Good morning.
I have a problem with my new installation of spamdyke-mysql. The spamdyke functionality is absolutely smashing, but I can't seem to get it to log to mysql and I am not quite sure what I am doing wrong.
My spamdyke.conf:
My output of config-test:
The mysql username and password are correct:
If there is other information you need to troubleshoot, please feel free to ask and I will provide it.
I have a problem with my new installation of spamdyke-mysql. The spamdyke functionality is absolutely smashing, but I can't seem to get it to log to mysql and I am not quite sure what I am doing wrong.
My spamdyke.conf:
Code:
# Available values: allow-all, normal, require-auth, reject-all
# Default: normal
filter-level=normal
config-mysql-database=spamdyke
config-mysql-username=spamdyke
config-mysql-password=spamdyke
# Delays the SMTP greeting banner for SECS seconds. A value of 0 disables this
# feature.
# Default: 0
greeting-delay-secs=5
# Limit incoming messages to NUM recipients. A value of 0 disables this
max-recipients=150
# Drop superuser privileges and run as USER instead.
# Default: none
#run-as-user=USER[:GROUP]
# DNS TESTS
# Reject connections from remote servers without rDNS names.
# Default: no
# Reject connections from servers with rDNS names that contain their IP address
# and end in a two-character country code.
# Reject messages from sender whose domain names have no MX records.
# Reject connections from servers with rDNS names that do not resolve to IP
# addresses.
# Default:no
# LOGGING
# Controls the amount (and detail) of the log messages spamdyke produces.
# Available values: none, error, info, verbose, debug, excessive
# Default: error
log-level=info
# Controls where spamdyke's log messages are sent.
# Available values: syslog, stderr
# Default: syslog
#log-target=VALUE
# Outputs all SMTP data into files in DIR.
#full-log-dir=DIR
# CONFIGURATION FILES
# Configuration files can include other configuration files.
#config-file=FILE
# Configuration directories are very powerful but can also be very complicated;
# don't use them if you don't need to.
# Controls how configuration directories are searched.
# Available values: first, all-ip, all-rdns, all-sender, all-recipient
# Default: first
# TIMEOUTS
# Close the connection after SECS seconds, regardless of activity. A value of
# 0 disables this feature.
#connection-timeout-secs=SECS
# Close the connection after SECS seconds of inactivity. A value of 0 disables
# this feature.
idle-timeout-secs=180
# SENDERS AND RECIPIENTS
# Reject all recipients that exactly match the sender address.
# LOCAL BLACKLISTS
# Reject connections from IP addresses that match IPADDRESS.
#ip-blacklist-entry=IPADDRESS
# Reject connections from IP addresses that match entries in FILE.
ip-blacklist-file=/var/qmail/spamdyke/blacklist_ip
# Reject connections from rDNS names that match NAME.
# Reject connections from rDNS names that match entries in FILE.
#rdns-blacklist-file=FILE
# Reject connections from rDNS names that match files in DIR.
#rdns-blacklist-dir=DIR
# Reject all messages sent to recipient ADDRESS.
#recipient-blacklist-entry=ADDRESS
# Reject all messages sent to any recipient address listed in FILE.
recipient-blacklist-file=/var/qmail/spamdyke/blacklist_recipients
# Reject all messages sent from sender ADDRESS.
#sender-blacklist-entry=ADDRESS
# Reject all messages sent from any sender address listed in FILE.
sender-blacklist-file=/var/qmail/spamdyke/blacklist_senders
# Reject connections from rDNS names that contain their IP address and KEYWORD.
#ip-in-rdns-keyword-blacklist-entry=KEYWORD
# Reject connections from rDNS names that contain their IP address and a keyword
# in FILE.
ip-in-rdns-keyword-blacklist-file=/var/qmail/spamdyke/blacklist_keywords
# LOCAL WHITELISTS
# Whitelist connections from IP addresses that match IPADDRESS.
#ip-whitelist-entry=IPADDRESS
# Whitelist connections from IP addresses that match entries in FILE.
ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip
# Whitelist connections from rDNS names that match NAME.
# Whitelist connections from rDNS names that match entries in FILE.
rdns-whitelist-file=/var/qmail/spamdyke/whitelist_rdns
# Whitelist connections from rDNS names that match files in DIR.
#rdns-whitelist-dir=DIR
# Whitelist all messages sent to recipient ADDRESS.
#recipient-whitelist-entry=ADDRESS
# Whitelist all messages sent to any recipient address listed in FILE.
#recipient-whitelist-file=FILE
# Whitelist all messages sent from sender ADDRESS.
#sender-whitelist-entry=ADDRESS
# Whitelist all messages sent from any sender address listed in FILE.
sender-whitelist-file=/var/qmail/spamdyke/whitelist_senders
# Whitelist connections from rDNS names that contain their IP address and
# KEYWORD.
#ip-in-rdns-keyword-whitelist-entry=KEYWORD
# Whitelist connections from rDNS names that contain their IP address and a
# keyword in FILE.
#ip-in-rdns-keyword-whitelist-file=FILE
# DNS-BASED BLACKLISTS
# Check a DNS RBL.
# Check all DNS RBLs listed in FILE.
#dns-blacklist-file=FILE
# Check an RHSBL.
#rhs-blacklist-entry=RHSBL
# Check all RHSBLs listed in FILE.
#rhs-blacklist-file=FILE
# DNS-BASED WHITELISTS
# Check a DNS whitelist.
# Check all DNS whitelist listed in a file.
#dns-whitelist-file=FILE
# Check an RHS whitelist.
#rhs-whitelist-entry=RHSBL
# Check all RHS whitelists listed in FILE.
#rhs-whitelist-file=FILE
# GRAYLISTING
# Controls the behavior of spamdyke's graylist filter.
# Available values: none, always, always-create-dir, only, only-create-dir
graylist-level=always-create-dir
# Create the graylist files in DIR.
graylist-dir=/var/qmail/spamdyke/greylist
# Invalidate graylist entries after SECS seconds. A value of 0 deactivates this
graylist-max-secs=1814400
# Graylist entries are not valid until they are SECS seconds old. A value of 0
# deactivates this feature.
graylist-min-secs=300
# Reverse the current graylist behavior for incoming connections whose IP
# addresses match IPADDRESS.
#graylist-exception-ip-entry=IPADDRESS
# Read a list of IP addresses from a file and reverse the current graylist
# behavior for any connections from matching IP addresses.
#graylist-exception-ip-file=FILE
# Reverse the current graylist behavior for incoming connections whose rDNS
# names match NAME.
# Default: none.
#graylist-exception-rdns-entry=NAME
# Read a list of rDNS names from a file and reverse the current graylist
# behavior for any connections from matching rDNS names.
#graylist-exception-rdns-file=FILE
# Search an rDNS directory and reverse the current graylist behavior for any
# connections from matching rDNS names.
#graylist-exception-rdns-dir=DIR
# SMTP AUTHENTICATION
# Controls the way spamdyke offers, supports and processes SMTP authentication.
# Available values: none, observe, ondemand, ondemand-encrypted, always,
# always-encrypted
# Default: observe
#smtp-auth-level=ondemand-encrypted
smtp-auth-level=always-encrypted
# Process authentication by running COMMAND, if necessary.
smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /bin/true
# Use NAME as the local server's name during CRAM-MD5 authentication.
# Default: unknown.server.unknown.domain
#hostname=NAME
# Read the local server's name from the first line of FILE for use during
# CRAM-MD5 authentication.
# Default: /var/qmail/control/me
#hostname-file=FILE
# Run COMMAND and read the local server's name from the first line of output
# for use during CRAM-MD5 authentication.
#hostname-command=COMMAND
# TLS / SSL
# Controls the way spamdyke offers and supports TLS or SMTPS.
# Available values: none, smtp, smtp-no-passthrough, smtps
tls-level=smtp
# Read SSL certificate from FILE.
tls-certificate-file=/var/qmail/control/servercert.pem
# Read SSL certificate private key from FILE.
#tls-privatekey-file=FILE
# Decrypt SSL certificate private key using PASSWORD.
#tls-privatekey-password=PASSWORD
# Read the password for the SSL certificate private key from the first line of
# FILE.
#tls-privatekey-password-file=FILE
# Only use the ciphers in LIST during TLS or SMTPS.
# Default: DEFAULT
#tls-cipher-list=LIST
# RELAYING OPTIONS
# Sets spamdyke's relay protection level.
# Available values: block-all, no-check, normal, allow-all
#relay-level=VALUE
# spamdyke's relay protection requires reading qmail's access file.
# This file is usually: /etc/tcp.smtp
access-file=/etc/smtp_access.txt
# Several features require access to the list of locally hosted domains.
# This file is usually: /var/qmail/control/rcpthosts
local-domains-file=/var/qmail/control/rcpthosts
# Adds a single domain to spamdyke's list of locally hosted domains.
#local-domains-entry=DOMAIN
# DNS OPTIONS
# These options should only be used if spamdyke's default behavior is causing
# problems.
# Sets the aggressiveness of spamdyke's DNS resolver.
# Available values: none, normal, aggressive
# Default: aggressive
#dns-level=VALUE
# Adds a nameserver to spamdyke's list of primary nameservers.
# Default: none (reads nameservers from /etc/resolv.conf)
#dns-server-ip-primary=IP[:PORT]
# Adds a nameserver to spamdyke's list of secondary nameservers.
#dns-server-ip=IP[:PORT]
# Sets the number of times spamdyke queries its primary nameservers.
# Default: 1
#dns-max-retries-primary=NUM
# Sets the total number of times spamdyke queries nameservers.
# Default: 3
#dns-max-retries-total=NUM
# Sets the total number of seconds spamdyke will spend on any DNS query.
# Default: 30
#dns-timeout-secs=SECS
# Sets the name of the file to read for the list of default nameservers.
# Default: /etc/resolv.conf
#dns-resolv-conf=FILE
# Controls whether TCP is used for DNS queries (when needed).
# Available values: none, normal
#dns-tcp=VALUE
# Controls how DNS spoofing is handled.
# Available values: accept-all, accept-same-ip, accept-same-port, reject
# Default: accept-all
#dns-spoof=VALUE
# Controls the types of queries performed when looking up an IP address.
# Available values: a, cname
# Default: a + cname
#dns-query-type-a=VALUE
# Controls the types of queries performed when looking up a mail exchanger.
# Available values: a, cname, mx
# Default: a + cname + mx
#dns-query-type-mx=VALUE
# Controls the types of queries performed when looking up a reverse DNS record.
# Available values: cname, ptr
# Default: cname + ptr
#dns-query-type-ptr=VALUE
# Controls the types of queries performed when looking up a records in DNS RBLs,
# DNS RWLs, DNS RHSBLs and DNS RHSWLs.
# Available values: a, cname, txt
# Default: a + cname + txt
#dns-query-type-rbl=VALUE
# REJECTION MESSAGES
# Append URL to the end of every rejection message sent to the remote server.
policy-url=http://domain.com/spam-why-blocked
# Use TEXT as the rejection message when a connection is blocked because the
# remote server matches a line in an access file that denies access.
# Default: Refused.
config-dir=/var/qmail/spamdyke/conf.d
config-dir=/var/qmail/spamdyke/conf.s
reject-empty-rdns
reject-ip-in-cc-rdns
reject-missing-sender-mx
reject-unresolvable-rdns
reject-identical-sender-recipient
My output of config-test:
Code:
spamdyke -f /etc/spamdyke.conf --config-test /var/qmail/bin/qmail-smtpd
spamdyke 4.3.1+TLS+CONFIGTEST+DEBUG+MYSQL[haggybear.de] (C)2012 Sam Clippinger, samc (at) silence (dot) org
http://www.spamdyke.org/
Use -h for an option summary or see README.html for complete option details.
WARNING: Running tests as superuser root(0), group root(0). These test results may not be valid if the mail server runs as another user.
SUCCESS(binary-check): File is executable: /usr/local/bin/spamdyke
SUCCESS: /var/qmail/bin/qmail-smtpd appears to offer TLS support but spamdyke will intercept and decrypt the TLS traffic so all of its filters can operate.
SUCCESS: /var/qmail/bin/qmail-smtpd appears to offer SMTP AUTH support but spamdyke will offer and process all authentication itself.
SUCCESS(access-file): Opened for reading: /etc/smtp_access.txt
SUCCESS(ip-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_ip_davidandlynn_com
SUCCESS(ip-in-rdns-keyword-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_keywords_davidandlynn_com
SUCCESS(ip-whitelist-file): Opened for reading: /var/qmail/spamdyke/whitelist_ip_davidandlynn_com
SUCCESS(rdns-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_rdns_davidandlynn_com
SUCCESS(rdns-whitelist-file): Opened for reading: /var/qmail/spamdyke/whitelist_rdns_davidandlynn_com
SUCCESS(recipient-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_recipient_davidandlynn_com
SUCCESS(recipient-whitelist-file): Opened for reading: /var/qmail/spamdyke/whitelist_recipient_davidandlynn_com
SUCCESS(sender-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_senders_davidandlynn_com
SUCCESS(sender-whitelist-file): Opened for reading: /var/qmail/spamdyke/whitelist_senders_davidandlynn_com
SUCCESS(config-file): Opened for reading: /etc/spamdyke.conf
SUCCESS(dns-resolv-conf): Opened for reading: /etc/resolv.conf
INFO(graylist-level): Local domain has no domain directory; spamdyke will create the directory when needed: snip .. snip .. snip
SUCCESS(graylist-level): Graylist directory tests succeeded: /var/qmail/spamdyke/greylist
SUCCESS(hostname-file): Opened for reading: /var/qmail/control/me
SUCCESS(ip-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_ip
SUCCESS(ip-in-rdns-keyword-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_keywords
SUCCESS(ip-whitelist-file): Opened for reading: /var/qmail/spamdyke/whitelist_ip
SUCCESS(local-domains-file): Opened for reading: /var/qmail/control/rcpthosts
SUCCESS(rdns-whitelist-file): Opened for reading: /var/qmail/spamdyke/whitelist_rdns
SUCCESS(recipient-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_recipients
SUCCESS(sender-blacklist-file): Opened for reading: /var/qmail/spamdyke/blacklist_senders
SUCCESS(sender-whitelist-file): Opened for reading: /var/qmail/spamdyke/whitelist_senders
SUCCESS(smtp-auth-level): File is executable: /var/qmail/bin/smtp_auth
SUCCESS(tls-certificate-file): Opened for reading: /var/qmail/control/servercert.pem
SUCCESS(tls-certificate-file): Certificate and key loaded; SSL/TLS library successfully initialized
SUCCESS: Tests complete. No errors detected.
The mysql username and password are correct:
Code:
mysql --user=spamdyke --password=spamdyke spamdyke
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 15637
Server version: 5.5.27 MySQL Community Server (GPL) by Atomicorp
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> describe spamdyke_log_table;
+--------+-------------+------+-----+-------------------+-------+
| Field | Type | Null | Key | Default | Extra |
+--------+-------------+------+-----+-------------------+-------+
| Id | bigint(7) | NO | PRI | NULL | |
| Time | timestamp | NO | MUL | CURRENT_TIMESTAMP | |
| Reason | varchar(20) | NO | MUL | NULL | |
| From | varchar(50) | NO | | NULL | |
| To | varchar(50) | NO | | NULL | |
| Ip | varchar(15) | NO | | NULL | |
| Rdns | varchar(50) | NO | | NULL | |
| Auth | varchar(25) | NO | | NULL | |
+--------+-------------+------+-----+-------------------+-------+
8 rows in set (0.06 sec)
mysql> quit
Bye
If there is other information you need to troubleshoot, please feel free to ask and I will provide it.