[Dspam-user] Mixing ExtLoopup and FallbackDomains with weird configuration

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Dspam-user] Mixing ExtLoopup and FallbackDomains with weird configuration

Christophe Boyanique
Hello,

I am testing dspam on my mail server with only one domain, let's say
foorbar.com and have some problems.

On foobar.com there is two kings of accounts: students and teachers;
each type of accounts owns two mail entries ([hidden email] and
[hidden email]) this is why I use ldap extlookup to map one
dspam userid to both adresses.

Teachers adresses are redirected to our real mail server.
Students adresses are redirected to external adresses (gmail or hotmail
for example).

I want to filter with dspam all the foobar adresses (students and
teachers) with:
a merged group for teachers
a fallback shared user/group for the students


My first problem is if I ask Postfix to resolve all aliases before
filtering (which is required to expand groups), all foobar.com student
addresses are expanded to gmail and hotmail adresses and I don't know
how to tell dspam to use a single shared group for all that
cross-domains adresses. Is there a super fallback domains ?


If I prevent Postfix to resolve aliases before filtering, I have a
second problem as students seems not to be mapped to the fallback user
foobar.


ExtLookup               on
ExtLookupMode           strict
ExtLookupDriver         ldap
ExtLookupServer         ldap.foobar.com
ExtLookupPort           389
ExtLookupDB             "ou=People,dc=foobar.com"
ExtLookupQuery
"(&(objectClass=foobarPerson)(&(mail=%u)(mailDestination=smtp:mail.foobar.com:25)))"
ExtLookupLDAPAttribute  "mail"
ExtLookupLDAPScope      sub
ExtLookupLDAPVersion    3


(the mailDestination in the LDAP filter selects only teachers)


FallbackDomains on


mysql> select * from dspam_virtual_uids;
+-----+---------------------+
| uid | username            |
+-----+---------------------+
|   1 | teachers            |
|   2 | @foobar.com         |
|   3 | foobar.com          |
|  14 | [hidden email] |
+-----+---------------------+

mysql> select * from dspam_preferences order by uid;
+-----+-----------------+-------+
| uid | preference      | value |
+-----+-----------------+-------+
|   1 | enableWhitelist | off   |
|   2 | enableWhitelist | off   |
|   2 | fallbackDomain  | on    |
|   3 | enableWhitelist | off   |
|   3 | fallbackDomain  | on    |
+-----+-----------------+-------+



/var/spool/dspam/group contains:
teachers:merged:[hidden email],[hidden email],...



I trained the @foobar.com and teachers group with dspam_train and spams
for [hidden email] are detected, but for students accounts the user
is not known, and dspam does not fallback I think:

4723: [12/13/2013 16:43:30] looking up user [hidden email] using
ldap driver.
4723: [12/13/2013 16:43:30] External Lookup: sanitized username is
[hidden email]

4723: [12/13/2013 16:43:30] External Lookup: found 0 LDAP entries
4723: [12/13/2013 16:43:30] External Lookup: Backend search failure: no
entries found.
4723: [12/13/2013 16:43:30] DSPAM Instance Startup
4723: [12/13/2013 16:43:30] input args: dspam --deliver=innocent
4723: [12/13/2013 16:43:30] pass-thru args:
4723: [12/13/2013 16:43:30] processing user [hidden email]
4723: [12/13/2013 16:43:30] uid = 110, euid = 110, gid = 114, egid = 114
4723: [12/13/2013 16:43:30] loading preferences for user [hidden email]
4723: [12/13/2013 16:43:30] _mysql_drv_getpwnam: returning NULL for
query on name: [hidden email]
4723: [12/13/2013 16:43:30] _ds_pref_load: unable to
_mysql_drv_getpwnam([hidden email])
4723: [12/13/2013 16:43:30] _mysql_drv_getpwnam: successful returning
struct for name: @foobar.com
4723: [12/13/2013 16:43:30] Loading preferences for uid 2
4723: [12/13/2013 16:43:30] empty prefs found. falling back to @foobar.com
4723: [12/13/2013 16:43:30] Loading preferences for uid 0
4723: [12/13/2013 16:43:30] default preferences empty. reverting to
dspam.conf preferences.
4723: [12/13/2013 16:43:30] Loading preferences from dspam.conf
4723: [12/13/2013 16:43:30] _mysql_drv_getpwnam: setting, then returning
passed name: [hidden email]
4723: [12/13/2013 16:43:30] _mysql_drv_setpwnam: verified_user is 0
4723: [12/13/2013 16:43:30] _mysql_drv_setpwnam: External lookup
verification of [hidden email] failed: not adding user
4723: [12/13/2013 16:43:30] _mysql_drv_get_spamtotals: unable to
_mysql_drv_getpwnam([hidden email])
4723: [12/13/2013 16:43:30] _ds_init_storage: unable to load totals.
Using zero values.
4723: [12/13/2013 16:43:30] _mysql_drv_getpwnam: setting, then returning
passed name: [hidden email]
4723: [12/13/2013 16:43:30] _mysql_drv_setpwnam: verified_user is 0
4723: [12/13/2013 16:43:30] _mysql_drv_setpwnam: External lookup
verification of [hidden email] failed: not adding user
4723: [12/13/2013 16:43:30] _ds_getall_spamrecords: unable to
_mysql_drv_getpwnam([hidden email])
4723: [12/13/2013 16:43:30] _ds_getall_spamrecords() failed

==> /var/log/syslog <==
Dec 13 16:43:30 miles dspam[4723]: bailing on error -2
Dec 13 16:43:30 miles dspam[4723]: received invalid result (!DSR_ISSPAM
&& !DSR_ISINNOCENT): -2

==> /var/log/dspam/dspam.debug <==
4723: [12/13/2013 16:43:30] total processing time: 0.00162s
4723: [12/13/2013 16:43:30] _mysql_drv_getpwnam: setting, then returning
passed name: [hidden email]
4723: [12/13/2013 16:43:30] _mysql_drv_setpwnam: verified_user is 0
4723: [12/13/2013 16:43:30] _mysql_drv_setpwnam: External lookup
verification of [hidden email] failed: not adding user
4723: [12/13/2013 16:43:30] _mysql_drv_set_spamtotals: unable to
_mysql_drv_getpwnam([hidden email])

==> /var/log/syslog <==
Dec 13 16:43:30 miles dspam[4723]: process_message returned error -5.
delivering.



Thanks for any help...



------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Loading...