DSpam?

[trakwebster]

A posting on Slashdot describes the dSpam system ...

DSPAM v2.10 is finally available, after four months of development. This is the first stable release to include Bayesian Noise Reduction which was recently mentioned on Slashdot and in Wired News as an algorithm providing accuracy levels as high as 10x that of a human. Some other new features include Neural Networking - which finds nodes in a network that are contextually similar to form a decision matrix, Global Filtering - which provides SpamAssassin-like out-of-the-box type filtering for new users until they build up their own wordlist, Automatic Whitelisting - which automatically learns who your trusted senders are, and many other optimizations and enhancements.

Gee, it sounds pretty good.

We're all being buried by spam. I get 1000-2000 daily, and one of my own domains is regularly hijacked as a return address, giving me 200-400 bad-address returns every day.

If this system is actually better, I'd be grateful if cpanel would consider weaving it into our systems.

The slashdot gives a link to the dSpam project here --

http://www.nuclearelephant.com/projects/dspam/

(Disclaimo: I have no affiliation with this project, and am not very knowledgable about the system.)

[DogTags]

Hi All

I'm just finding out about dspam, too. Seems very interesting.

Has anyone tried it?

Cheers

[anup123]

The average processing time as compared to SA's looks very promising.

Anup

[chirpy]

We're all being buried by spam

Not here, I have at least a 99% detection rate. Dspam does look interesting, but from what I've seen it doesn't appear to have a great deal of granularity, i.e. user configurable to the email address level.

[anup123]

Not here, I have at least a 99% detection rate. Dspam does look interesting, but from what I've seen it doesn't appear to have a great deal of granularity, i.e. user configurable to the email address level.

Say the following setup is there:

A box where webmail (webumake.com) users far outnumber (by a factor of 100) the other mail users type.? Would you recommend dspam or still prefer SA in such a setup?
How easy or tricky is implementation?

Thanks
Anup

[dezignguy]

I saw DSPAM a couple months ago and it looked quite interesting and I was considering testing it out in a semi-production environment, but then it appeared that it's one of the 'accept all email' filters, (like SA) and I don't really like that... so I'll stick with ASSP (http://assp.sourceforge.net) and keep rejecting spam in the smtp conversation so that I don't have to deal with it, and I can let the spammers know that their spew isn't being read and it definitely isn't wanted.

But maybe sometime soon I'll get around to trying it out anyways...

[chirpy]

Say the following setup is there:

A box where webmail (webumake.com) users far outnumber (by a factor of 100) the other mail users type.? Would you recommend dspam or still prefer SA in such a setup?
How easy or tricky is implementation?

Thanks
Anup

That is a good question as email loads can get very high with a webmail installation. In that case I would generally recommend email rejection within exim.conf with a few good RBL's as webmail scripts can suffer badly from dictionary attacks. It can be quite a juggling act.

That said, We have a server with several customers of our webmail product running and MailScanner/SA copes just fine.

But I'm hijacked another thread, sorry, this is about Dspam, which does look nice, but I do worry about its lack of configurability.

[Planet_Master]

Well I have to say Dspam is amazing. We used chirpy's Mailscanner setup and the results were great over Spamassassin but seems no matter how much configuring a trickle of spam always got through as well as those annoying {Definatly Spam} emails. So I decided to give Dspam a shot. First of all there is NO documentation on how to really install this program, just a bit here and a bit there. Basically had to figure this out on my own but the results are amazing. Have this working on all our RH9 and RHE3 boxes with no problems.

Since Dspam was installed and trained on all of our servers we get 0 spam, yes 100% of spam is blocked and discarded while legit email flows normally. Also was able to integrate with ClamAV. So we removed Mailscanner and with Dspam the loads are non existent. We can now say we are 100% spam free. Still working on the web interface part of this program for our VisionZ cpanel theme intergration (Release early 2006) but for all intents and purposes this is the bomb when it comes to spam assassination. highly recommended.

Just want to add this was probably the most difficult install I have ever done so those without patience and knowledge I wouldn't even try it. But once its up and running its like a gift from heaven spam no longer exists in our system. The bonus is it will even block spam being sent from the server so spammers are identified immediately and we dont ever have to worry about being blacklisted on any of our servers.

[insane]

Is there a simple way to install DSPAM on cPanel because I would definitely use this.

[Xdred]

I have installed Dspan on a couple of CentOS boxes in the past. Great results after the filter is trained. Automatically creates a web based quarantine box for the user when the first e-mail arrives. Users love it except for the tracking number inserted in the body of every e-mail used for training on false positivies. Very difficult to set-up as store and forward where you are scanning for say remote exchange servers. The product is written in C and very fast and light load compared to MailScanner. Many advantages such per user web based quarantine which in my opinion is the main problem with MailScanner. The install is a nightmare even on a regular box without cpanel. I think deb has some packages that make install a bit easier. This would be a great addition to cpanel however cpanel would never even consider it due to complexity. If say a guy like Chirpy decided to support the install and intergration and charge $500 for installition I would feel like it was a bargain. I really love MailScanner but this is really a step above.

[chirpy]

I've looked into implementing Dspam as, on the face of it, it looks very good indeed. The problem I have with it is it's almost complete lack of configurability. You cannot do any whitelisting or blacklisting, you cannot implement per domain or per email address scanning. It's also very difficult to allow access to the end-user UI without having to do silly and insecure methods of exposing /etc/shadow. To me, this makes it very useful for a single client server, but isn't of much use for a multi-client web hosting solution. Actual installation with exim is explained simply enough in the docs, though.

[Xdred]

Chirpy:
Dspam is not ASP aware and this is certainly an issue. eapps.com has Dspam integrated into Helm with all of the features we are accustomed to in Mailscanner except the whitelisting or blacklisting. Per email address scanning is turned on or off using a .forward file. This is built into their gui. Not sure how passwords are handled but Dspam does support LDAP. For store and forward to remote exchange servers the application can be configured to authenticate against the exchange pop so users can use existing domain passwords. Julian has done extensive work on MailScanner to support third party drop-in scanners such as Dspam. The market is demanding per user web based quarantine. Premium prices are $2.25 per mailbox per month. Proprietary software is extremely expensive 15k to 50k with per user reoccurring yearly fees. I implemented a proprietary product two years ago that has per user web based quarantine and paid 5k. Never looked back. Was a great investment and so far not one client has cancelled. Great monthly increasing revenue from this box. We also use MailScanner on Cpanel and non panel boxes. With MailScanner we set low scoring spam to store and high spam to delete. Users do not want the possible spam tagged or special rules configured in outlook. Even with special rules and fine-tuning of MailScanner and Spamassassin we have a small number of false positives that creates helpdesk tickets. We live with it because of the premium revenue. So the bottom line is per user web based quarantine = $$$. It would be nice if a product with this ability could be integrated with cpanel.

[hartzcs]

Well I have to say Dspam is amazing. We used chirpy's Mailscanner setup and the results were great over Spamassassin but seems no matter how much configuring a trickle of spam always got through as well as those annoying {Definatly Spam} emails. So I decided to give Dspam a shot. First of all there is NO documentation on how to really install this program, just a bit here and a bit there. Basically had to figure this out on my own but the results are amazing. Have this working on all our RH9 and RHE3 boxes with no problems.

Since Dspam was installed and trained on all of our servers we get 0 spam, yes 100% of spam is blocked and discarded while legit email flows normally. Also was able to integrate with ClamAV. So we removed Mailscanner and with Dspam the loads are non existent. We can now say we are 100% spam free. Still working on the web interface part of this program for our VisionZ cpanel theme intergration (Release early 2006) but for all intents and purposes this is the bomb when it comes to spam assassination. highly recommended.

Just want to add this was probably the most difficult install I have ever done so those without patience and knowledge I wouldn't even try it. But once its up and running its like a gift from heaven spam no longer exists in our system. The bonus is it will even block spam being sent from the server so spammers are identified immediately and we dont ever have to worry about being blacklisted on any of our servers.

heh, it worked so well for him, he's now out of business.