Posted on 1 Comment

mail server infrastructure… dspam

I’ve been browsing around infrastructure tools, starting earlier with Postfix (SMTP server), and an POP/IMAP server.

There are a few reasons I’m doing this.
From the MySQL perspective, where tools are able to use MySQL, we would like to see it used optimally and provide some assistance where needed.
From my own perspective, infrastructure tools have always been favourite ever since my early coding days. I can tell when a GUI is good or not, but I know that building them is not my thing 😉

Infrastructure is made up of many tools, but it all needs to work together. Different people make different choices (based on their needs and preferences) and so we can’t actually expect any Linux distribution to contain precisely what we need, configured the way we need it. And sometimes tools can work together in theory since they provide some kind of external interface/API, but actually setting it up can be something that the respective documentation does not deal with (since it goes beyond the basic local functionality).

I am working all this into a dynamic article about setting up a mail server that uses MySQL as its backend, with configuration examples on MySQL Forge wiki pages. I call it dynamic (and partially on wiki) as it’s evolving, and I’m hoping that other people will participate also.

In the same realm, I’m now taking a peek at dspam, which looks like a very neat piece of work. It uses innovative technology, all based on the Bayesian principles. Many modern anti-spam tools use Bayesian logic, calculating the probability of an email being spam or not, based on past emails. They learn, adapt, evolve… pretty neat!
This is very different to for instance the popular tool SpamAssassin, which is mostly rule-based. I say mostly, because SpamAssassin can now also use a Bayesian filter as part of its decision making process.

Some time ago I was wondering whether such hybrid solutions might actually be less effective than a good single Bayesian. So I tried it with my own mail, using just bogofilter. The results were impressive, and it actually also caught most virus emails. I don’t care much for virus emails anyway (rather than not wanting to see them) but on a proper mailserver one might want to use an anti-virus tool anyway to catch that stuff no matter what.
What’s interesting is that this pure Bayesian method also produces very few false positives. That’s very important to me, because finding good mail in between the junk is exactly the problem we’re trying to get rid of. SpamAssassin’s rule-based system can easily trigger false positives and tuning it all is a delicate matter.

The key word in the above paragraph might be “good”. Bogofilter is pretty good, but it only uses one basic algorithm and it’s fairly limited in that sense.

Back to dspam… it has a very good track record (see their site, and related articles) catching nearly all spam, very few false positives, and it supports calling ClamAV for the anti-virus component. So they thought of that aspect also. Alright, so I’m impressed because they happened to follow exactly my line of thinking – but why not, I can have preferences too! 😉
dspam is written in C. I don’t really like Perl-based solutions in a mail path… it may not be much slower (though that’s debatable) but it definitely eats more memory.

More details (and the article) coming soon… in the meantime, do take a peek at these tools, and feel free to write me about your own findings!

Posted on 1 Comment

1 thought on “mail server infrastructure… dspam

  1. We’re using postfix, dspam, saslauthd, and dovecot with an ldap authentication backend. While setting postfix+dovecot up for ldap, I also set them up for mysql authentication. It’s remarkably easy.

    dspam is a great piece of software. it is, obviously, only as good as its trainer. most of our users don’t train theirs, and so still get spammed a fair amount, but those that do train have a lot of success.

    we’re using an older version that doesn’t support clamav and only has limited lmtp support, so I’m looking forward to upgrading to the latest and greatest dspam in the future.. and getting rid of amavis.

    jonathan is also pretty good about responding to feature requests/trouble on the lists. I just wish the web interface was a little better.

Comments are closed.