IMPORTANT: Switching storage drivers requires more than merely changing this option. If you do not wish to lose all of your data, you will need to migrate it to the new backend before making this change.

If you're running DSPAM in client/server (daemon) mode, uncomment the setting below to override the default connection cache size (the number of connections the server pools between all clients). The connection cache represents the maximum number of database connections *available* and should be set based on the maximum number of concurrent connections you're likely to have. Each connection may be used by only one thread at a time, so all other threads _will block_ until another connection becomes available.

MySQL supports the insertion of the user id into the DSPAM signature. This allows you to create one single spam or fp alias (pointing to some arbitrary user), and the uid in the signature will switch to the correct user. Result: you need only one spam alias

See: http://sqlite.org/pragma.html

If you're running DSPAM in client/server (daemon) mode, uncomment the setting below to override the default connection cache size (the number of connections the server pools between all clients). The connection cache represents the maximum number of database connections *available* and should be set based on the maximum number of concurrent connections you're likely to have. Each connection may be used by only one thread at a time, so all other threads _will block_ until another connection becomes available.

PostgreSQL supports the insertion of the user id into the DSPAM signature. This allows you to create one single spam or fp alias (pointing to some arbitrary user), and the uid in the signature will switch to the correct user. Result: you need only one spam alias

100,000 yields files 1.6MB in size, but can fill up fast, so be sure to increase this (to a million or more) if you're not using autoextend.

Primes List:

53, 97, 193, 389, 769, 1543, 3079, 6151, 12289, 24593, 49157, 98317, 196613,
393241, 786433, 1572869, 3145739, 6291469, 12582917, 25165843, 50331653,
100663319, 201326611, 402653189, 805306457, 1610612741, 3221225473,
4294967291
                          

Note: There will be a small delay during the growth process, as everything needs to be closed and remapped.

Note: Set this to zero for unlimited.

Note: Creating this too small could result in many extents being created. Creating this too large could result in excessive disk space usage.

Note: Setting this too high will exhaustively scan each segment and kill performance. Typically, a low value is acceptable as even older extents will continue to fill over time.

Note: Leave this field blank, if you do not want to use this option.

Note: If you are using HashConcurrentUser, this option is ignored, as all connections are read write locked instead of mutex locked.

Note: Use %u to specify the user DSPAM is processing mail for. It is generally a good idea to allow the MTA to specify the pass-through arguments at run-time, but they may also be specified here.

Note: This requires to enable the dspam daemon as well (section: DSPAM Daemon Settings (Server)).

Note: This option needs to be ticked if you are going to deliver via LMTP or SMTP.

Note: You will need to configure with --enable-daemon to use host delivery, however you do not need to operate in daemon mode. Specify an IP address or UNIX path to a domain socket below as a host.

Note: If set to "unlearn", DSPAM will unlearn the message prior to exiting with an un successful return code. The default option, "error" will not unlearn the message but return the appropriate error code. The unlearn option is use-ful on some systems where local delivery failures will cause the message to be requeued for delivery, and could result in the message being processed multiple times. During a very large failure, however, this could cause a significant load increase.

Note: Only the users specified below will be allowed to perform administrative functions in DSPAM such as setting the active user and accessing tools. All other users attempting to run DSPAM will be restricted; their uids will be forced to match the active username and they will not be able to specify delivery agent privileges or use tools.

		')">

IMPORTANT: DSPAM must be compiled with debug support in order to use this option. DSPAM should never be running in production with debug active unless you are troubleshooting problems.

process     standard message processing
classify    message classification using --classify
spam        error correction of missed spam
fp          error correction of false positives
inoculation message inoculations (source=inoculation)
corpus      corpusfed messages (source=corpus)
                        

Acceptable values are: toe, tum, teft, notrain

Note: This usually accelerates learning. Some people argue that this can increase the risk of errors, however.

Note: For standard "CRM114" Markovian weighting, use sbph

		')">

The options are:

naive       Naive-Bayesian (All Tokens)
graham      Graham-Bayesian ("A Plan for Spam")
burton      Burton-Bayesian (SpamProbe)
robinson    Robinson's Geometric Mean Test (Obsolete)
chi-square  Fisher-Robinson's Chi-Square Algorithm
                        

You may have multiple algorithms active simultaneously, but it is strongly recommended that you group Bayesian algorithms with other Bayesian algorithms, and any use of Chi-Square remain exclusive.

NOTE: For standard "CRM114" Markovian weighting, use ‘naive’, or consider using ‘burton’ for slightly better accuracy.

Don't mess with this unless you know what you're doing

		')">

These options are:

graham      Graham's Technique ("A Plan for Spam")
robinson    Robinson's Technique
markov      Markovian Weighted Technique
                        

Unlike algorithms, you may only have one of these defined. Use of the chi-square algorithm automatically changes this to robinson.

Don't mess with this unless you know what you're doing.

Note: If user or default.prefs are found, the user's preferences will override any defaults.

		')">

Note: Any other preferences supplied by an untrusted user will be ignored.

		')">

Note: Presently, the only mode supported is 'verify', which will verify the existence of an unknown user in LDAP prior to creating them as a new user in the system. This is useful on some systems acting as gateway machines.

If the storage fails, the agent will follow each profile's failover up to a maximum number of failover attempts. This should be set to a maximum of the number of profiles you have, otherwise the agent could loop and try the same profile multiple times (unless this is your desired behavior).

If DSPAM is behind other tools which may add a header to incoming emails, it may be beneficial to ignore these headers - especially if they are coming from another spam filter. If you are _not_ using one of these tools, however, leaving the appropriate headers commented out will allow DSPAM to use them as telltale signs of forged email.

		')">

onClick="enable_change(false, 2);" /> Enable checks against a particular SBL host.

name="sblhost" id="sblhost" value="" /> A particular SBL hostname.

Perform lookups on streamlined blackhole list servers (see http://www.nuclearelephant.com/projects/sbl/). The streamlined blacklist server is machine-automated, unsupervised blacklisting system designed to provide real-time and highly accurate blacklisting based on network spread. When performing a lookup, DSPAM will automatically learn the inbound message as spam if the source IP is listed. Until an official public RABL server is available, this feature is only useful if you are running your own streamlined blackhole list server for internal reporting among multiple mail servers. Provide the name of the lookup zone below to use.

This function performs standard reverse-octet.domain lookups, and while it will function with many RBLs, it's strongly discouraged to use those maintained by humans as they're often inaccurate and could hurt filter learning and accuracy.

Set dspam_clean purge default options, if not otherwise specified on the commandline. You may set some of the below values to off, for instance if you are using a SQL-based database backend for DSPAM. Please consult your DSPAM manual for any details.

Opt: in or out; determines DSPAM's default filtering behavior. If this value is set to in, users must opt-in to filtering by dropping a .dspam file in /var/dspam/opt-in/user.dspam (or if you have homedirs configured, a .dspam folder in their home directory). The default is opt-out, which means all users will be filtered unless a .nodspam file is dropped in /var/dspam/opt-out/user.nodspam

This must be set to ‘on’ to use either of the following features.

This depends on whether spam- or notspam- was specified, and change the source to ‘error’. This is convenient if you're not using aliases at all, but are delivering via LMTP.

For example, spam-bob@domain.tld will set the username to bob, ignoring any --user passed in. This may not always be desirable if you are using virtual email addresses as usernames. Options: on or user take the portion before the @ sign only full take everything after the initial {spam,notspam}-.

Broken MTA Options: Some MTAs don't support the proper functionality necessary. In these cases you can activate certain features in DSPAM to compensate. ‘returnCodes’ causes DSPAM to return an exit code of 99 if the message is spam, 0 if not, or a negative code if an error has occured. Specifying ‘case’ causes DSPAM to force the input usernames to lowercase. Spceifying ‘lineStripping’ causes DSPAM to strip ˆM's from messages passed

		')">

If the message is larger than the maximum size, it will be delivered without processing. Value is in bytes.

Note: You probably DONT want this if you're using Markovian Weighting, unless you are paranoid about false positives.

If you are running clamd, DSPAM can perform stream-based virus checking using TCP. Uncomment the values below to enable virus checking.

ClamAVResponse:

reject

(reject or drop the message with a permanent failure)

accept

(accept the message and quietly drop the message)

spam

(treat as spam and quarantine/tag/whatever)

name="clamport" id="clamport" value="" /> A number that specifies the port the ClamAV daemon is listening to.

If the message is larger than the maximum size, it will be delivered without processing. Value is in bytes.

name="dsport" id="dsport" value="" /> A number that specifies the port the DSPAM daemon is listening to.

name="dsqsize" id="dsqsize" value="" /> A number that specifies the server's queue size.

name="dspid" id="dspid" value="" /> Keep this is sync with /usr/local/etc/rc.d/dspam.rc script.

Note: Don't change this value unless you know what you are doing.

>dspam >standard >auto Specifies the type of LMTP server to start.

This can be one of:

dspam

DSPAM-proprietary DLMTP server, for communicating with dspamc

standard

Standard LMTP server, for communicating with Postfix or other MTA

auto

Speak both DLMTP and LMTP; auto-detect by ServerPass.IDENT

If supporting DLMTP (dspam) mode, dspam clients will require authentication as they will be passing in parameters. The idents below will be used to determine which clients will be speaking DLMTP, so if you will be using both LMTP and DLMTP from the same host, be sure to use something other than the server's hostname below (which will be sent by the MTA during a standard LMTP LHLO).

		')">

If supporting standard LMTP mode, server parameters will need to be specified here, as they will not be passed in by the mail server. The ServerIdent specifies the 250 response code ident sent back to connecting clients and should be set to the hostname of your server, or an alias.

Note: If you specify --user in ServerParameters, the RCPT TO will be used only for delivery, and not set as the active user for processing.

Parameters which will be passed to the LMTP server.

name="serverid" id="serverid" value="" /> An identification string which will be used to be passed to the LMTP server.

name="serversock" id="serversock" value="" /> A local Unix domain socket.

If you wish to use a local domain socket instead of a TCP socket, uncomment the following. It is strongly recommended you use local domain sockets if you are running the client and server on the same machine, as it eliminates much of the bandwidth overhead.

Keep this is sync with /usr/local/etc/rd.d/dspam.rc script

If you are running DSPAM in client/server mode, uncomment and set these variables. A ClientHost beginning with a / will be treated as a domain socket.

name="dsclhost" id="dsclhost" value="" /> A IP address or a Unix domain socket.

name="dsclport" id="dsclport" value="" /> Will be only used if this client uses TCP/IP communication.

name="dsclident" id="dsclident" value="" /> A string that will be used to identify the client against a server.