[Dspam-user] Newbie trying to understand setup

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[Dspam-user] Newbie trying to understand setup

Alan Chandler
Hi

I have an aging PC running exim/spamassassin, which is also my internet
gateway and a load of other stuff.  Machine goes down and the house is
without an internet connection.

So in moving away from that, I decided to use a small Raspberry Pi as a
mail server (and some other stuff) for the home.  4 separate mail
address (2 of them are mine, personal and business).  The others are for
my wife and daughter - both NOT computer savy.  We have about 8G of mail
stored - I have a 32G thumb drive on the PI set up as lvm with /var and
/var/mail stores as logical volumes on it.  This is great because I have
already shown migrating that from one drive to another without taking
the the mail serving part offline is easy.

With a lot of learning, I now have a postfix -> dovecot setup and 4
milters for before queue filtering.  These are milter-greylist (only
used for spf checking), dkim-milter (dkim checking - maybe in future
dkim signing, although for now my domain name host doesn't support dkim
key records), clamav-milter -> clamav-daemon for virus scanning and
dspam-milter->dpam for spam checking.

Dovecot has a sieve setup, with (for now - more to come) a default sieve
that handles postfix sender_bcc of outgoing mail back to a user with a
+saveout extension to move mail to a Sent mail store.

Dovecot is set up to use standard Mailstore's but there are no user
accounts on the machine, everything is treated like a virtual mailbox -
and Dovecot is also Postfix Authentication mechanism via a small sqlite
database.

As of now, all seem to be working - at least I have been trying to break
it for a while, although its was only this evening that I got the
dspam-milter/dpam daemon  in place and working.

Now I need to ensure that dspam can train itself but I don't really
understand it enough to get move away from its use of mail addresses -
not entirely convenient.  I thought I would ask on this list for more
advice.

Both my wife and I use Thunderbird as our main mail client and it and my
wife (and myself) seems quite adapt at moving mail they think is Junk
into the junk folder (a special use folder defined in Dovecot to be for
\Junk). So from a user perspective, by far the most natural approach for
training for spam would be to use something like a cron job to regularly
scan each users junk Maildir using the dspam_train command line tool in
a script.

Is this an accepted approach.?

What should I use as ham?

Do I need as much ham as spam?

I would very much appreciate some advice on the matter.

One further question - I don't really understand python, so it took my a
while to get dpam-milter working.  I run it from debian
start-stop-daemon, but if I try and run it other than root (I was hoping
to run it as dpam) it disappears silently without trace.  Is there any
likely causes for this, that I can fix easily.

Thanks

Alan






------------------------------------------------------------------------------
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries.  Built-in WAN optimization and the
freedom to use Git, Perforce or both. Make the move to Perforce.
http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] Newbie trying to understand setup

Rick Leir
When you move a mail to Junk, what is really happening is that you are telling IMAP to attach the Junk flag to the message. The Junk folder is really a 'view' not a folder. My experience is with Evolution not Tbird, so please correct me.

There is a Dovecot plugin from Sipsolutions called antispam which notices when the junk flag has been attached or removed. Then it calls dspam to train it. I have not used this plugin myself so YMMV. One problem is that two versions of the plugin exist, and you need to locate the correct documentation.
johannes.sipsolutions.net/Projects/dovecot-antispam
http://wiki2.dovecot.org/Plugins/Antispam


On Tue, 2014-03-04 at 20:31 +0000, Alan Chandler wrote:
the most natural approach for
training for spam would be to use something like a cron job to regularly
scan each users junk Maildir using the dspam_train command line tool in
a script.


Rick Leir, Senior Developer
http://CirrusComputing.com/ 


------------------------------------------------------------------------------
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries.  Built-in WAN optimization and the
freedom to use Git, Perforce or both. Make the move to Perforce.
http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] Newbie trying to understand setup

Alan Chandler
On 05/03/14 01:47, Rick Leir wrote:
When you move a mail to Junk, what is really happening is that you are telling IMAP to attach the Junk flag to the message. The Junk folder is really a 'view' not a folder. My experience is with Evolution not Tbird, so please correct me.

It looks as though Thunderbird uses a real folder.  At least the folder has some mail in it which looks like the spam I put there earlier - whether its the complete thing or just the manually moved stuff I don't know because ..


There is a Dovecot plugin from Sipsolutions called antispam which notices when the junk flag has been attached or removed. Then it calls dspam to train it. I have not used this plugin myself so YMMV. One problem is that two versions of the plugin exist, and you need to locate the correct documentation.

dovecot-antispam is a debian package which seems to contain it (having installed it and now read the man page).  Thanks a lot - sounds like it is exactly what I need.

Alan


------------------------------------------------------------------------------
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries.  Built-in WAN optimization and the
freedom to use Git, Perforce or both. Make the move to Perforce.
http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] Newbie trying to understand setup

Karl Ostendorf
You might also want to have a look at the following blog entry which details how to setup postfix, dovecot, spam and sieve. I used it in setting up my own system. He doesn’t use antispam but rather has dspam place headers on the mail so that sieve can then place it into the Junk folder. If the mail is not Junk sieve will adjust the headers when the mail is moved back to the Inbox enabling you to train dspam.

http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/


By the way, very interesting setup with the Raspberry Pi.



Ostendorf Software
https://ostendorf.com/
tel:    +49 151 1270 4213
mailto: [hidden email]







On 05.03.2014, at 07:35, Alan Chandler <[hidden email]> wrote:

> On 05/03/14 01:47, Rick Leir wrote:
>> When you move a mail to Junk, what is really happening is that you are telling IMAP to attach the Junk flag to the message. The Junk folder is really a 'view' not a folder. My experience is with Evolution not Tbird, so please correct me.
>>
> It looks as though Thunderbird uses a real folder.  At least the folder has some mail in it which looks like the spam I put there earlier - whether its the complete thing or just the manually moved stuff I don't know because ..
>
>
>> There is a Dovecot plugin from Sipsolutions called antispam which notices when the junk flag has been attached or removed. Then it calls dspam to train it. I have not used this plugin myself so YMMV. One problem is that two versions of the plugin exist, and you need to locate the correct documentation.
>
> dovecot-antispam is a debian package which seems to contain it (having installed it and now read the man page).  Thanks a lot - sounds like it is exactly what I need.
>
> Alan
>
> ------------------------------------------------------------------------------
> Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
> With Perforce, you get hassle-free workflows. Merge that actually works.
> Faster operations. Version large binaries.  Built-in WAN optimization and the
> freedom to use Git, Perforce or both. Make the move to Perforce.
> http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk_______________________________________________
> Dspam-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/dspam-user


------------------------------------------------------------------------------
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries.  Built-in WAN optimization and the
freedom to use Git, Perforce or both. Make the move to Perforce.
http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user