Server 1: 11:22:25 up 442 days, 11:41,  1 user,  load average: 2.05, 1.43, 1.80
Server 2: 11:24:30 up 442 days,  9:41,  1 user,  load average: 1.02, 1.50, 1.33

Just some fun statistics.

My source code is here

Hardware LCD spec is here

bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/openldap-data: (2)
Expect poor performance for suffix dc=****,dc=****.
smbk5pwd: unable to initialize krb5 admin context: unable to find realm of host ****** (-1765328167).
backend_startup_one: bi_db_open failed! (-1)
slapd stopped.
connections_destroy: nothing to destroy.


This is because you have not created a configuration for kerberos yet.

To Fix:

cp /etc/krb5.conf.sample /etc/krb5.conf

1. Compile DSpam with daemon option and other flags which fit your environment. This allows us to pipe email back to postfix using smtp.
2. Setup the postfix master.cf configuration file to include dspam standard filter, a honeypot, spam and ham dspam entries as well enabling users to forward missed spam back to the system. While were at it we will also include a instance of postfix which will receive the filtered email back from the DSpam agent.

Postfix: master.cf

0.0.0.0:25 inet n - n - - smtpd
-o content_filter=dspam:dspam

<sending client port> inet n - n - - smtpd
-o smtpd_use_tls=yes -o smtpd_sasl_auth_enable=yes

127.0.0.1:<incoming port from dspam> inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

dspam unix - n n - 10 pipe
flags=Ru user=dspam argv=/usr/bin/dspam --deliver=innocent --user $recipient -i -f $sender -- $recipient

hspam unix - n n - 10 pipe
flags=Ru user=dspam argv=/usr/bin/dspam --class=spam --source=inoculation --user honeypot --deliver=innocent

spam unix - n n - 10 pipe
flags=Ru user=dspam argv=/usr/bin/dspam --class=spam --source=error --user dspam

notspam unix - n n - 10 pipe
flags=Ru user=dspam argv=/usr/bin/dspam --class=innocent --source=error --user dspam

3. Now we need to setup postfix to route specific addresses to the spam/notspam and hspam (inoculation) interfaces.

In postfix main.cf

hash:/etc/postfix/transport_maps_spams

In transport_maps_spams

<missed spam addr>@ktechs.net spam:nothing
<missed ham addr>@ktechs.net notspam:nothing
<a honeypot candidates addr>@ktechs.net hspam:nothing

4. We issue a postmap /etc/postfix/transport_maps_spams to create our postfix hash db file.
5. Add a setting for the honeypot email address in DSpam (likely by MySQL settings table for DSpam) to optout this user. We do this because the email when we first receive it will be filtered though DSpam then looked up in this transport map which will invoke the hspam hop.
6. Now we tell DSpam how to deliver back to postfix.

delivery portion of dspam.conf

DeliveryHost 127.0.0.1
DeliveryPort <Your delivery port in master.cf>
DeliveryIdent localhost
DeliveryProto SMTP