1
.TH ANTISPAM 7 "15 October 2007" "" ""
3
antispam \- The dovecot antispam plugin.
6
The dovecot antispam plugin watches a defined spam folder (defaults to
7
"SPAM"). It works together with a spam system that classifies each
8
message as it is delivered. When the message is classified as spam, it
9
shall be delivered to the spam folder, otherwise via the regular
10
filtering file the user may have (maildrop, sieve, ...). Now the user
11
has everything classified as spam in the special spam folder, everything
12
else where it should be sorted to.
14
This is not enough because our spam scanner needs training. We'll
15
occasionally have false positives and false negatives. Now this is the
16
point where the dovecot antispam plugin comes into play. Instead of
17
moving mail into special folders or forwarding them to special mail
18
addresses for retraining, the plugin offers two actions for the user:
20
moving mail out of the SPAM folder and
22
moving mail into the SPAM folder.
25
The dovecot plugin watches these actions (and additionally prohibits
26
APPENDs to the SPAM folder, more for technical reasons than others) and
27
tells the spam classifier that it made an error and needs to re-classify
28
the message (as spam/not spam depending on which way it was moved.)
30
The advantage of this approach is that the mail ends up in the right
31
target folder directly and needs not be touched twice.
33
When other classifiers like crm114 that have an `unsure' state are used,
34
the plugin can also help, it supports an `unsure' folder feature. The
35
unsure folder cannot be written to, but moving out from there into a
36
folder that is considered a spam folder will learn as spam, any other
37
folder (except trashes) will cause learning as not-spam.
41
First copy the `defconfig' file to `.config' and edit it as necessary.
42
You need to have the dovecot headers installed and possibly other things
43
depending on the backend you choose. Then, assuming you have configured
44
the INSTALLDIR correctly, simply run `make install'.
46
If you do not wish to use the install target, simply copy the plugin
47
(that is, the file lib90_antispam_plugin.so) to your dovecot imap plugin
48
directory; by default this is /usr/lib/dovecot/modules/imap/ or any dir
49
you have configured (look for the mail_plugin_dir configuration
52
Open your dovecot configuration file (usually /etc/dovecot/dovecot.conf)
53
and add the antispam plugin to the imap protocol section:
57
mail_plugins = antispam
58
# mail_plugin_dir = /usr/lib/dovecot/modules/imap
64
The plugin supports multiple backends, there are currently two working
65
backends included in the distribution:
67
.SS dspam executable backend (dspam specific)
69
This backend instantly retrains by calling dspam. There are some
70
problems with this approach including
71
(1) it can take a long time during which the IMAP session is blocked
72
(2) when many users retrain many messages at once server load may spike
74
.SS email sender backend (spam filter agnostic)
76
This backend sends mail to ham@example.com or spam@example.com
77
(actual addresses are configurable) for retraining. This backend can
78
be very fast to set up if you already have a working setup that uses
79
training addresses as recommended by many spam filter setups.
81
Since this backend simply pipes the message to a program (by default
82
sendmail) it can also be used for all kinds of other spam filters,
83
for example spamassassin (by calling sa-learn instead of sendmail.)
85
.SS crm114 executable backend (crm114 specific)
87
This backend instantly retrains by calling mailreaver.crm which
88
needs to be configured (defaulting to /bin/false!); the argument
89
--good or --spam is given depending on how mail is moved.
91
You need to use the unsure folder option (see below) together with
92
this plugin and deliver unsure mail into an unsure folder, spam mail
93
into a spam folder and other mail regularly.
95
Has the same drawbacks as the dspam-exec approach.
100
Aside from the build-configuration done in the `.config' file, you have
101
the following run-time options (shown along with the default):
108
# mail signature (used with any backend requiring a signature)
109
antispam_signature = X-DSPAM-Signature
111
# action to take on mails without signature
112
# (used with any backend requiring a signature)
113
# (we recommend only setting this to 'move' after verifying that the
114
# whole setup is working)
115
# antispam_signature_missing = move # move silently without training
116
antispam_signature_missing = error
118
# semicolon-separated list of Trash folders (default unset i.e. none)
120
# antispam_trash = trash;Trash;Deleted Items
122
# semicolon-separated list of spam folders
125
# semicolon-separated list of unsure folders (default unset i.e. none)
128
# Whether to allow APPENDing to SPAM folders or not. Must be set to
129
# "yes" (case insensitive) to be activated. Before activating, please
130
# read the discussion below.
131
# antispam_allow_append_to_spam = no
133
###########################
134
# BACKEND SPECIFIC OPTIONS
141
antispam_dspam_binary = /usr/bin/dspam
143
# semicolon-separated list of extra arguments to dspam
144
# (default unset i.e. none)
145
# antispam_dspam_args =
146
# antispam_dspam_args = --deliver=;--user;%u # % expansion done by dovecot
147
# antispam_dspam_args = --mode=teft
149
# Ignore mails where the DSPAM result header contains any of the
150
# strings listed in the blacklist
151
# (default unset i.e. none)
152
# antispam_dspam_result_header = X-DSPAM-Result
153
# semicolon-separated list of blacklisted results, case insensitive
154
# antispam_dspam_result_blacklist = Virus
156
#=====================
157
# mail sending plugin
159
# Because of the way this plugin works, you can also use it
160
# to train via an arbitrary program that receives the message
161
# on standard input, in that case you can use the config
162
# options antispam_mail_spam and antispam_mail_notspam for
163
# the argument that distinguishes between ham and spam.
165
# antispam_mail_sendmail = /path/to/mailtrain
166
# antispam_mail_sendmail_args = --for;%u
167
# antispam_mail_spam = --spam
168
# antispam_mail_notspam = --ham
169
# will call it, for example, like this:
170
# /path/to/mailtrain --for jberg --spam
172
# temporary directory
173
antispam_mail_tmpdir = /tmp
175
# spam/not-spam addresses (default unset which will give errors)
176
# antispam_mail_spam =
177
# antispam_mail_notspam =
180
antispam_mail_sendmail = /usr/sbin/sendmail
181
#antispam_mail_sendmail_args = -f;%u@example.com # % expansion done by dovecot
187
antispam_crm_binary = /bin/false
188
# antispam_crm_binary = /usr/share/crm114/mailreaver.crm
190
# semicolon-separated list of extra arguments to dspam
191
# (default unset i.e. none)
192
# antispam_crm_args =
193
# antispam_crm_args = --config=/path/to/config
195
# NOTE: you need to set the signature for this backend
196
antispam_signature = X-CRM114-CacheID
200
.SH ALLOWING APPENDS?
202
You should be careful with allowing APPENDs to SPAM folders. The reason
203
for possibly allowing it is to allow not-SPAM --> SPAM transitions to work
204
with offlineimap. However, because with APPEND the plugin cannot know the
205
source of the message, multiple bad scenarios can happen:
208
SPAM --> SPAM transitions cannot be recognised and are trained
211
the same holds for Trash --> SPAM transitions
214
Additionally, because we cannot recognise SPAM --> not-SPAM transitions,
215
training good messages will never work with APPEND.
219
Johannes Berg, Frank Cusack, Benedikt Boehm, Andreas Schneider