DSPAM WebUI with Virtual Users on Debian Sid

Disclaimer: This howto was first stated to work with Debian Etch. This is false, as the mod_auth_mysql package is not in the Etch repositories anymore (thanks Belsameth for pointing that out). However, the package is still in the Sarge and Sid repositores. I have only had the opportunity to test and verify this setup in a Debian Sid environment,  which is why I am now forced to rename this howto to "... Debian Sid".

This tutorial is based on DSPAM With Embedded ClamAV Integrated Into Postfix With Virtual Users And Domains.

To be able to use the DSPAM WebUI, and to let users take care of their own spam and train DSPAM themselves, you will have to install dspam-webfrontend (or download the source and get it from there):

apt-get install dspam-webfrontend

You will then need to install mod_auth_mysql (as we're using MySQL as a backend for our users here):

apt-get install mod_auth_mysql

Then create a .htaccess file in the DSPAM WebUI folder (/var/www/dspam), containing this configuration:

AuthName "DSPAM Authentication"
AuthType Basic
AuthBasicAuthoritative Off
Auth_MySQL_Host localhost
AuthMySQL_User <your mysql user name here>
AuthMySQL_Password <your mysql password here>
AuthMySQL_DB mail
AuthMySQL_Password_Table users
AuthMySQL_Username_Field email
AuthMySQL_Password_Field password
AuthMySQL_Encrypted_Passwords on
AuthMySQL on
AuthMySQL_Authoritative On
require valid-user

After that, create a new virtualhost (or use an existing) with the following settings:

DocumentRoot "/var/www/dspam"
ServerName dspam.yourdomain.tld
SuexecUserGroup dspam dspam
  <Directory /var/www/dspam>
    Options ExecCGI
    Options -Indexes
    Addhandler cgi-script .cgi
    DirectoryIndex dspam.cgi

For suexec to work on your Apache2 installation, you will need to enable the suexec module:

cd /etc/apache2/mods-enabled
ln -s ../mods-available/suexec.load

Restart Apache, and enjoy your new DSPAM WebUI at http://dspam.yourdomain.tld.

Share this page:

1 Comment(s)

Add comment




Where are you getting your mysql auth package? Since mod_auth_mysql doesn't exist and the only other package is libapache2-mod-auth-mysql which is only availible for Sarge and Sid...

there's also an easier way to enable suexec. a2enmod suexec will enable it (a2dismod suexec will disable it again) Same goes for sites in sites-enabled and sites-available with a2ensite and a2dissite