Как корректно настроить обучение спам-фильтра? Конфигурация такая :
Код: Выделить всё
#### SPAM + ROUTER start ######
dspam_spamscan_router:
driver = accept
domains = +local_domains
no_verify
condition = "${if and {{!eq {$received_protocol}{spam-scanned}} {!eq {$received_protocol}{local}} } {1}{0}}"
transport = dspam_spamcheck_transport
require_files = /usr/local/bin/dspam
address_test = false
#### SPAM + ROUTER finish #####
#Proverka local user
mysqluser:
driver = accept
condition = ${if eq{} {${lookup mysql{SELECT CONCAT(home,"/",mbox_host,"/",id) FROM users \
WHERE id='${local_part}' AND mbox_host='${domain}' \
AND active='Y'}}}{no}{yes}}
transport = mysql_delivery
#Proverka AD user
adsi_check:
driver = redirect
domains = +relay_to_domains
allow_fail
allow_defer
forbid_file
forbid_pipe
redirect_router = adsi_ok
data = ${lookup ldap {LDAP_AD_MAIL_RCPT} {${local_part}@${domain}}{:fail: User unknown}}
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
adsi_ok:
driver = manualroute
transport = remote_smtp
route_list = * exchange.srv
no_more
Код: Выделить всё
begin transports
###
dspam_spamcheck_transport:
driver = pipe
command = /usr/local/bin/dspam --deliver=innocent --user "$local_part@$domain" -- %u
user = mailnull
group = mail
return_path_add = false
log_output = true
return_fail_output = true
headers_remove = X-DSPAM-Result
Код: Выделить всё
root@relay:/etc/mail # dspam_stats -H spam-base@domain.ru
spam-base@domain.ru:
TP True Positives: 43
TN True Negatives: 1007
FP False Positives: 0
FN False Negatives: 0
SC Spam Corpusfed: 153
NC Nonspam Corpusfed: 0
TL Training Left: 1493
SHR Spam Hit Rate 100.00%
HSR Ham Strike Rate: 0.00%
PPV Positive predictive value: 100.00%
OCA Overall Accuracy: 100.00%
Код: Выделить всё
root@relay:/etc/mail # cat /var/db/dspam/group
primary:classification:spam-base@domain.ru
Настройки самого dspama:
Код: Выделить всё
Home /var/db/dspam
StorageDriver /usr/local/lib/libmysql_drv.so
TrustedDeliveryAgent "/usr/local/sbin/exim -oMr spam-scanned" # Exim
OnFail error
Trust root
Trust dspam
Trust apache
Trust mail
Trust mailnull
Trust smmsp
Trust daemon
TrainingMode teft
TestConditionalTraining on
Feature chained noise
Algorithm graham burton
PValue graham
Preference "signatureLocation=headers"
Preference "showFactors=on"
Preference "spamAction=tag"
Preference "spamSubject=SPAM"
AllowOverride trainingMode
AllowOverride spamAction spamSubject
AllowOverride statisticalSedation
AllowOverride enableBNR
AllowOverride enableWhitelist
AllowOverride signatureLocation
AllowOverride showFactors
AllowOverride optIn optOut
AllowOverride whitelistThreshold
MySQLServer localhost
MySQLPort 3306
MySQLUser dspam
MySQLPass ****
MySQLDb dspam
MySQLServer /tmp/mysql.sock
HashRecMax 98317
HashAutoExtend on
HashMaxExtents 0
HashExtentSize 49157
HashMaxSeek 100
HashConnectionCache 100
IgnoreHeader X-Spam-Status
IgnoreHeader X-Spam-Score
IgnoreHeader X-Spam-Scanned
IgnoreHeader X-Virus-Scanner-Result
IgnoreHeader Date
IgnoreHeader Envelope-to
IgnoreHeader Delivery-date
IgnoreHeader Received
IgnoreHeader User-Agent
IgnoreHeader Content-Type
IgnoreHeader Content-Transfer-Encoding
IgnoreHeader To
Notifications off
LocalMX 127.0.0.1
SystemLog on
Opt out
MaxMessageSize 200000
ProcessorBias on
Лог письма с заголовками:
Код: Выделить всё
Received: from relay.domain.ru (192.168.0.6) by exchange.srv
(192.168.1.29) with Microsoft SMTP Server id 14.2.347.0; Wed, 10 May 2017
18:08:56 +0300
Received: from mailnull by relay.domain.ru with spam-scanned (Exim 4.87
(FreeBSD)) (envelope-from <user@yandex.ru>) id 1d8TEa-0003BV-9K for
admin@domain.ru; Wed, 10 May 2017 18:09:00 +0300
Received: from forward5o.cmail.yandex.net ([37.9.109.249]) by
relay.domain.ru with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.87 (FreeBSD)) (envelope-from <user@yandex.ru>) id
1d8TEZ-0003BD-TM for admin@domain.ru; Wed, 10 May 2017 18:08:59
+0300
Received: from mxback14j.mail.yandex.net (mxback14j.mail.yandex.net
[IPv6:2a02:6b8:0:1619::90]) by forward5o.cmail.yandex.net (Yandex) with ESMTP
id A5B1920CD3 for <admin@domain.ru>; Wed, 10 May 2017 18:08:41 +0300
(MSK)
Received: from web15m.yandex.ru (web15m.yandex.ru [37.140.138.106]) by
mxback14j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id iwc7ogAW54-8fR4Scqu;
Wed, 10 May 2017 18:08:41 +0300
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1494428921;
bh=Qjnv0z8MNO/wFLlv0hcJND/tm6E1H7hW81pMerMe8FE=;
h=From:To:In-Reply-To:Subject:Message-Id:Date;
b=ksXy1shRrWajl6RwoEXMEhZHLhsa/vXgWvO56htpIYnpEicSLAImi3SGTIjgL5RNc
s4M3MyuQkHnZyClhjQZnpGPBfgGMYNrdAOfrVfdieEKPV3RVEDP1zVEh68ZKpBLx9C
Lcghp7Z5OsvdsvIOj5KtVz4KLlztjTNpcKZfKsDA=
Authentication-Results: mxback14j.mail.yandex.net; dkim=pass header.i=@yandex.ru
Received: by web15m.yandex.ru with HTTP; Wed, 10 May 2017 18:08:41 +0300
From: <user@yandex.ru>
To: =?utf-8?B?0JDQu9C10LrRgdC10Lkg0K7RgNGM0LXQstC40Ycg0KDQvtC90LbQuNC9?=
<admin@domain.ru>
In-Reply-To: <2031771494426756@web5o.yandex.ru>
Subject: =?utf-8?B?ItCk0L7RgNGB0LDQtiA4IiAtINC70LXQs9C10L3QtNCw0YDQvdGL0Lkg0JrRgNC10YHRgiDQotC+0YA=?=
=?utf-8?B?0LXRgtGC0L4=?=
MIME-Version: 1.0
Message-ID: <2017871494428921@web15m.yandex.ru>
X-Mailer: Yamail [ http://yandex.ru ] 5.0
Date: Wed, 10 May 2017 18:08:41 +0300
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="utf-8"
X-DSPAM-Result: Innocent
X-DSPAM-Processed: Wed May 10 18:09:00 2017
X-DSPAM-Confidence: 0.9899
X-DSPAM-Probability: 0.0000
X-DSPAM-Signature: 59132d0c122421864419593
X-DSPAM-Factors: 27,
X-Mailer*//yandex.ru, 0.01000,
X-Mailer*Yamail, 0.01000,
DKIM-Signature*c=relaxed/relaxed, 0.01000,
From*yandex.ru, 0.01000,
*From, 0.01000,
*10, 0.01000,
%d0%b2, 0.01000,
DKIM-Signature*sha256, 0.01000,
http, 0.01000,
X-Mailer*[, 0.01000,
*May, 0.01000,
*Wed, 0.01000,
X-Mailer*http, 0.01000,
Authentication-Results*dkim=pass, 0.01000,
DKIM-Signature*d=yandex.ru, 0.01000,
DKIM-Signature*a=rsa, 0.01000,
MIME-Version*1.0, 0.01000,
DKIM-Signature*s=mail, 0.01000,
Authentication-Results*header.i=, 0.01000,
//www, 0.01000,
*yandex.ru, 0.01000,
DKIM-Signature*h=From, 0.01000,
DKIM-Signature*v=1, 0.01000,
From*user, 0.01000,
%d1%87%d0%b0%d1%81%d1%82%d0%b8, 0.01000,
X-Mailer*5.0, 0.01000,
X-Mailer*], 0.01000
Return-Path: user@yandex.ru
X-MS-Exchange-Organization-AuthSource: exchange.srv
X-MS-Exchange-Organization-AuthAs: Anonymous