Full Mail Server Solution w/ Virtual Domains & Users (Debian Etch, Postfix, Mysql, Dovecot, DSpam, ClamAV, Postgrey, RBL) - Page 7

E. Install Dovecot

So we're getting pretty far into our mail stack now... It has passed through the exchangers unharmed, DSPAM has gotten a hold of it, and now it needs to put it some where... but where? The answer is another service: Dovecot. Dovecot is an LDA (Local Delivery Agent), as well as a rather secure IMAP and POP3 server. As usual, Debian takes the majority of the work off our hands:

# apt-get install dovecot-imapd

For our purposes, we didn't need POP3 (and really, neither should you), but if you wanted it, just append dovecot-pop3d to the end of that command.

And that's it! Sure, there's still some Dovecot setup to do, but not yet... we just wanted it installed so that DSPAM would have a place to put our email. Let's go ahead and finish up the DSPAM install.

E. DSPAM Configuration

DSPAM is installed. DSPAM's MySQL Libraries are installed. Dovecot is (very minimally) installed. What's left? Well, while DSPAM is a truly incredible SPAM filter, it's not so incredible that it completely sets itself up. (Although let's be honest... give it a year, Debian will have it working ;) In the mean time, let's get this party started.

First, we need to make some changes in /etc/dspam/dspam.conf. This file contains all of the setup variables for DSPAM, and will tell it how to talk to the world.


TrustedDeliveryAgent "/usr/libexec/dovecot/deliver -d %u"
UntrustedDeliveryAgent "/usr/libexec/dovecot/deliver -d %u"
QuarantineAgent "/usr/libexec/dovecot/deliver -d %u -m SPAM"
Debug *
Preference "spamAction=tag"
Preference "signatureLocation=message" # 'message' or 'headers'
Preference "showFactors=on"
Preference "spamSubject=[SPAM]"

You should also tell DSPAM about your local mail exchangers... this is dependent on your network setup, but for our scenario, MX-1.internal and MX-2.internal are and 108, respectively.


Just a few more settings... remember, all of this can be found in the documentation, which you should read as often as possible!

Opt out
ParseToHeaders on
ChangeModeOnParse on
ChangeUserOnParse full

And finally, we need to tell the DSPAM daemon how to operate... we'll tell it to wait for LMTP connections on port 2424 (The 'unofficial' LMTP port is 24, but since it's unofficial, we're going to use the >1024 insecure area).

ServerPort 2424
ServerPID /var/run/dspam.pid
ServerMode standard
ServerParameters "--deliver=innocent, spam"

One last little debian-related setup to do. DSPAM can be run as either a daemon (Always running service) or as a program call. By default, it's setup as a program call, but we want the daemon to launch when the computer is booted. To change this, we need to change the value of START in /etc/default/dspam from "no" to "yes":

# Variables for dpam.
# Do not start dspam.
# Changed for DSPAM Daemon #
# User that runs dspam.
# Options for dspam

That will set DSPAM to start automatically at boot. To continue our install, we're going to start it manually:

# invoke-rc.d dspam start

And ~viola... DSPAM is now waiting for emails on port 2424 of postman.internal.example.com.

Share this page:

Sub pages

5 Comment(s)

Add comment


From: at: 2008-03-27 06:06:28

Hi Vector,

I would just like to know how the mail gets transferred from the MX's to the delivery server (postman). I'm trying to understand how this full mail server setup works because I would like to implement something similar to this but using centos and ldap users.  

From: Stefan at: 2008-11-01 18:07:49

There is no explanation on how the mail is actually transfered from the MX server to the Mail Delivery Server. Using the steps in the guide will make the MX server try to deliver the mail directory into the NFS shared vmail folder, which isn't the desired behaviour.

From: Matt at: 2009-06-15 13:16:16

"NOTE: This is a temporary setup, just because we hadn't finished the DSPAM virtual user install prior to writing this guide. Ideally, you'd want DSPAM looking at the same virtual user table as Postfix in order to get all the token information stored correctly. I'll update the guide as soon as we've completed that change-over."

 Has this been updated anywhere? can anyone shed some light on what changes should be made?


From: mbsouth at: 2009-09-10 10:02:01

Would be nice to have an updated howto (based an this one) with Debian Lenny, Postfix 2.5(6), Dovecot 1.1(2) on three nodes (2xSMTP Postfix, 1x Dovecot IMAP/POP3)


From: at: 2007-11-15 20:55:15

Heads up when using the configuration examples for the mailbox path. Since maildir:/vmail/%d/%u is used in dovecot.conf, you should do the same in dovecot-sql.conf.

Such as:

# Get the mailbox
user_query = SELECT '/vmail/%d/%u' AS home, 'maildir:/vmail/%d/%u' AS mail, 150 AS uid, 8 AS gid, CONCAT('dirsize:storage=', quota) AS quota FROM mailbox WHERE username = '%u' AND active = '1'
# Get the password
password_query = SELECT username AS user, password, '/vmail/%d/%u' AS userdb_home, 'maildir:/vmail/%d/%u' AS userdb_mail, 150 AS userdb_uid, 8 AS userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'

Otherwise mail is delivered to /vmail/domain/user@domain and then IMAP checks /vmail/domain/user

Or change dovecot.conf to maildir:/vmail/%d/%n if you prefer the latter.