Since I was asked by Adam to give some hints how to setup dspam, I’m posting snippets from my configuration in hope that it will help at least a bit.
We’ll start with exim. First of all, we’ll need a router that will pass all incoming email through dspam. Since I use ldap to store all domains and users, it might look a bit intimidating. But, as always, the documentation is your friend. Anyhow, the interesting part is the condition.
dspam_router:
driver = accept
no_verify
domains = +virtual_domains
hide local_parts = ${lookup ldap {user=LDAP_USER pass=LDAP_PASS \
ldap:///dc=${quote_ldap_dn:$domain},ou=domains,dc=ejohansson,dc=se?uid?one?\
(&(objectClass=posixAccount)(uid=${quote_ldap:$local_part}@$domain))}\
{${extract{1}{@}{$value}}} fail}
local_part_suffix = +*
local_part_suffix_optional
# When to scan a message :
# - it isn't already scanned
# - it isn't local
# - it is less than 512k in size
condition = "${if and {\
{!eq {$received_protocol}{spam-scanned}}\
{!eq {$received_protocol}{local}}\
{ <= {$message_size}{512k}}\
} {1}{0}}"
headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
transport = dspam_spamcheck
If the message matched the condition, it will be sent to the dspam_spamcheck transport. Which looks like follows.
dspam_spamcheck:
driver = pipe
command = "/usr/bin/dspam --deliver=innocent,spam \
--user '${lc:$local_part}@${lc:$domain}' -- \
-f '$sender_address' %u"
home_directory = "/var/spool/dspam"
current_directory = "/var/spool/dspam"
user = dspam
group = dspam
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
This will check the message and then send it to exim, to have it pass through the exim router chain once more. But this time, since we'll be using the spam-scanned protocol, it wont match the condition in dspam_router. But for this to work, we need to set the delivery agent in dspam.conf.
TrustedDeliveryAgent "/usr/sbin/exim4 -oMr spam-scanned"
Then we need to give the dspam user right to set the received protocol. We do this by adding dspam to the list of trusted_users in our exim conf.
See the configuration files for more details and the DSPAM wiki for even some more.
If you have comments or would like me too explain something a bit more, please don't hesitate to leave a comment or drop me a mail.
