Installing DSPAM with ClamAV for Postfix on lenny

DSPAM is a scalable and open-source content-based spam filter designed for multi-user enterprise systems. On a properly configured system, many users experience results between 99.5% – 99.95%, or one error for every 200 to 2000 messages.

Install and configure the DSPAM daemon

1. Install DSPAM daemon with MySql storage driver and ClamAV. The installer will create a database and required table structure.

apt-get install DSPAM libdspam7-drv-mysql clamav
> Yes
> Type the password for the root user in MySql
> Select a strong password or allow a random password to be generated


2. Configure DSPAM to deliver mail to the Postfix mail server on port 10025, use ClamAV for virus filtering and more. You should read the config file carefully and adjust as needed. (pico /etc/dspam/dspam.conf)

StorageDriver /usr/lib/dspam/libmysql_drv.so
DeliveryHost 127.0.0.1
DeliveryPort 10025
DeliveryIdent dspam
DeliveryProto SMTP
Preference "signatureLocation=headers"
Preference "spamSubject=SPAM"
Opt out
TrackSources spam
ClamAVPort 3310
ClamAVHost 127.0.0.1
ClamAVResponse accept
ServerMode auto
ServerPass.Relay1 "secret"
ServerParameters "--deliver=innocent -d %u"
ServerDomainSocketPath "/var/run/dspam/dspam.sock"


3. Enable the DSPAM daemon (pico /etc/default/dspam)

START=yes


4. Restart the DSPAM daemon

/etc/init.d/dspam restart


Install and configure Postfix mail system

1. Install Postfix mail system if not already installed. The postfix-pcre package is required for the dspam_filter_access and dspam_check_aliases files created later.

apt-get install postfix postfix-pcre


2. We only want to filter incoming mail (pico /etc/postfix/dspam_filter_access)

/^(spam|ham)@.*$/ OK
/./ FILTER dspam:dspam


Set correct permissions on the newly created file

chown root.postfix /etc/postfix/dspam_filter_access


3. Set up special aliases to train DSPAM (pico /etc/aliases)

ham: [email protected]
spam: [email protected]


postalias /etc/aliases


Add entries into the transports file (pico /etc/postfix/transports)

spam.spam dspam-retrain:spam
ham.ham dspam-retrain:innocent


postmap /etc/postfix/transports


Create a filter to prevent unwanted use of the spam and ham aliases (pico /etc/postfix/dspam_check_aliases)

/^.*(spam|ham)@.*$/ REJECT


postmap /etc/postfix/dspam_check_aliases


4. Configure Postfix (pico /etc/postfix/main.cf)

smtpd_client_restrictions = check_client_access pcre:/etc/postfix/dspam_filter_access
dspam_destination_recipient_limit = 1
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/dspam_check_aliases, check_sender_access pcre:/etc/postfix/dspam_check_aliases
transport_maps = hash:/etc/postfix/transports


If you have changed the config of your mail server from the default ones, you may need to append the new values instead of replacing the whole line.

Append these lines to the master.cf file (pico /etc/postfix/master.cf)

dspam unix - n n - - pipe
flags=Ru user=dspam argv=/usr/bin/dspam --client --deliver=innocent,spam --user ${recipient} --mail-from=${sender}
 
dspam-retrain unix - n n - - pipe
flags=Rhq user=dspam argv=/usr/bin/dspam --client --mode=teft --class=$nexthop --source=error --user dspam
 
localhost:10025 inet n - n - - smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8


Train DSPAM

1. Install bzip2

apt-get install bzip2


2. Download training content

cd /tmp
wget http://spamassassin.apache.org/publiccorpus/20050311_spam_2.tar.bz2
wget http://spamassassin.apache.org/publiccorpus/20030228_easy_ham_2.tar.bz2


3. Extract the training content

tar xvfj 20050311_spam_2.tar.bz2
tar xvfj 20030228_easy_ham_2.tar.bz2


4. Start the training. This may take a few minutes.

dspam_train test spam_2/ easy_ham_2/


You’re all set, now you should have a fully function mail system with powerful spam and virus filtering.