hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Web Hosting Talk Tutorials : Hosting Security and Technology Tutorials : exim + cpanel + dspam howto
Reply

Forum Jump

exim + cpanel + dspam howto

Reply Post New Thread In Hosting Security and Technology Tutorials Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 03-21-2007, 11:49 AM
brettcave brettcave is offline
Newbie
 
Join Date: Feb 2007
Posts: 15

exim + cpanel + dspam howto


I found a handful of howto's for dspam, but none of them catered for exim with virtual users. After hunting around, I eventually have it working on a cPanel server, with user authentication for mail users.

My setup:
dspam version 3.6.8, using mysql driver.
exim version 4.
mysql 4.1
CentOS (2.6.9-023stab033.9-enterprise)
cPanel / WHM - latest RELEASE version.

Download the source, configure and compile:
Code:
# cd /usr/local/src
# wget http://dspam.nuclearelephant.com/sou...m-3.6.8.tar.gz
# tar -zxf dspam-3.6.8.tar.gz
# cd dspam-3.6.8
Configure, replacing user/groups with your web-server user (web / apache / nobody), and use your mysql-include / library paths (will need mysql-devel on rh based systems).
Code:
# ./configure --prefix=/opt/dspam-3.6.8 --with-local-delivery-agent=/usr/sbin/exim --with-storage-driver=mysql_drv --with-userdir=/var/spool/mail/dspam --with-userdir-owner=nobody --with-userdir-group=nobody --with-dspam-mode=none --with-dspam-owner=nobody --with-dspam-group=nobody --enable-whitelist --enable-spam-delivery --enable-alternative-bayesian --disable-dependency-tracking --enable-virtual-users --with-mysql-includes=/usr/include/mysql --with-mysql-libraries=/usr/lib/mysql/ --with-dspam-home=/opt/dspam-3.6.8/var/dspam
# make && make install
Set up mysql
Code:
# mysqladmin -p create dspamdb
# mysql -p
>grant all privileges on dspamdb.* to dspamuser@localhost identified by dspampass;
>flush privileges;
>exit;
Create tables:
Code:
mysql -p dspamdb < /usr/local/src/dspam-3.6.8/src/tools.mysql_drv/mysql_objects_speed.sql
mysql -p dspamdb < /usr/local/src/dspam-3.6.8/src/tools.mysql_drv/virtual_users.sql
Link dspam in opt for easy versioning:
Code:
ln -s dspam-3.6.8 /opt/dspam
Copy the web interface files to a web directory:
Code:
# cp webui/cgi-bin /opt/dspam -r
# cp webui/htdocs /opt/dspam/

This next step is required for pop3 authentication.
Install perl module Apache::AuthPOP3 - which does apache pop3 authorisation:
Code:
perl -MCPAN -e shell
install Apache::AuthPOP3
Next, apache will need mod_perl installed - WHM -> Apache Update will allow you to enable the perl module (I am running it alongside php with no issues).

Then in /usr/local/apache/conf/httpd.conf:
Code:
ScriptAlias /dspam/ /opt/dspam/cgi-bin/
   Alias /dspam_files/ /opt/dspam/htdocs/
   <Directory /opt/dspam/cgi-bin>
         Options None
         AllowOverride AuthConfig
         Order allow,deny
         Allow from all
   </Directory>
Create .htaccess in /opt/dspam/cgi-bin as follows:
Code:
AuthName "Dspam"
 AuthType Basic
 PerlAuthenHandler Apache::AuthPOP3
 PerlSetVar        MailHost localhost
 Require valid-user
 #PerlSetVar        UserMap pop3user1=>realname1,pop3user2=>realname2
 #Require user      pop3user1 pop3user2 pop3user3 pop3user4
there are 2 commented parameters you can set when using POP3 auth - sure its pretty self-explanatory.

Set up admin user (the admin_user must be able to authenticate as a pop user):
Code:
#echo "admin_user" >> /opt/dspam/cgi-bin/admins
Create a queuesize script for web user - so dspam can determine how many messages in the queue.
Code:
vi /usr/local/bin/eximqsize
#!/bin/sh

/usr/bin/find /var/spool/exim/input/ -type f | wc -l | cut -d" " -f1-
##EOF

# chmod 4755 /usr/local/bin/eximqsize
# chown nobody /usr/local/bin/eximqsize
Configure web ui, edit /opt/dspam/cgi-bin/configure.pl:
Code:
$CONFIG{'MAIL_QUEUE'}   = "/usr/local/bin/eximqsize";
$CONFIG{'WEB_ROOT'}     = "/dspam_files";
$CONFIG{'LOCAL_DOMAIN'} = "FQDN"; #your servers fully qualified domain name - e.g. host.yourdomain.com
Next, set the default preferences for the system (you need /opt/dspam/bin in your path if you copy and paste this...):
Code:
     dspam_admin ch pref default trainingMode TEFT
     dspam_admin ch pref default spamAction quarantine
     dspam_admin ch pref default spamSubject "[SPAM]"
     dspam_admin ch pref default enableWhitelist on
     dspam_admin ch pref default showFactors off
Permissions:
I would suggest reading the README over dspam to get a full understanding of the permissions required for running of dspam. My permissions were:
Code:
# chown nobody:mail /opt/dspam/var/dspam -R
# chown nobody:mail /opt/dspam/etc/ -R

Edit dspam.conf (in /opt/dspam/etc/. I have only listed the parameters I changed here...):
Code:
TrustedDeliveryAgent "/usr/sbin/exim -oMr spam-scanned"

Trust: root
Trust: mail
Trust: nobody / httpd   #choose 1 - what ever your webserver runs as - `ps axu | grep httpd` to find out

#Use the same details as you did for the "grant all privileges on...." statement in mysql.
MySQLServer             /var/lib/mysql/mysql.sock
MySQLPort
MySQLUser               dspamuser
MySQLPass               dspampass
MySQLDb                  dspamdb
MySQLCompress          true

MySQLVirtualTable          dspam_virtual_uids
MySQLVirtualUIDField       uid
MySQLVirtualUsernameField  username
Almost there....
Confirm that mysql is configure to listen on a socket in /etc/my.cnf (or whereever your config file is):
Code:
# cat /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
Now the final step - exim configuration. This is the part that took the longest, hopefully it works for you. Just as I read in the howto's I used for this, please please please dont just copy and paste - you stand a good chance of breaking your mail server if you make changes without understanding. Be warned.

My config file is /etc/exim.conf. This should be edited using the WHM -> Exim Configuration Editor -> Advanced.
Code:
#Routers - Add these in the box before virtual_user delivery / user delivery router).
dspam_router:
   no_verify
   #uncomment the next line to disable dspam for virtual users.
   # check_local_user        
   condition = "${if and { \
                             {!def:h_X-Spam-Flag:} \
                             {!def:h_X-FILTER-DSPAM:} \
                             {!eq {$sender_address_domain}{$domain}} \
                             {!eq {$received_protocol}{local}} \
                             {!eq {$received_protocol}{spam-scanned}} \ 
                       } }"
   headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
   driver = accept
   transport = dspam_spamcheck

## The next 2 routers allow you to forward spam / non-spam to dspam for training (e.g. spam-yourmail@yourdomain.net).
# spam-username
dspam_addspam_router:
   driver = accept
   local_part_prefix = spam-
   transport = dspam_addspam

# nospam-username
dspam_falsepositive_router:
   driver = accept
   local_part_prefix = notspam-
   transport = dspam_falsepositive


##Transports - can be added anywhere:
#this adds the spam-scanned protocol header, so when it is passed back to exim after being processed by dspam, it doesnt get stuck in a loop.
dspam_spamcheck:
  driver = pipe
  command = "/usr/sbin/exim -oMr spam-scanned -bS"
  transport_filter = "/opt/dspam/bin/dspam --stdout --deliver=innocent,spam --user $local_part@$domain"
  use_bsmtp = true
  home_directory = "/tmp"
  current_directory = "/tmp"
  user = nobody
  group = mail
  log_output = true
  return_fail_output = true
  return_path_add = false
  message_prefix =
  message_suffix =

dspam_addspam:
  driver = pipe
  command = "/opt/dspam/bin/dspam --user $local_part@$domain --class=spam --source=error"
  home_directory = "/tmp"
  current_directory = "/tmp"
  user = nobody
  group = mail
  log_output = true
  return_fail_output = true
  return_path_add = false
  message_prefix =
  message_suffix =

dspam_falsepositive:
  driver = pipe
  command = "/opt/dspam/bin/dspam --user $local_part@$domain --class=innocent --source=error"
  home_directory = "/tmp"
  current_directory = "/tmp"
  user = nobody
  group = mail
  log_output = true
  return_fail_output = true
  return_path_add = false
  message_prefix =
  message_suffix =
If you have set up authentication correctly as well, then you should be able to open http://yourhost/dspam/dspam.cgi[/url] and log in - if you add your login details to the "admins" file, you can configure defaults, etc. It also allows ALL users (with 1 user being an email account) to log in, using www.yourclientsdomain.com/dspam/dspam.cgi

This will not work with suexec enabled!! This is because dspam needs specific permissions, and it is expecting user nobody to access it. If suexec is enabled, you will need to use the default host, and NOT virtual hosts (and even this may not work - testing still required).

Watch exim_mainlog after this - you should pick up what transports and routers are being used.

Dspam can really hammer a system - mysql, cpu and memory usage will go up a bit, especially on busy production servers. Monitor your servers performance.

Other settings: add /opt/dspam/man to MANPATH in /etc/man.config or move dspam man directory to an existing man directory.


[ADDED]
This dspam.cgi hack will do a lookup in the cpanel config file to find the domain for any username without a domain, and append it on match (or leave just the username part if nothing is found). This requires unsecuring your system a bit - your http user will need to be able to read /etc/trueuserdomains (either chmod 644 or chown nobody):
Code:
#add this just after $CURRENT_USER is set.
if ($CURRENT_USER !~ /\@.+\./) {
        open(TUD, "</etc/trueuserdomains");
        while(<TUD>) {
                my ($domain, $user) = split(/:/,$_);
                chomp($user);
                $user =~ s/^\s*//g;
                if ($user eq $CURRENT_USER) {
                        $CURRENT_USER = $CURRENT_USER . "\@$domain";
                }
        }
        close(TUD);
}

That should do it

dspam will allow all messages through by default, and will require some training. With this config, users can train using email commands - all they need to do is forward any spam that hits their mailbox to spam-emailaddress@domain.com (their own email address with spam- prepended). Unfortunately this does not allow handling of false positives if you are using a "quarantine" policy instead of subject. the web interface comes in handy for this.

I am busy testing a combination of dspam with assp, which seems to be working well - I especially like the greylisting feature of assp and ProtectionBox... Will add to this howto when testing is finish.

__________________
Virtual Evolution :: South African and International shared hosting, reseller hosting, dedicated & VPS servers. ADSL, free fax-to-email, iBurst and business applications. Get Evolved!




Sponsored Links
  #2  
Old 03-21-2007, 12:01 PM
ResellerPlanet ResellerPlanet is offline
Aspiring Evangelist
 
Join Date: Aug 2004
Posts: 414
Thank you for the HowTo. I bookmarked it and will read it later

Btw, should have posted it in the tutorials subforum though

  #3  
Old 03-21-2007, 12:02 PM
brettcave brettcave is offline
Newbie
 
Join Date: Feb 2007
Posts: 15
Thanks for that. Any forum moderators reading this? pls move to tutorials.

__________________
Virtual Evolution :: South African and International shared hosting, reseller hosting, dedicated & VPS servers. ADSL, free fax-to-email, iBurst and business applications. Get Evolved!


Sponsored Links
  #4  
Old 03-22-2007, 01:07 PM
writespeak writespeak is offline
Community Leader
 
Join Date: Jun 2004
Location: North of some border
Posts: 5,494
Quote:
Originally Posted by brettcave
Any forum moderators reading this? pls move to tutorials.
Moved.

Lois

__________________
Wanna wiki? Check out WHT's web hosting wiki.

Do you have a WHT question or concern? Please open a helpdesk ticket.

  #5  
Old 03-22-2007, 01:51 PM
brettcave brettcave is offline
Newbie
 
Join Date: Feb 2007
Posts: 15
ta

Brett

__________________
Virtual Evolution :: South African and International shared hosting, reseller hosting, dedicated & VPS servers. ADSL, free fax-to-email, iBurst and business applications. Get Evolved!


  #6  
Old 03-22-2007, 01:57 PM
brettcave brettcave is offline
Newbie
 
Join Date: Feb 2007
Posts: 15
Picked up a possible problem with regards to the router accepting mail and filling up the queue.

Still working on the router, but this is what I have updated it to.

Code:
dspam_router:
   no_verify
   # check_local_user
   condition = "${if and { \
                                     #{ or { \
                                            {eq {${perl{check_deliver}{$domain}{$local_part}}}{yes}} \
                                            #{eq {${lookup{$local_part@$domain}lsearch{/etc/valiases/$domain}{yes}{no}}}{yes}} \
                                     #} } \
                                     {!def:h_X-Spam-Flag:} \
                                     {!def:h_X-FILTER-DSPAM:} \
                                     {!eq {$sender_address_domain}{$domain}} \
                                     {!eq {$received_protocol}{local}} \
                                     {!eq {$received_protocol}{spam-scanned}} \
                       } }"
   headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
   driver = accept
   transport = dspam_spamcheck
I have commented out a check that i was writing to validate whether there was a virtual alias for the recipient, though from watching the logs, the dspam router is being called for virtual users and aliases.

__________________
Virtual Evolution :: South African and International shared hosting, reseller hosting, dedicated & VPS servers. ADSL, free fax-to-email, iBurst and business applications. Get Evolved!


Reply

Related posts from TheWhir.com
Title Type Date Posted
Hosting Control Panel cPanel & WHM 11.34 Release Hits Stable Tier Web Hosting News 2012-11-12 17:04:57
A Look at the New WHM Interface in Version 11.34 of the cPanel Hosting Control Panel Web Hosting News 2014-05-09 12:40:52
cPanel Releases cPanel, WHM 11.34 with New User Interface Web Hosting News 2012-10-16 13:09:49
cPanel Conference 2012: Branding and How to Do it Better with Felipe Gasper Web Hosting News 2012-10-09 18:00:02
Video: cPanel and Attracta Talk About Integrating SEO Tools into the Hosting Control Panel Whir Tv 2014-05-02 15:24:21


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?