关于DSPAM的Quarantine 的一个问题
最近忙点其它系统。前面刚重新装了一下dspam总结一问题和解决方法。安装dspam-3.9.1-RC1这个最新的版本。设定为单用户(user: admin)学习和Quarantine模式。发现在Quarantine里的邮件可以正常隔离在里面。但是此邮件是误判的话。在dspam webui上点击Deliver checked是无法正常发送出去。(在日志显示发送到了[email]admin@xxx.com[/email]上去了,因无此用户导至邮件丢失)
参数如下:
dspam.conf
--------------------------------------------------------------
Home /var/dspam
StorageDriver /usr/local/lib/dspam/libmysql_drv.so
TrustedDeliveryAgent "/usr/sbin/sendmail"
DeliveryHost 127.0.0.1
DeliveryPort 10024
DeliveryIdent localhost
DeliveryProto SMTP
OnFail error
Trust root
Trust dspam
Trust apache
Trust mail
Trust mailnull
Trust smmsp
Trust daemon
Trust dspam
Trust postfix
Trust admin
TrainingMode teft
TestConditionalTraining on
Feature whitelist
Algorithm graham burton
Tokenizer chain
PValue bcr
WebStats on
Preference "trainingMode=TEFT" # { TOE | TUM | TEFT | NOTRAIN } -> default:teft
Preference "spamAction=quarantine" # { quarantine | tag | deliver } -> default:quarantine
Preference "spamSubject=[SPAM]" # { string } -> default:[SPAM]
Preference "statisticalSedation=5" # { 0 - 10 } -> default:0
Preference "enableBNR=on" # { on | off } -> default:off
Preference "enableWhitelist=on" # { on | off } -> default:on
Preference "signatureLocation=message" # { message | headers } -> default:message
Preference "tagSpam=off" # { on | off }
Preference "tagNonspam=off" # { on | off }
Preference "showFactors=on" # { on | off } -> default:off
Preference "optIn=off" # { on | off }
Preference "optOut=off" # { on | off }
Preference "whitelistThreshold=10" # { Integer } -> default:10
Preference "makeCorpus=off" # { on | off } -> default:off
Preference "storeFragments=off" # { on | off } -> default:off
Preference "localStore=" # { on | off } -> default:username
Preference "processorBias=on" # { on | off } -> default:on
Preference "fallbackDomain=off" # { on | off } -> default:off
Preference "trainPristine=off" # { on | off } -> default:off
Preference "optOutClamAV=off" # { on | off } -> default:off
Preference "ignoreRBLLookups=off" # { on | off } -> default:off
Preference "RBLInoculate=off" # { on | off } -> default:off
Preference "notifications=off" # { on | off } -> default:off
AllowOverride enableBNR
AllowOverride enableWhitelist
AllowOverride fallbackDomain
AllowOverride ignoreGroups
AllowOverride ignoreRBLLookups
AllowOverride localStore
AllowOverride makeCorpus
AllowOverride optIn
AllowOverride optOut
AllowOverride optOutClamAV
AllowOverride processorBias
AllowOverride RBLInoculate
AllowOverride showFactors
AllowOverride signatureLocation
AllowOverride spamAction
AllowOverride spamSubject
AllowOverride statisticalSedation
AllowOverride storeFragments
AllowOverride tagNonspam
AllowOverride tagSpam
AllowOverride trainPristine
AllowOverride trainingMode
AllowOverride whitelistThreshold
AllowOverride dailyQuarantineSummary
AllowOverride notifications
MySQLServer /var/lib/mysql/mysql.sock
MySQLUser dspam
MySQLPass XXX
MySQLDb dspam
MySQLCompress true
MySQLReconnect true
MySQLUIDInSignature on
HashRecMax 98317
HashAutoExtend on
HashMaxExtents 0
HashExtentSize 49157
HashPctIncrease 10
HashMaxSeek 10
HashConnectionCache 10
Notifications off
PurgeSignatures 14 # Stale signatures
PurgeNeutral 90 # Tokens with neutralish probabilities
PurgeUnused 90 # Unused tokens
PurgeHapaxes 30 # Tokens with less than 5 hits (hapaxes)
PurgeHits1S 15 # Tokens with only 1 spam hit
PurgeHits1I 15 # Tokens with only 1 innocent hit
LocalMX 127.0.0.1
SystemLog on
UserLog on
Opt out
ParseToHeaders on
ChangeUserOnParse user
ServerHost 127.0.0.1
ServerPort 10028
ServerQueueSize 32
ServerPID /var/run/dspam/dspam.pid
ServerMode auto
ServerPass.Relay1 "secret"
ServerParameters "--user admin --deliver=innocent"
ServerIdent "localhost.localdomain"
ClientHost 127.0.0.1
ClientPort 10028
ClientIdent "secret@Relay1"
ProcessorURLContext on
ProcessorBias on
StripRcptDomain off
------------------------------------------------
webui 中configure.pl的主要设定如下:
-------
$CONFIG{'DSPAM_HOME'} = "/var/dspam";
$CONFIG{'DSPAM_BIN'} = "/usr/local/bin";
$CONFIG{'DSPAM'} = $CONFIG{'DSPAM_BIN'} . "/dspam";
$CONFIG{'DSPAM_STATS'} = $CONFIG{'DSPAM_BIN'} . "/dspam_stats";
#$CONFIG{'DSPAM_ARGS'} = "--deliver=innocent --class=innocent " .
# "--source=error --user %CURRENT_USER% -d %u";
$CONFIG{'DSPAM_ARGS'} = "--deliver=innocent --class=innocent " .
"--source=error --user %CURRENT_USER% -i -- %u";
-----------------------------
日志显示如下:
Jul 26 15:45:32 ns1 postfix/smtp[14146]: D74459522CF: to=<[email]admin@xxxx.org[/email]>, orig_to=<admin>, relay=152.104.xxx.xxx[152.104.xxx.xxxx]:125, delay=1.6, delays=0.52/0/0.08/1, dsn=5.0.0, status=bounced (host 152.104.xxx.xxx[152.104.xxx.xxx] said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser) (in reply to RCPT TO command))
-------------------------------------------------------------------
我的最后只好弄了个解决方法(还不算未完全弄好,只是能用)方法如下:
1.在webui 中configure.pl的增加两个参数:
$CONFIG{'SENDMAIL'} = "/usr/sbin/sendmail";
$CONFIG{'SENDMAIL_ARGS'} = "-i -t";
2在webui中的dspam.cgi的增加如下(带 + 号的为新加的):
if ($head{'X-DSPAM-Signature'} eq $FORM{'signatureID'}) {
$found = 1;
+ my $mail_sendmail;
+ open(PIPE_MAIL, "|$CONFIG{'SENDMAIL'} $CONFIG{'SENDMAIL_ARGS'}") || &error($!);
open(PIPE, "|$CONFIG{'DSPAM'} $CONFIG{'DSPAM_ARGS'} >$TMPFILE 2>&1") || &error($!);
foreach(@temp) {
+ $mail_sendmail.="$_\n";
print PIPE "$_\n";
}
}
+ print PIPE_MAIL $mail_sendmail;
+ close(PIPE_MAIL);
close(PIPE);
.......
......
sub Deliver {
my(@temp) = @_;
+ my $mail_sendmail;
+ open(PIPE_MAIL, "|$CONFIG{'SENDMAIL'} $CONFIG{'SENDMAIL_ARGS'}") || return $!;
open(PIPE, "|$CONFIG{'DSPAM'} $CONFIG{'DSPAM_ARGS'}") || return $!;
foreach(@temp) {
+ $mail_sendmail.="$_\n";
print PIPE "$_\n" || return $!;
}
+ print PIPE_MAIL $mail_sendmail;
+ close(PIPE_MAIL);
close(PIPE) || return $!;
return "";
}
[[i] 本帖最后由 rodge 于 2010-7-27 22:53 编辑 [/i]] 3.9的正式版不是出来了吗, 波波,是3.9.1 应当不可能呀,最近上网不方便。电脑也没有,郁闷
页:
[1]