Hi,
sorry if I come back with the same question than recently, but I guess I have some configuration problem that prevents opendkim from doing the reputation SQL stuff.
I try to explain step-by-step how I have set up my stuff. Maybe I did something wrong. Hope you don't mind.
First of all I use opendkim latest version with my openkim-importstats patch I delivered here recently. I built it like that:
-------------------------------------------------------
./configure \
--sysconfdir=/etc/opendkim \
--localstatedir=/var \
--with-openssl \
--with-milter \
--with-tre \
--with-lua \
--with-openldap \
--with-sasl \
--with-unbound \
--with-ldns \
--with-sql-backend=mysql \
--with-odbx \
--with-domain=example.com \
--enable-ldap_caching \
--enable-reputation \
--enable-diffheaders \
--enable-rate_limit \
--enable-replace_rules \
--enable-redirect \
--enable-resign \
--enable-stats \
--enable-statsext \
--enable-rbl \
--enable-vbr \
--enable-reprrd
-------------------------------------------------------
make && make install
I have created this config file:
-------------------------------------------------------
# file: /etc/opendkim-verify.conf
LogWhy yes
Syslog yes
SyslogSuccess yes
Statistics /var/lib/opendkim/stats-verify
StatisticsPolicyScript /var/lib/opendkim/stats.lua
ReputationRatios repute:mx0.roessner-net.de
# One of the properties of the reputation system is that it computes recommended
# limits for each site participating in data collection and reporting. For
# example, if I have two sites reporting data to me, one of which reports
# hundreds of messages per day and one that reports millions, the rate limits we
# compute will need to be different for each of them, rather than one rate that
# applies to everyone. Providing your reporter-id in the query tells the REPUTE
# server who you are and thus how to select the limit you should be enforcing.
#
# The reporter-id is the "id" column of your matching entry in the "reporters"
# table. You would get it from the site running the REPUTE service you're
# querying (presumably, that's you). If you leave it off, a generic limit is
# returned which might not be optimal for your mail flow.
ReputationLimits repute:mx0.roessner-net.de:1
ReputationTimeFactor 24
ReputationMinimum 2
ReputationSpamCheck /^X-Spam-Status: ?[Yy][Ee][Ss]/
# Socket inet6:8891_at_[::1]
Socket local:/var/spool/postfix/opendkim/verify.sock
UMask 0117
Background yes
PidFile /var/run/opendkim/opendkim-verify.pid
SendReports no
AlwaysAddARHeader yes
Mode v
TemporaryDirectory /var/lib/opendkim/tmp
TrustAnchorFile /etc/opendkim/root.key
UserID opendkim:opendkim
VBR-TrustedCertifiers dwl.spamhaus.org
SoftwareHeader yes
-------------------------------------------------------
I have these tables in my MySQL database:
-------------------------------------------------------
mysql> show tables;
+--------------------+
| Tables_in_opendkim |
+--------------------+
| aggregate |
| domains |
| ipaddrs |
| messages |
| predictions |
| reporters |
| sigerrorcodes |
| signatures |
+--------------------+
-------------------------------------------------------
I have this shell script which is called from cron:
-------------------------------------------------------
cat /usr/local/sbin/opendkim-reputation.sh:
#!/bin/bash
DBHOST="localhost"
DBNAME="opendkim"
DBUSER="opendkim"
DBPASS="hidden"
DBPORT="3306"
DBSCHEME="mysql"
STATSFILE="/var/lib/opendkim/stats-verify"
WWW_GRAPH="/var/www/graphs/index.html"
WWW_STATS="/var/www/stats/index.html"
case "$1" in
hourly)
# Fill new stats data into SQL database
if [[ -f ${STATSFILE} ]]; then
opendkim-importstats \
--dbhost=${DBHOST} \
--dbport=${DBPORT} \
--dbuser=${DBUSER} \
--dbpasswd=${DBPASS} \
--dbscheme=${DBSCHEME} \
< ${STATSFILE}
rm -rf ${STATSFILE}
fi
# Refresh RRD
opendkim-reprrdimport \
--dbhost=${DBHOST} \
--dbport=${DBPORT} \
--dbuser=${DBUSER} \
--dbpasswd=${DBPASS}
# Refresh all graphs
opendkim-gengraphs \
--dbhost=${DBHOST} \
--dbport=${DBPORT} \
--dbuser=${DBUSER} \
--dbpasswd=${DBPASS} \
--output=${WWW_GRAPH}
# Refresh all statistics
opendkim-genstats \
--dbhost=${DBHOST} \
--dbport=${DBPORT} \
--dbuser=${DBUSER} \
--dbpasswd=${DBPASS} \
--output=${WWW_STATS}
;;
daily)
# Caluculate total rates
opendkim-modtotals \
--dbhost=${DBHOST} \
--dbport=${DBPORT} \
--dbuser=${DBUSER} \
--dbpasswd=${DBPASS}
# Generate rates for the reputation service
opendkim-genrates \
--dbhost=${DBHOST} \
--dbport=${DBPORT} \
--dbuser=${DBUSER} \
--dbpasswd=${DBPASS}
;;
*)
echo "$0 {hourly|daily}"
exit 1
;;
esac
exit 0
-------------------------------------------------------
You can find my stuf under:
http://mx0.roessner-net.de/stats/
http://mx0.roessner-net.de/graphs/
If calling my my opendkim-reputation.sh daily, I get this error:
-------------------------------------------------------
opendkim-genrates: unable to determine low-time threshold
-------------------------------------------------------
I have no clue if this is normal or what behavior would come up :)
Also short question: did my little getopt_long patch arrive?
Thanks in advance
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich
Received on Mon Nov 05 2012 - 18:21:09 PST