15 1 dspam.inc true This wizard will guide you through the initial configuration of the DSPAM filter. Next submit 2 dspam.inc true DSPAM can be used in different network environment. Hence we are providing three distinct profiles to suit different DSPAM use cases. Please select a particular profile from the below profile selection. dspamprofile radio installedpackages->dspam->config->0->dspam-profile <center> <p> When your mail server gets ready to deliver mail to a user's mailbox it calls a delivery agent of some sort. On most UNIX systems, this is procmail, maildrop, mail.local, or a similar tool. When used as a delivery proxy, the DSPAM agent is called in place of your existing agent - or better put, it can masquerade as the local delivery agent. DSPAM then processes the message and will call the /real/ delivery agent to pass the good mail into the user's mailbox, quarantining the bad mail. DSPAM can optionally tag and deliver both spam and legitimate mail. </p> <p> In the diagram below, MTA refers to Mail Transfer Agent, or your mail server software: Postfix, Sendmail, Exim, etc. LDA refers to the Local Delivery Agent: Procmail, Maildrop, etc.. </p> </center> lda <center><img src="/wizards/dspam-lda-proxy.png" alt="DSPAM acts as a LDA proxy" border="0" /></center> dspamprofile radio installedpackages->dspam->config->0->dspam-profile <center> If you don't want to tinker with your existing mail server setup, DSPAM can be combined with one of a few open source programs designed to act as a POP3 proxy. This means spam is filtered whenever the user checks their mail, rather than when it is delivered. The benefit to this is that you can set up a small machine on your network that will connect to your existing mail server, so no integration is needed. It also allows your users to arbitarily point their mail client at it if they desire filtering. The drawback to this approach is that the POP3 protocol has no way to tell the mail client that a message is spam, and so the user will have to download the spam (tagged, of course). </center> pop <center><img src="/wizards/dspam-pop-proxy.png" alt="DSPAM will be invoked by a POP3 proxy" border="0" /></center> dspamprofile radio installedpackages->dspam->config->0->dspam-profile <center> Newer versions of DSPAM have seen features that allow it to function more easily as an SMTP relay. An SMTP relay sits in front of your existing mail server (requiring no integration). To use an SMTP relay, the MX records for your domains are repointed to the relay machine running DSPAM. DSPAM then relays the good (and optionally bad) mail to the existing SMTP server. This allows you to use DSPAM with even a Windows-based destination mail server as no integration is necessary. See doc/relay.txt for one example of how to do this with Postfix. </center> smtp <center><img src="/wizards/dspam-smtp-relay.png" alt="DSPAM acts as a SMTP realy" border="0" /></center> Next submit 3 dspam.inc On this screen you will set the storage driver type that will be used to store DSPAM tokens. After having completed this wizard you have to configure the database that you did select herein. storagedriver select installedpackages->dspam->config->0->storage-driver Specifies the storage driver backend (library) to use. mysql toggleDBSettings(); 1 mysql mysql sqlite sqlite bdb bdb pgsql pgsql oracle oracle hash hash msqlserver input installedpackages->dspam->config->0->dbsettings->0->mysql-server Either a reference to a Unix domain socket or a reference to a specific host. /tmp/mysql.sock ^[a-z0-9.|/]+$ Server name field is invalid msqlport input installedpackages->dspam->config->0->dbsettings->0->mysql-port Use this variable if you are going to a MySQL server instance using TCP/IP instead of a socket connection. 3306 ^[0-9]+$ Port field is invalid msqluser input installedpackages->dspam->config->0->dbsettings->0->mysql-user Username, that will be used to connect to a MySQL server instance. dspam msqlpwd input installedpackages->dspam->config->0->dbsettings->0->mysql-password Password, that will be used to connect to a MySQL server instance. dspam msqldb input installedpackages->dspam->config->0->dbsettings->0->mysql-database Database name, that contains DSPAM data. dspam msqlcomp checkbox installedpackages->dspam->config->0->dbsettings->0->mysql-compress Indicates whether communication data between DSPAM and MySQL should be compressed. on msqlsuqt checkbox installedpackages->dspam->config->0->dbsettings->0->mysql-squote Use this if you have the 4.1 quote bug (see doc/mysql.txt). msqlccache input installedpackages->dspam->config->0->dbsettings->0->mysql-ccache Conection cache default set to 10. 10 ^[0-9]+$ Connection cache field is invalid msqluid checkbox installedpackages->dspam->config->0->dbsettings->0->mysql-uid Insert user id into the DSPAM signature. on slitepr input installedpackages->dspam->config->0->dbsettings->0->sqlite-pragma A particular SQLite pragma command to be used. pgserver input installedpackages->dspam->config->0->dbsettings->0->pgsql-server A reference to a specific host that is running a PostgreSQL instance. 127.0.0.1 ^[a-z0-9.|-]+$ Server name field is invalid pgport input installedpackages->dspam->config->0->dbsettings->0->pgsql-port A number that represents the port a specific PostgreSQL instance is listening to. 5432 ^[0-9]+$ Port field is invalid pguser input installedpackages->dspam->config->0->dbsettings->0->pgsql-user Username, that will be used to connect to a PostgreSQL server instance. dspam pgpwd input installedpackages->dspam->config->0->dbsettings->0->pgsql-password Password, that will be used to connect to a PostgreSQL server instance. dspam pgdb input installedpackages->dspam->config->0->dbsettings->0->pgsql-database Database name, that contains DSPAM data. dspam pgccache input installedpackages->dspam->config->0->dbsettings->0->pgsql-ccache Conection cache default set to 3. 3 ^[0-9]+$ Connection cache field is invalid pguid checkbox installedpackages->dspam->config->0->dbsettings->0->pgsql-uid Insert user id into the DSPAM signature. on oraserver input installedpackages->dspam->config->0->dbsettings->0->ora-server A reference to a specific host that is running an Oracle database instance. 50 "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521))(CONNECT_DATA=(SID=PROD)))" orauser input installedpackages->dspam->config->0->dbsettings->0->ora-user Username, that will be used to connect to a Oracle database server instance. dspam orapwd input installedpackages->dspam->config->0->dbsettings->0->ora-password Password, that will be used to connect to a Oracle database server instance. dspam orasch input installedpackages->dspam->config->0->dbsettings->0->ora-schema Schema name, that contains DSPAM data. dspam hsrmax input installedpackages->dspam->config->0->dbsettings->0->hash-rec-max Default number of records to create in the initial segment when building hash files. 98317 ^[0-9]+$ Default number of record field is invalid hsatex checkbox installedpackages->dspam->config->0->dbsettings->0->hash-auto-ex Autoextend hash databases when they fill up. This allows them to continue to train by adding extents (extensions) to the file. on hsmxex input installedpackages->dspam->config->0->dbsettings->0->hash-max-ext The maximum number of extents that may be created in a single hash file. 0 ^[0-9]+$ Default number of record field is invalid hsexsz input installedpackages->dspam->config->0->dbsettings->0->hash-ext-size The record size for newly created extents. 49157 ^[0-9]+$ Default number of record field is invalid hsmxse input installedpackages->dspam->config->0->dbsettings->0->hash-max-seek The maximum number of records to seek to insert a new record before failing or adding a new extent. 100 ^[0-9]+$ Default number of record field is invalid hsccus input installedpackages->dspam->config->0->dbsettings->0->hash-co-user If you are using a single, stateful hash database in daemon mode, specifying a concurrent user will cause the user to be permanently mapped into memory and shared via rwlocks. user hscoca input installedpackages->dspam->config->0->dbsettings->0->hash-co-cache If running in daemon mode, this is the max # of concurrent connections that will be supported. 10 ^[0-9]+$ Default number of record field is invalid Next submit 4 dspam.inc On this page you will specify how DSPAM should deliver email messages to their final destination. This could be either a local delivery method or a TCP/IP based delivery method. dagent Specifies the local delivery agent DSPAM should call when delivering mail as a trusted user. select procmail procmail mail mail mail.local mail.local deliver deliver maildrop maildrop exim exim installedpackages->dspam->config->0->tdelivery-agent true dspamc Use <code>dspamc</code> instead of <code>dspam</code> to locally deliver mails from the MTA to the user's mailbox (this pulls in DSPAM client/server settings). checkbox installedpackages->dspam->config->0->thin-client true tcpipdel Use TCP/IP based delivery. This option needs to be ticked if you are going to deliver via LMTP or SMTP. checkbox installedpackages->dspam->config->0->tcpip-delivery dhost,dport,dident,delproto dhost input false installedpackages->dspam->config->0->tcpip-delivery-host Alternatively, you may wish to use SMTP or LMTP delivery to deliver your message to the mail server. ^[a-z0-9.|-]+$ Host name field is invalid dport input installedpackages->dspam->config->0->tcpip-delivery-port Port number of a particular host. ^[0-9]+$ Port field is invalid dident input installedpackages->dspam->config->0->tcpip-delivery-ident A particular identification string. delproto A particular protocol typ. Either SMTP or LMTP. select ltmp lmtp smtp smtp installedpackages->dspam->config->0->tcpip-delivery-proto onfail What to do if local delivery or quarantine should fail. select error error unlearn unlearn installedpackages->dspam->config->0->delivery-onfail Next submit 5 dspam.inc Usually the DSPAM binary that ships with pfSense does not contain debugging symbols. Hence it makes little sense to enable debugging options. If you are quite certain that your DSPAM distribution comes with debugging enabled you may tweak the below debugging options. true enabledbg Enable debugging. checkbox installedpackages->dspam->config->0->debug-enable debug,dopt debug input installedpackages->dspam->config->0->debug-whom Enables debugging for some or all users. dopt input installedpackages->dspam->config->0->debug-options One or more of: process, classify, spam, fp, inoculation, corpus Next submit 6 dspam.inc On this page you will find some specific options required to operate the DSPAM engine. Please consult your <code>dspam.conf</code> for a detailed explanation of each option. If you are unsure about the meaning of a particular option, please use the default values. tmode The default training mode to use for all operations, when one has not been specified on the commandline or in the user's preferences (default: teft). select teft toe toe tum tum teft teft notrain notrain installedpackages->dspam->config->0->training-mode true testct on By default, dspam will retrain certain errors until the condition is no longer met (default: enabled). checkbox installedpackages->dspam->config->0->test-cond-training pvalue Specify the technique used for calculating PValues, overriding any defaults configured in the build (default: graham). select teft graham graham robinson robinso markov markov installedpackages->dspam->config->0->pvalue true ipdrive on Calculate odds-ratios for ham/spam, and add to X-DSPAM-Improbability headers (default: disabled). checkbox installedpackages->dspam->config->0->improbability-drive Next submit 7 dspam.inc DSPAM comes with the ability to verify users agains user records stored within a LDAP directory. If using this option, it would be for example possible to verify mail users against Windows user entries stored within an Active Directory. Please consider this feature as somewhat experimental. true enableldap Enable checks against a LDAP directory. checkbox installedpackages->dspam->config->0->ldap-enable ldapmode,ldaphost,ldapfilter,ldapbase ldapmode Perform various LDAP functions depending on LDAPMode variable. select verify verify verify installedpackages->dspam->config->0->ldap-mode ldaphost input installedpackages->dspam->config->0->ldap-host Hostname of the LDAP directory server. ldapfilter input installedpackages->dspam->config->0->ldap-filter A specific query filter, that should be used while querying the LDAP server. ldapbase input installedpackages->dspam->config->0->ldap-base A particular distinguish name from where to start LDAP queries. Next submit 8 dspam.inc On this page we will give you an opertunity to fine-tune the DSPAM engine. As mentioned earlier, if you are unsure about the meaning of a particular option, use its default value. foatt input installedpackages->dspam->config->0->failover-attempts A particular number of attempts (default: 1). true enablesbl Enable checks against a particular SBL host (default: disabled). checkbox installedpackages->dspam->config->0->sbl-enable sblhost sblhost input installedpackages->dspam->config->0->sbl-host A particular SBL hostname (default: none). 30 true enablerbl Enable RBL inoculation support (default: disabled). checkbox installedpackages->dspam->config->0->rbl-inoculate true enablenoti Enable the sending of notification emails to users (first message, quarantine full, etc. default: disabled). checkbox installedpackages->dspam->config->0->notification-email Next submit 9 dspam.inc DSPAM stores token data etc. in some kind of a database (e.g. a RDBMS or flat files). Over time, this token data may consume lots of space. Hence it makes sense to run certain routines to clean up unused data. psig input installedpackages->dspam->config->0->purge-signatures Purge stale signatures (default: 14). pneut input installedpackages->dspam->config->0->purge-neutral Purge tokens with neutralish probabilities (default: 90). punu input installedpackages->dspam->config->0->purge-unused Purge unused tokens (default: 90). phapa input installedpackages->dspam->config->0->purge-hapaxes Purge tokens with less than 5 hits (hapaxes - default: 30). pones input installedpackages->dspam->config->0->purge-hits-1s Purge tokens with only 1 spam hit (default: 15). ponei input installedpackages->dspam->config->0->purge-hits-1i Purge tokens with only 1 innocent hit (default: 15). Next submit 10 dspam.inc This page contains additional settings related to the DSPAM system such as logging, message processing behaviour et cetera. locmx input installedpackages->dspam->config->0->local-mx Local Mail Exchangers: Used for source address tracking, tells DSPAM which mail exchangers are local and therefore should be ignored in the Received: header when tracking the source of an email. Note: you should use the address of the host as appears between brackets [ ] in the Received header (default: 127.0.0.1). true enablesysl Enable system logging (default: enabled). checkbox installedpackages->dspam->config->0->system-log true enableusel Enable per user logging (default: enabled). checkbox installedpackages->dspam->config->0->user-log optinout Opt: in or out; determines DSPAM's default filtering behavior (default: out). select out out out in in installedpackages->dspam->config->0->filter-opt true enableptoh Parse the To: headers of an incoming message. (default: disabled). checkbox installedpackages->dspam->config->0->parse-to-headers true enablecmop Automatically change the class (to spam or innocent - default: disabled). checkbox installedpackages->dspam->config->0->change-mode-on-parse true enablecuop Automatically change the username to match that specified in the To: header (default: enabled). checkbox installedpackages->dspam->config->0->change-user-on-parse maxmsgs input installedpackages->dspam->config->0->max-message-size You may specify a maximum message size in bytes for DSPAM to process. (default: 307200). true procbias Bias causes the filter to lean more toward "innocent", and usually greatly reduces false positives. It is the default behavior of most Bayesian filters, including dspam (default: enabled). checkbox installedpackages->dspam->config->0->processor-bias Next submit 11 dspam.inc DSPAM comes with an additional feature which allows to scan mail messages for malicious code (i.e. virii). If you require messages not only to be classified as Spam/Ham but additionally to be scanned for virii, enable to appropriate option below. true enableclam Enable ClamAV Engine (default: disabled). checkbox installedpackages->dspam->config->0->clamav-enable clamport,clamhost,clamresp clamport input installedpackages->dspam->config->0->clamav-port A number that specifies the port the ClamAV daemon is listening to (default: none). clamhost input installedpackages->dspam->config->0->clamav-host An IP address that points to the host the ClamAV daemon is running on (default: none). clamresp The action that should take place, if ClamAV reports a positive (default: none). select accept reject reject accept accept spam spam installedpackages->dspam->config->0->clamav-response Next submit 12 dspam.inc DSPAM can be either invoked per message (i.e. a thread per message) or it can be run as a daemon in the background. The latter option enables DSPAM to maintain database connection pools which may increase overall performance. Based on the profile, that you did choose initially, some of the below options may be already set. dsport input installedpackages->dspam->config->0->dspam-server-port A number that specifies the port the DSPAM daemon is listening to (default: none). dsqsize input installedpackages->dspam->config->0->dspam-server-queue-size A number that specifies the server's queue size (default: none). dspid input installedpackages->dspam->config->0->dspam-server-pid Keep this is sync with <code>/usr/local/etc/rc.d/dspam.rc</code> script (default: none). 40 dssmode Specifies the type of LMTP server to start. (default: none). select auto dspam dspam standard standard auto auto installedpackages->dspam->config->0->dspam-server-mode serverparam input installedpackages->dspam->config->0->dspam-server-params Parameters which will be passed to the LMTP server (default: none). serverid input installedpackages->dspam->config->0->dspam-server-id An identification string which will be used to be passed to the LMTP server (default: none). serversock input installedpackages->dspam->config->0->dspam-server-socket A local Unix domain socket (default: none). 40 Next submit 13 dspam.inc If you did configure DSPAM to run in dspam mode, it is required to configure client settings because DSPAM needs for example to authenticate against its server counterpart. true enabledsclient Run DSPAM in client mode (default: disabled). checkbox installedpackages->dspam->config->0->dspam-client-enable dsclhost,dsclport,dsclident dsclhost input installedpackages->dspam->config->0->dspam-client-host An IP address or a Unix domain socket (default: none). dsclport input installedpackages->dspam->config->0->dspam-client-port Will be only used if this client uses TCP/IP communication (default: none). dsclident input installedpackages->dspam->config->0->dspam-client-id A string that will be used to identify the client against a server. (default: none). 40 Next submit 14 dspam.inc true Click 'Reload' to reload the DSPAM daemon with new changes. Reload submit 15 dspam.inc A reload is now in progress. Please wait. <br /> <br /> The system will automatically try to access DSPAM settings in 120 page seconds. <br /> <br /> You can click on the icon above to access the site more quickly.