Dspam filters spam with the best. In my installation, it stops over 98% of all spam: I’ve only had one false positive in the last year, and that was a message to the Dspam list that contained a real spam!

Administering Dspam is a breeze. No rules to configure, new users can automatically benefit from a global dictionary and quarantine management is simple. But getting a Dspam quarantine set up the first time, without losing any email, can challenge the most seasoned mail administrators.

In this article, I’m going to trace email through the various parts of a Postfix mail server running Dspam and Procmail or Maildrop, focusing on getting the CGI quarantine working correctly. I’ll provide the configuration steps for local users. I’ll also explain where the configuration differs for virtual users, and the basic changes or decisions that you need to consider, but I won’t provide the actual configuration for virtual users in this article.

Administering Dspam is a breeze. No rules to configure, new users can automatically benefit from a global dictionary and quarantine management is simple. But getting a Dspam quarantine set up the first time, without losing any email, can challenge the most seasoned mail administrators

The ingredients

There are many different recipes for putting together a mail server on Unix. I’m going to use these programs because they’re as good, or better than, anything else available.

Programs discussed in this article

First, install all of this software according to your distribution. In most cases, you should be able to install Postfix, Apache, mod_suexec, and Procmail through your distribution’s package management system. Dspam and Maildrop require custom configuration at compile time, so they usually need to be compiled from source code.

Getting Postfix running

Administering Postfix, or any other MTA, is the subject of many a book and it’s hard to do justice to the topic in a few hundred words. Before even attempting to get Dspam working, you should have Postfix up and running and successfully delivering to your mailboxes. You should have Postfix rejecting mail for invalid email accounts—the days when a “catchall” account caught anything other than spam are long gone. Besides, it’s much better to have real email users learn immediately when they’ve sent something to the wrong address, than for their message to get through and sit in quarantine with a few thousand spams.

Postfix is actually a collection of smaller programs, each dedicated to a particular task. One program talks to the outside world. Another cleans up message headers and determines the next place to direct a message. Others check that a message is valid.

Postfix comes with two different Local Delivery Agents (LDAs). These are the programs that actually deliver mail to a mailbox. The two LDAs are called Local and Virtual(8).

Local delivers mail to real Unix user accounts. When a remote mail server connects and attempts to send an email, Local can verify whether the corresponding local user account exists, allowing Postfix to accept or reject the message before even receiving it.

There are many different recipes for putting together a mail server on Unix. I’m going to use these programs because they’re as good, or better than, anything else available

Virtual(8) can deliver mail to a set of virtual users (users who don’t actually have a local Unix account); in the Postfix main configuration file, Virtual(8) uses directives starting with virtual_mailbox. There is also a Virtual(5), which is used to rewrite the destination address of an email before attempting delivery—this is entirely different, using virtual_alias directives in the Postfix configuration files. The numbers refer to the section of the man pages containing the documentation for the program. Virtual(8) uses a specified user id to deliver mail to any virtual user, and is limited to a single directory structure that you specify. Both Virtual(5) and Virtual(8) can be used to reject unknown users, exactly the same as Local.

Read the man pages to learn about these programs:

# man 8 local
# man 8 virtual
# man 5 virtual

Before adding any other programs to your mail server, get Postfix delivering mail to the correct place using one of its built-in LDAs. There are many How-Tos on the web to help you get this done—start with the links available at the Postfix web site.