# Postfix, dovecot 2 lmtp, sieve, dspam-devel



## Remington (May 5, 2014)

I'm getting this error from my email client "The IMAP command “UID COPY” (to Junk) failed for the mailbox “INBOX” with server error: Failed to call dspam." when I try to move the mail from INBOX to Junk folder.

dovecot.log showed:

```
May 06 08:22:14 imap: Error:
May 06 08:22:14 imap: Error:
May 06 08:22:14 imap: Error:
May 06 08:22:14 imap: Error:
```

dovetcot-info.log showed:

```
May 06 09:06:11 imap-login: Info: Login: user=<postmaster@<snip>.com>, method=PLAIN, rip=xx.xxx.x.xx, lip=10.0.0.12, mpid=16713, TLS, session=<2CrjNLT4zgBc8Qgf>
May 06 09:06:11 imap: Debug: Loading modules from directory: /usr/local/lib/dovecot
May 06 09:06:11 imap: Debug: Module loaded: /usr/local/lib/dovecot/lib20_autocreate_plugin.so
May 06 09:06:11 imap: Debug: Module loaded: /usr/local/lib/dovecot/lib90_antispam_plugin.so
May 06 09:06:11 imap(postmaster@<snip>.com): Debug: Effective uid=5000, gid=5000, home=/usr/local/virtual/<snip>.com/postmaster
May 06 09:06:11 imap(postmaster@<snip>.com): Debug: maildir++: root=/usr/local/virtual/<snip>.com/postmaster, index=, indexpvt=, control=, inbox=/usr/local/virtual/<snip>.com/postmaster, alt=
May 06 09:06:21 imap(postmaster@<snip>.com): Debug: dspam error: ^A^H15999 prefix=imap(postmaster@<snip>.com):
May 06 09:06:21 imap(postmaster@<snip>.com): Debug: dspam error: ^A^A15999 executing /usr/bin/dspam failed: 2 (uid=5000, gid=5000)
```

I'm not sure what is causing this.  Once I get this working and I'll create HOW TO for this.  I already replaced the domain name with <snip>.

The mail server is running in jail at 10.0.0.12 and I keep all virtual mails in /usr/local/virtual.

The contents in virtual folders with user permissions.
/usr/local/virtual/dspam user: root, group: vmail
/usr/local/virtual/<snip>.com user: vmail, group: vmail

I'm using dspam-devel 3.10.1 since there is a bug in dspam 3.9 in the ports.

/usr/local/etc/dovecot/dovecot.conf user: vmail, group: dovecot

```
protocols                           = imap pop3 lmtp sieve
listen                              = *

## SSL settings

ssl                                 = required
ssl_cert                            = </etc/ssl/<snip>/ssl.crt
ssl_key                             = </etc/ssl/<snip>/server.key

## Logging processes

log_path                            = /var/log/dovecot.log
info_log_path                       = /var/log/dovecot-info.log
mail_debug                          = yes

## Authentication processes

disable_plaintext_auth              = yes
auth_mechanisms                     = plain login

passdb {
  driver                            = sql
  args                              = /usr/local/etc/dovecot/dovecot-sql.conf.ext
}

userdb {
  driver                            = static
  args                              = uid=vmail gid=vmail home=/usr/local/virtual/%d/%n
}

## Mailbox locations and namespaces

lmtp_save_to_detail_mailbox         = yes
mail_home                           = /usr/local/virtual/%d/%n
mail_location                       = maildir:/usr/local/virtual/%d/%n
mail_privileged_group               = mail
mail_plugins                        = autocreate

## Master processes
## Auth Section

service auth {
  unix_listener /var/spool/postfix/private/auth {
    mode                            = 0666
    user                            = postfix
    group                           = postfix
  }

  unix_listener auth-client {
    mode                            = 0666
    user                            = vmail
    group                           = vmail
  }

  unix_listener auth-userdb {
    mode                            = 0666
    user                            = vmail
  }
  user                              = dovecot
}

service auth-worker {
  user                              = vmail
}

## LMTP Section

service lmtp {
  unix_listener lmtp-client {
    user                            = vmail
    group                           = vmail
    mode                            = 0660
  }
}

protocol lmtp {
  mail_plugins                      = $mail_plugins sieve
}

## IMAP Section

service imap-login {
  inet_listener imap {
    port                            = 0
  }
}

protocol imap {
  mail_plugins                      = $mail_plugins antispam
}

## POP3 Section

service pop3-login {
  chroot                            = login
  client_limit                      = 256
  process_min_avail                 = 2
  process_limit                     = 128
  service_count                     = 1

  inet_listener pop3 {
    port                            = 0
  }
}

protocol pop3 {
  mail_plugins                      = $mail_plugins
}

## Sieve Section

service managesieve-login {
  inet_listener sieve {
    port                            = 4190
  }
  process_min_avail                 = 0
  service_count                     = 1
  vsz_limit                         = 64 M
}

service managesieve {
  #process_limit                     = 1024
}

protocol sieve {
  managesieve_max_line_length       = 65536
  mail_max_userip_connections       = 10
  managesieve_implementation_string = Dovecot Pigeonhole
  managesieve_max_compile_errors    = 5
}

## Plugin settings

plugin {
  # Sieve
  sieve                             = /usr/local/virtual/%d/%n/.dovecot.sieve
  sieve_dir                         = /usr/local/virtual/%d/%n
  sieve_global_dir                  = /usr/local/etc/dovecot/sieve
  sieve_global_path                 = /usr/local/etc/dovecot/sieve/gloabalsievec
  sieve_default                     = /usr/local/etc/dovecot/sieve/spam.sieve

  # Antispam
  antispam_backend                  = dspam
  antispam_dspam_args               = --source=error;--signature=%%s;--user;%u
  antispam_spam                     = Junk
  antispam_trash                    = Trash
  antisapm_unsure                   = Trash
  antispam_signature                = X-DSPAM-Signature

  # Autocreate
  autocreate                         = Drafts
  autocreate2                        = Sent
  autocreate3                        = Junk
  autocreate4                        = Trash

  # Autosubscribe
  autosubscribe                      = Drafts
  autosubscribe2                     = Sent
  autosubscribe3                     = Junk
  autosubscribe4                     = Trash
}
```

/usr/local/etc/dovecot/sieve/spam.sieve user: vmail, group: vmail

```
require ["fileinto"];
# rule:[SPAM]
if anyof (header :contains "X-DSPAM-Result" "Spam")
{
    fileinto "Junk";
    stop;
}
```

/usr/local/etc/postfix/main.cf user: root, group: wheel

```
# Global Postfix configuration file.

smtpd_banner                        = mail.<snip>.com ESMTP $mail_name
biff                                = no
append_dot_mydomain                 = no

mydomain                            = <snip>.com
myorigin                            = mail.<snip>.com
mydestination                       = <snip>.<snip>.com, localhost.<snip>.com, localhost
mynetworks_style                    = host
mynetworks                          = 127.0.0.0/8, 10.0.0.0/8, xxx.xx.xxx.xxx
inet_interfaces                     = all
inet_protocols                      = ipv4
virtual_transport                   = lmtp:unix:/var/run/dovecot/lmtp-client
maximal_queue_lifetime              = 4h
bounce_queue_lifetime               = 4h
mailbox_size_limit                  = 0
message_size_limit                  = 20480000
queue_directory                     = /var/spool/postfix

## RESTRICTIONS CONFIG

smtpd_recipient_restrictions        = permit_sasl_authenticated,
                                      permit_mynetworks,
                                      reject_unauth_destination

## SASL CONFIG

broken_sasl_auth_clients            = yes
smtpd_sasl_auth_enable              = yes
smtpd_sasl_type                     = dovecot
smtpd_sasl_security_options         = noanonymous
smtpd_sasl_path                     = /var/spool/postfix/private/auth

## TLS CONFIG

smtpd_tls_key_file                  = /etc/ssl/<snip>/server.key
smtpd_tls_cert_file                 = /etc/ssl/<snip>/ssl.crt
smtpd_use_tls                       = yes
smtpd_tls_auth_only                 = yes

## MySQL CONFIG

virtual_alias_maps                  = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains             = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_domains.cf
virtual_mailbox_maps                = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf

# DKIM

milter_default_action               = accept
milter_protocol                     = 6
smtpd_milters                       = inet:10.0.0.12:8891
non_smtpd_milters                   = inet:10.0.0.12:8891
```

/usr/local/etc/postfix/master.cf user: root, group: wheel

```
smtp      inet  n       -       n       -       -       smtpd
   -o content_filter=lmtp:unix:/var/run/dspam/dspam.sock
submission inet n       -       n       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=/var/run/dovecot/auth-client
  -o smtpd_recipient_restrictions=reject_unknown_recipient_domain,reject_non_fqdn_recipient,permit_sasl_authenticated,reject
```

/usr/local/etc/dspam.conf user: root, group: mail

```
Home                     /usr/local/virtual/dspam
StorageDriver            /usr/local/lib/dspam/libhash_drv.so
TrustedDeliveryAgent     "/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient}"

OnFail                   error

Trust                    root
Trust                    dspam
Trust                    vmail
Trust                    dovecot

TrainingMode             teft
TestConditionalTraining  on
Feature                  whitelist
Algorithm                graham burton
Tokenizer                chain
PValue                   bcr
WebStats                 off

Preference               "spamAction=deliver"
Preference               "signatureLocation=headers"
Preference               "showFactors=off"

AllowOverride            trainingMode
AllowOverride            spamAction spamSubject
AllowOverride            statisticalSedation
AllowOverride            enableBNR
AllowOverride            enableWhitelist
AllowOverride            signatureLocation
AllowOverride            showFactors
AllowOverride            optIn optOut
AllowOverride            whitelistThreshold

DeliveryHost             /var/run/dovecot/lmtp-client
DeliveryIdent            <snip>.com
DeliveryProto            LMTP

Notifications            off

HashRecMax               98317
HashAutoExtend           on  
HashMaxExtents           0
HashExtentSize           49157
HashMaxSeek              100
HashConnectionCache      10

PurgeSignatures          14
PurgeNeutral             90
PurgeUnused              90
PurgeHapaxes             30
PurgeHits1S              15
PurgeHits1I              15

LocalMX                  10.0.0.12

Opt                      out
Broken                   case
ProcessorBias            on

ParseToHeaders           on
ChangeModeOnParse        on
ChangeUserOnParse        full

ServerMode               standard
ServerParameters         "--deliver=innocent -d %u"
ServerIdent              "mail.<snip>.com"
ServerPID                "/var/run/dspam/dspam.pid"
ServerDomainSocketPath   "/var/run/dspam/dspam.sock"
```


----------



## Remington (May 6, 2014)

I found the problem since dspam executable is in /usr/local/bin folder so I had to add the following line in dovecot.conf


```
antispam_dspam_binary             = /usr/local/bin/dspam
```

Now I'm going to attempt to train dspam and see if it works.


----------

