Translation(s): none

(!) ?Discussion

"DSPAM's powerful anti-spam engine is wrapped with easy-to-use commandline and web-based interfaces."

This page documents Debian specific configuration tweaks to dspam-webfrontend. The first draft was based on version 3.6.8-5etch1.


A few minor tweaks were required to get the dspam CGI interface going with apache2. Almost everything you need is either a depends, a suggestion (go aptitude), or a configuration example snippet. After applying the following, you should be able to restart apache2 and browse yoursite/dspam.


The dspam-apache2.conf configuration example snippet uses libapache2-mod-auth-pam. This authorization scheme makes the browser give an htauth user name and password prompt. The values are sent plain text to the server, so you are encouraged to get a working SSL virtualhost going first. Make sure you have ssl.load and ssl.conf linked into mods-enabled and your virtual host listening on port 443.


Once you have a working https site, you are in the home stretch. Copy the dspam-apache2.conf snippet into your ssl virtualhost container. Placing it near the bottom should be fine. We will modify the configuration by adding an additional line below AuthPAM_Enabled on:

AuthBasicAuthoritative Off

The dspam-apache2.conf snippet also uses ?SuexecUserGroup to run the dspam cgi's as dspam:dspam so that they can write to all their files. You should just need to symlink suexec.load into mods-enabled to get this going.

shadow group

As noted in the configuration snippet you will need to add user www-data to the shadow group to use PAM. If you use this apache instance for anything other than dspam, or don't trust dspam's CGI programs you may want to use another authentication method. This method is the simplest for local users. If you are OK with it adduser www-data shadow and stop/start apache2.