Simpler postfix + dspam

I have read a shitload of overcomplicated setups to bring up a postfix / dspam SMTP + antispam server, and finally came to a much lighter and simpler configuration by basically reading documentation and real life examples. Note this is suitable for a personnal and basic environment, no database, no virtual setup. Basic stuff.

The target system is NetBSD but this short doc should apply to pretty much any UNIX / Linux.

On dspam’s side, I added the following parameters:

# really postfix
TrustedDeliveryAgent "/usr/sbin/sendmail"
[...]
# add involved users
Trust dspam
Trust postfix
[...]
# declare UNIX socket
ServerDomainSocketPath  "/tmp/dspam.sock"
ClientHost               /tmp/dspam.sock

On postfix’s main.cf side:

# don't overwhelm dspam, only one message at a time
dspam_destination_recipient_limit = 1
smtpd_client_restrictions =
   permit_sasl_authenticated
   check_client_access regexp:/etc/postfix/dspam_filter_access

Warning, I used regexp: instead of pcre: because that’s what NetBSD base’s postfix supports. The dspam_filter_access pipes the message to dspam’s socket by matching everything:

$ cat /etc/postfix/dspam_filter_access
/./     FILTER dspam:unix:/tmp/dspam.sock

The only remaining piece is to declare the dspam service in postfix’s master.cf file:

dspam     unix  -       n       n       -       10      pipe
  flags=Ru user=dspam argv=/usr/pkg/bin/dspam --deliver=innocent,spam -i -f ${sender} --user ${user} -- ${recipient}

The final delivery method is up to you, but I chose procmail, mostly because I have written my rules a while ago and am too lazy to adapt them to sieve :)

mailbox_command = /usr/pkg/bin/procmail

Sources:

• https://www.owlfish.com/thoughts/dovecot-antispam-2011-03-21.html
• https://kuther.net/howtos/integrate-dspam-postfix-dovecot-any-mail-client
• https://help.ubuntu.com/community/Postfix/Dspam