Need a bit of help with the antispam plugin

Steffen Kaiser skdovecot at smail.inf.fh-brs.de
Tue Apr 7 12:58:00 UTC 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 7 Apr 2015, John Perry wrote:
> On 2015/04/07 04:22, Steffen Kaiser wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> 
>> On Tue, 31 Mar 2015, Anthony Papillion wrote:
>> 
>>> Date: Tue, 31 Mar 2015 18:37:34 -0500
>>> From: Anthony Papillion <anthony at cajuntechie.org>
>>> To: dovecot at dovecot.org
>>> Subject: Need a bit of help with the antispam plugin
>>> 
>>> Hello Everyone,
>>> 
>>> I'm running the antispam plugin on Dovecot 2.0.19 on Ubuntu Server 14.04
>>> and I can't seem to get it to work. In the IMAP section of dovecot.conf
>>> I have the following lines:
>>> 
>>> protocol imap {
>>>    mail_plugins = $mail_plugins imap_quota imap_acl antispam
>>> #    mail_plugins = $mail_plugins imap_quota imap_acl
>>>    imap_client_workarounds = tb-extra-mailbox-sep
>>>
>>>    # Maximum number of IMAP connections allowed for a user from each IP
>>> address.
>>>    # NOTE: The username is compared case-sensitively.
>>>    # Default is 10.
>>>    # Increase it to avoid issue like below:
>>>    # "Maximum number of concurrent IMAP connections exceeded"
>>>    mail_max_userip_connections = 20
>>> 
>>> plugin {
>>>  antispam_debug_target = syslog
>>>  antispam_verbose_debug = 1
>>>
>>>  antispam_backend = pipe
>>>  antispam_trash = Trash
>>>  antispam_spam = Junk
>>>  antispam_pipe_program_spam_arg = --spam
>>>  antispam_pipe_program_notspam_arg = --ham
>>>  antispam_pipe_program = /usr/bin/sa-learn
>>>  antispam_pipe_program_args = --username=%Lu
>>> }
>>> }
>> 
>> replace the value of antispam_pipe_program with a script:
>> 
>> ======
>> #/bin/bash
>> 
>> (
>> set -x
>> id -a
>> date
>> /usr/bin/sa-learn "$@"
>> rc=$?
>> echo rc=$rc
>> exit $rc
>> ) >/tmp/antispam.$$.log 2>&1
>> ====
>> 
>> Then check on the command line, what happens if you invoke the command
>> line as the user displayed by the id command.
>> 
>>> For some reason, when I try to move something to Junk, I get the
>>> following in my syslog:
>>> 
>>> Mar 31 18:27:16 anonymail imap: antispam: plugin initialising (2.0-notgit)
>>> Mar 31 18:27:16 anonymail imap: antispam: verbose debug enabled
>>> Mar 31 18:27:16 anonymail imap: antispam: "Junk" is exact match spam 
>>> folder
>>> Mar 31 18:27:16 anonymail imap: antispam: no unsure folders
>>> Mar 31 18:27:16 anonymail imap: antispam: "Trash" is exact match trash
>>> folder
>>> Mar 31 18:27:16 anonymail imap: antispam: pipe backend spam argument =
>>> --spam
>>> Mar 31 18:27:16 anonymail imap: antispam: pipe backend not-spam argument
>>> = --ham
>>> Mar 31 18:27:16 anonymail imap: antispam: pipe backend program =
>>> /usr/bin/sa-learn
>>> Mar 31 18:27:16 anonymail imap: antispam: pipe backend program arg[0] =
>>> --username=anthony at cajuntechie.org
>>> Mar 31 18:27:16 anonymail imap: antispam: pipe backend tmpdir /tmp
>>> Mar 31 18:27:19 anonymail imap: antispam: mailbox_is_unsure(Junk): 0
>>> Mar 31 18:27:19 anonymail imap: antispam: mailbox_is_trash(INBOX): 0
>>> Mar 31 18:27:19 anonymail imap: antispam: mailbox_is_trash(Junk): 0
>>> Mar 31 18:27:19 anonymail imap: antispam: mail copy: from trash: 0, to
>>> trash: 0
>>> Mar 31 18:27:19 anonymail imap: antispam: mailbox_is_spam(INBOX): 0
>>> Mar 31 18:27:19 anonymail imap: antispam: mailbox_is_spam(Junk): 1
>>> Mar 31 18:27:19 anonymail imap: antispam: mailbox_is_unsure(INBOX): 0
>>> Mar 31 18:27:19 anonymail imap: antispam: mail copy: src spam: 0, dst
>>> spam: 1, src unsure: 0
>>> Mar 31 18:27:19 anonymail imap: antispam: running mailtrain backend
>>> program /usr/bin/sa-learn
>>> Mar 31 18:27:19 anonymail imap: antispam: running mailtrain backend
>>> program /usr/bin/sa-learn
>>> Mar 31 18:27:19 anonymail imap: antispam: running mailtrain backend
>>> program parameter 1 --username=anthony at cajuntechie.org
>>> Mar 31 18:27:19 anonymail imap: antispam: running mailtrain backend
>>> program parameter 2 --spam
>>> Mar 31 18:27:21 anonymail imap: antispam: run program failed with exit
>>> code -1
>>> 
>>> This is probably a permissions issue but I'm not able to debug it. Can
>>> anyone offer me any clues as to what I might be doing wrong or how I
>>> might fix it?
>>> 
>>> Thanks,
>>> Anthony
>
> I'm having the exact same issue. I applied the change you recommended to 
> Anthony (I.E. create the script and call that rather than sa-learn directly) 
> and I see that the resultant log file in /tmp is never created. Any 
> additional suggestions would be greatly appreciated!

Is this script executable for all, e.g.:

chmod a+x /path/to/script

Is the script located in a directory everybody are allowed to execute, 
e.g. /usr/local/bin or /usr/bin .

Can you run, e.g.:

sudo -u nobody /path/to/script

and something is happening?

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBVSPUWHz1H7kL/d9rAQLtzgf5AUXDxhhQg7EsO5qEaDKgvKBgNt7dWF2Y
ui7h1uW47c0bja4E4d89X7oHsZ1HQXvvuobbBlDxIzdhweoK8bISDL7DYSLCLW1s
wzf5z4FqFbr6H1bj5oX8/ZgQ3+4ONL9aAmMhHT6JUxPZ98JtPUlm/yzNu2eYfQbG
p5Q62RHr/tsNG0jg9AHGEsrbSDpIkrmk3n2qgddwA8dCWcNMjHzDJThgGpKoEEq2
ohvjr6V3TUJcL6BZ/GR0B+2VKaQSdR6FlhhuItZrpbClOeoe1MyOos/p5TLnL+Lp
XFm5DAATbQYEEmnaC+1G2dQoFuix+mMXxPq4L1LH/+O8ztGLh8QTdQ==
=pLIX
-----END PGP SIGNATURE-----

More information about the dovecot mailing list