Full Mail Server Solution w/ Virtual Domains & Users - Page 08 (Mail Delivery Server - DSPAM Training and ClamAV)

Want to support HowtoForge? Become a subscriber!
 
Submitted by Vecter (Contact Author) (Forums) on Wed, 2007-10-17 20:35. ::

F. Training DSPAM

DSPAM can learn what spam is by reading your email, and over time, it will get better at figuring out spam vs. ham by your sending it "spam+user@example.com" and "nospam+user@example.com" messages. You can get a head start though, but giving it some initial training. Let's go ahead and set that up.

You're going to need bzip2

# apt-get install bzip2

Then you're going to need to download the training files for DSPAM.

# cd /tmp
# wget http://spamassassin.apache.org/publiccorpus/20050311_spam_2.tar.bz2
# wget http://spamassassin.apache.org/publiccorpus/20030228_easy_ham_2.tar.bz2

Go ahead and decompress them:

# tar xvfj 20050311_spam_2.tar.bz2
# tar xvfj 20030228_easy_ham_2.tar.bz2

...and then finally, train DSPAM:

# dspam_train test spam_2/ easy_ham_2/

DSPAM will now process the files (This will take a while), and fill the database with the resulting tokens. When it is finished, it should be much more accurate.

G. Viruses!

But hold the phone! What if an email from a VALID source has a virus in it? Well, DSPAM has a nifty tag built into it for ClamAV. So let's get that installed... Debian, again, is awesome:

# apt-get install clamav-daemon

Do a quicky edit of the clamav configuration file to uncomment the TCPSocket line:

/etc/clamav/clamd.conf

[...]
TCPSocket 3310
[...]

... and restart clamav:

# invoke-rc.d clamav-daemon restart

The edit /etc/dspam/dspam.conf

[...]
ClamAVPort 3310
ClamAVHost 127.0.0.1
ClamAVResponse reject
[...]

Restart dspam:

invoke-rc.d dspam restart

And they all lived happily ever after... DSPAM will now check for SPAM, and then check for viruses. SPAM will be put in the aptly-named "SPAM" folder, and the subject will be modified to start with "[SPAM]." Emails with viruses in them will get flat-out rejected by the server.


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.