corpora.
> #
> #TrainPristine on
>
> #
> # Opt: in or out; determines DSPAM's default filtering behavior. If this
> value
> # is set to in, users must opt-in to filtering by dropping a .dspam file in
> # /var/dspam/opt-in/user.dspam (or if you have homedirs configured, a .dspam
> # folder in their home directory).  The default is opt-out, which means all
> # users will be filtered unless a .nodspam file is dropped in
> # /var/dspam/opt-out/user.nodspam
> #
> Opt out
>
> #
> # TrackSources: specify which (if any) source addresses to track and report
> # them to syslog (mail.info <http://mail.info>). This is useful if
> you're running a firewall or
> # blacklist and would like to use this information. Spam reporting also
> drops
> # RABL blacklist files (see http://www.nuclearelephant.com/projects/rabl/).
> #
> #TrackSources spam nonspam virus
>
> #
> # ParseToHeaders: In lieu of setting up individual aliases for each user,
> # DSPAM can be configured to automatically parse the To: address for
> spam and
> # false positive forwards. From there, it can be configured to either
> set the
> # DSPAM user based on the username specified in the header and/or change the
> # training class and source accordingly. The options below can be used to
> # customize most common types of header parsing behavior to avoid the
> need for
> # multiple aliases, or if using LMTP, aliases entirely..
> #
> # ParseToHeader: Parse the To: headers of an incoming message. This must be
> #                set to 'on' to use either of the following features.
> #
> # ChangeModeOnParse: Automatically change the class (to spam or innocent)
> #   depending on whether spam- or notspam- was specified, and change the
> source
> #   to 'error'. This is convenient if you're not using aliases at all, but
> #   are delivering via LMTP.
> #
> # ChangeUserOnParse: Automatically change the username to match that
> specified
> #   in the To: header. For example, [hidden email]
> <mailto:[hidden email]> will set the username
> #   to bob, ignoring any --user passed in. This may not always be
> desirable if
> #   you are using virtual email addresses as usernames. Options:
> #     on or user    take the portion before the @ sign only
> #     full        take everything after the initial {spam,notspam}-.
> #
> #ParseToHeaders on
> #ChangeModeOnParse on
> #ChangeUserOnParse on
>
> #
> # Broken MTA Options: Some MTAs don't support the proper functionality
> # necessary. In these cases you can activate certain features in DSPAM to
> # compensate. 'returnCodes' causes DSPAM to return an exit code of 99 if
> # the message is spam, 0 if not, or a negative code if an error has occured.
> # Specifying 'case' causes DSPAM to force the input usernames to lowercase.
> # Specifying 'lineStripping' causes DSPAM to strip ^M's from messages passed
> # in.
> #
> #Broken returnCodes
> #Broken case
> #Broken lineStripping
>
> #
> # MaxMessageSize: You may specify a maximum message size for DSPAM to
> process.
> # If the message is larger than the maximum size, it will be delivered
> # without processing. Value is in bytes.
> #
> #MaxMessageSize 4194304
>
> # --- ClamAV ---
>
> #
> # Virus Checking: If you are running clamd, DSPAM can perform stream-based
> # virus checking using TCP. Uncomment the values below to enable virus
> # checking.
> #
> # ClamAVResponse: reject (reject or drop the message with a permanent
> failure)
> #                 accept (accept the message and quietly drop the message)
> #                 spam   (treat as spam and quarantine/tag/whatever)
> #
> #ClamAVPort        3310
> #ClamAVHost        127.0.0.1
> #ClamAVResponse        accept
>
> # --- CLIENT / SERVER ---
>
> #
> # Daemonized Server: If you are running DSPAM as a daemonized server using
> # --daemon, the following parameters will override the default. Use the
> # ServerPass option to set up accounts for each client machine. The DSPAM
> # server will process and deliver the message based on the parameters
> # specified. If you want the client machine to perform delivery, use
> # the --stdout option in conjunction with a local setup.
> #
> # ServerHost: Not enabling ServerHost will bind DSPAM server to all
> available
> # interfaces.
> #
> #ServerHost           [hidden-server-host]             #original era
> 127.0.0.1  
> ServerPort            10033                      #original era 24  
> ServerQueueSize            3000
> ServerPID        /var/run/dspam.pid
>
> #
> # ServerMode specifies the type of LMTP server to start. This can be one of:
> #     dspam: DSPAM-proprietary DLMTP server, for communicating with dspamc
> #  standard: Standard LMTP server, for communicating with Postfix or
> other MTA
> #      auto: Speak both DLMTP and LMTP; auto-detect by ServerPass.IDENT
> #
> ServerMode standard
>
> # If supporting DLMTP (dspam) mode, dspam clients will require
> authentication
> # as they will be passing in parameters. The idents below will be used to
> # determine which clients will be speaking DLMTP, so if you will be using
> # both LMTP and DLMTP from the same host, be sure to use something other
> # than the server's hostname below (which will be sent by the MTA during a
> # standard LMTP LHLO).
> #
> #ServerPass.Relay1    "secret"
> #ServerPass.Relay2    "password"
>
> # If supporting standard LMTP mode, server parameters will need to be
> specified
> # here, as they will not be passed in by the mail server. The ServerIdent
> # specifies the 250 response code ident sent back to connecting clients and
> # should be set to the hostname of your server, or an alias.
> #
> # NOTE: If you specify --user in ServerParameters, the RCPT TO will be
> #       used only for delivery, and not set as the active user for
> processing.
> #
> ServerParameters    "--deliver=innocent -d %u"
> ServerIdent        "anti-spam.[local-domain]"
>
> # If you wish to use a local domain socket instead of a TCP socket,
> uncomment
> # the following. It is strongly recommended you use local domain sockets if
> # you are running the client and server on the same machine, as it
> eliminates
> # much of the bandwidth overhead.
> #
> #ServerDomainSocketPath    "/tmp/dspam.sock"
>
> #
> # Client Mode: If you are running DSPAM in client/server mode, uncomment and
> # set these variables. A ClientHost beginning with a / will be treated as
> # a domain socket.
> #
> #ClientHost    /tmp/dspam.sock
> #ClientIdent    "secret@Relay1"
> #
> #ClientHost    127.0.0.1
> #ClientPort    24
> #ClientIdent    "secret@Relay1"
>
> # --- RABL ---
>
> # RABLQueue: Touch files in the RABL queue
> # If you are a reporting streamlined blackhole list participant, you can
> # touch ip addresses within the directory the rabl_client process is
> watching.
> #
> #RABLQueue    /var/spool/rabl
>
> # ---  ---
>
> # DataSource: If you are using any type of data source that does not include
> # email-like headers (such as documents), uncomment the line below. This
> # will cause the entire input to be treated like a message "body"
> #
> #DataSource document
>
> # ProcessorWordFrequency: By default, words are only counted once per
> message.
> # If you are classifying large documents, however, you may wish to count
> once
> # per occurrence instead.
> #
> #ProcessorWordFrequency occurrence
>
> # ProcessorURLContext: By default, a URL context is generated for URLs,
> which
> # records their tokens as separate from words found in documents. To use
> # URL tokens in the same context as words, turn this feature off.
> #
> ####ProcessorURLContext on  --> desligado para tentar melhorar performance
> ProcessorURLContext off
>
> # ProcessorBias: Bias causes the filter to lean more toward 'innocent', and
> # usually greatly reduces false positives. It is the default behavior of
> # most Bayesian filters (including dspam).
> #
> # NOTE: You probably DONT want this if you're using Markovian Weighting,
> unless
> # you are paranoid about false positives.
> #
> ProcessorBias on
>
> # StripRcptDomain: Cut the domain (including the at sign) from recipients.
> # This is particularly useful if the recipient name is equal to real user
> # accounts as recipients with domains tend to cause permission issues with
> # dspam-web.
> #
> StripRcptDomain off
>
> # GroupConfig: The configuration file for groups. See the README file
> # for details on how to enable users to combine their training data to
> # get better results.
> GroupConfig /var/spool/dspam/group
>
> # --- Split Configuration File Support ---
>
> # Include a directory with configuration items.
> #Include /etc/dspam/dspam.d/
>
> # ---  ---
>
> ## EOF
>
>  
>
>
>     -Troy
>
>
>     On 5/28/2014 4:00 PM, Carlos Alberto M. B. wrote:
>>
>>
>>     2014-05-27 17:52 GMT-03:00 Troy Ayers <[hidden email]
>>     <mailto:[hidden email]>>:
>>
>>         A Retrained message has no X-DSPAM-* in the headers?
>>
>>
>>     To clarify the experiments:
>>     The  message comes with X-DSPAM-* in the headers.
>>     After retrainig it, it still with those headers.
>>     The retraining seems to work, and it is done with the command:
>>     /usr/bin/dspam --client --user [hidden email]
>>     <mailto:[hidden email]> --class=spam --source=error
>>     --signature=53863fd1156344451714589
>>     The retraining is working, since the stats change and it is logged.
>>
>>     Otherwise, the next identical message I sent after a/some retrain
>>     is described in logs as "Tagged", as it should be, but it comes
>>     without X-DSPAM-* in the headers and without the "[SPAM]" in the
>>     Subject of the message.
>>
>>
>>
>>         This would seem to indicate an issue with the method used to
>>         retrain.  How do you retrain exactly?  Does dspam-stats change
>>         after you retrain?  Sounds like the existing x-spam-* headers
>>         are getting stripped out somehow?
>>
>>         Or does the retraining work, but similar or identical emails
>>         are not being flagged as spam?
>>
>>
>>     yes
>>      
>>
>>         TEFT, If I remember properly, may need more than one
>>         training.  If the test emails are otherwise identical, the
>>         x-dpsam-probability would change with each retrain.  You could
>>         turn on ShowFactors to see more detail in the headers.
>>
>>
>>     the logs show as an email was tagged as spam, but don't tag it as
>>     it should be.
>>      
>>
>>
>>         In any case, you could turn on verbose logging and see what
>>         shows up there.
>>
>>         If I mis-understand something, please clarify.
>>
>>         It sounds like some messages are not being scanned with dspam
>>         at all.
>>
>>
>>     The messages are being scanned, but somehow, when classified as
>>     Spam and "Tagged", nothing is written in the message: No X-DSPAM-*
>>     tags, nor the [SPAM] in the title...
>>
>>     Any idea? :/
>>
>>     -Carlos Alberto
>>
>>
>>         -Troy
>>
>>
>>         On 5/23/2014 8:34 AM, Carlos Alberto M. B. wrote:
>>>         Hi,
>>>
>>>         I'm testing a fresh new DSPAM instalation with Postfix, and
>>>         it seems to be working fine, tagging with X-DSPAM-* the mail
>>>         header.
>>>         But when I retrain a message, the next similar messages (that
>>>         would be marked as spam) are not being tagged with X-DSPAM-*
>>>         and the subject is not changed with the "[SPAM]" at the
>>>         begining, as it should be.
>>>
>>>         Can someone give me any idea how to solve that?
>>>
>>>         Thanks.
>>>         Carlos Alberto
>>>
>>>         PS: the preferences of dspam.conf:
>>>         Preference "trainingMode=TEFT"          # { TOE | TUM | TEFT
>>>         | NOTRAIN } -> default:teft
>>>         Preference "spamAction=tag"             # { quarantine | tag
>>>         | deliver } -> default:quarantine
>>>         Preference "spamSubject=[SPAM]"         # { string } ->
>>>         default:[SPAM]
>>>         Preference "statisticalSedation=5"      # { 0 - 10 } -> default:0
>>>         Preference "enableBNR=on"               # { on | off } ->
>>>         default:off
>>>         Preference "enableWhitelist=on"         # { on | off } ->
>>>         default:on
>>>         Preference "signatureLocation=headers"  # { message | headers
>>>         } -> default:message
>>>         Preference "tagSpam=on"                 # { on | off }
>>>         Preference "tagNonspam=off"             # { on | off }
>>>         Preference "showFactors=off"            # { on | off } ->
>>>         default:off
>>>         Preference "optIn=off"                  # { on | off }
>>>         Preference "optOut=off"                 # { on | off }
>>>         Preference "whitelistThreshold=10"      # { Integer } ->
>>>         default:10
>>>         Preference "makeCorpus=off"             # { on | off } ->
>>>         default:off
>>>         Preference "storeFragments=off"         # { on | off } ->
>>>         default:off
>>>         Preference "localStore="                # { on | off } ->
>>>         default:username
>>>         Preference "processorBias=on"           # { on | off } ->
>>>         default:on
>>>         Preference "fallbackDomain=off"         # { on | off } ->
>>>         default:off
>>>         Preference "trainPristine=off"          # { on | off } ->
>>>         default:off
>>>         Preference "optOutClamAV=off"           # { on | off } ->
>>>         default:off
>>>         Preference "ignoreRBLLookups=off"       # { on | off } ->
>>>         default:off
>>>         Preference "RBLInoculate=off"           # { on | off } ->
>>>         default:off
>>>         Preference "notifications=on"           # { on | off } ->
>>>         default:off
>>
>
>
>     ------------------------------------------------------------------------------
>     Time is money. Stop wasting it! Get your web API in 5 minutes.
>     www.restlet.com/download <http://www.restlet.com/download>
>     http://p.sf.net/sfu/restlet
>     _______________________________________________
>     Dspam-user mailing list
>     [hidden email]
>     <mailto:[hidden email]>
>     https://lists.sourceforge.net/lists/listinfo/dspam-user
>
>
>
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/NeoTech
>
>
>
> _______________________________________________
> Dspam-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/dspam-user
>


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user

signature.asc (902 bytes) Download Attachment
Loading...