Friday, February 1, 2013

Different between ESX vs ESXi

This is very usefull, to who people want to implement Vmware vSphere ESXi

Compassion between ESX and ESXi

Monday, January 14, 2013

Trying ZFS dedup in FreeBSD 9.1 R

I research ZFS with deduplication running on FreeBSD.

In computing, data deduplication is a specialized data compression technique for eliminating duplicate copies of repeating data. Related and somewhat synonymous terms are intelligent (data) compression and single-instance (data) storage. The technique is used to improve storage utilization and can also be applied to network data transfers to reduce the number of bytes that must be sent. In the deduplication process, unique chunks of data, or byte patterns, are identified and stored during a process of analysis. As the analysis continues, other chunks are compared to the stored copy and whenever a match occurs, the redundant chunk is replaced with a small reference that points to the stored chunk. Given that the same byte pattern may occur dozens, hundreds, or even thousands of times (the match frequency is dependent on the chunk size), the amount of data that must be stored or transferred can be greatly reduced.

My box is running FreeBSD 9.1 R.

root@skyline:/root # uname -v
FreeBSD 9.1-RELEASE #0 r243825: Tue Dec  4 09:23:10 UTC 2012
root@skyline:/root # zpool list
zroot  1.81T  1.49G  1.81T     0%  1.00x  ONLINE  -
root@skyline:/root #
root@skyline:/root # zfs get all zroot

NAME    PROPERTY    VALUE    SOURCE           
zroot    type    filesystem    -           
zroot    creation    Fri    Jan    11    16:52    2013
zroot    used    3.55G    -           
zroot    available    1.78T    -           
zroot    referenced    373M    -           
zroot    compressratio    1.50x    -           
zroot    mounted    yes    -           
zroot    quota    none    default           
zroot    reservation    none    default           
zroot    recordsize    128K    default           
zroot    mountpoint    legacy    local           
zroot    sharenfs    off    default           
zroot    checksum    fletcher4    local           
zroot    compression    off    default           
zroot    atime    on    default           
zroot    devices    on    default           
zroot    exec    on    default           
zroot    setuid    on    default           
zroot    readonly    off    default           
zroot    jailed    off    default           
zroot    snapdir    hidden    default           
zroot    aclmode    discard    default           
zroot    aclinherit    restricted    default           
zroot    canmount    on    default           
zroot    xattr    off    temporary           
zroot    copies    1    default           
zroot    version    5    -           
zroot    utf8only    off    -           
zroot    normalization    none    -           
zroot    casesensitivity    sensitive    -           
zroot    vscan    off    default           
zroot    nbmand    off    default           
zroot    sharesmb    off    default           
zroot    refquota    none    default           
zroot    refreservation    none    default           
zroot    primarycache    all    default           
zroot    secondarycache    all    default           
zroot    usedbysnapshots    0    -           
zroot    usedbydataset    373M    -           
zroot    usedbychildren    3.19G    -           
zroot    usedbyrefreservation    0    -           
zroot    logbias    latency    default           
zroot    dedup    off    default           
zroot    mlslabel    -               
zroot    sync    standard    default           
zroot    refcompressratio    1.00x    -           
zroot    written    373M    -
root@skyline:/root #

Because the dedup function is turning off, so I have to make it on.

root@skyline:/root # zfs set dedup=on zroot
root@skyline:/root # zfs get compression,dedup zroot
zroot  compression  off            local
zroot  dedup        on             local
root@skyline:/root #

From that information the dedup musbe on. I am making simulation that the dedup is working.

root@skyline:/ # cd /home/
root@skyline:/home # ls
root@skyline:/home # mkdir Testdedup1
root@skyline:/home # mkdir Testdedup2
root@skyline:/home # mkdir Testdedup3
root@skyline:/home #

root@skyline:/home # du -hs Testdedup*
1.5k    Testdedup1
1.5k    Testdedup2
1.5k    Testdedup3

root@skyline:/home # df -h
Filesystem         Size    Used   Avail Capacity  Mounted on

zroot              1.8T    372M    1.8T     0%    /
devfs              1.0k    1.0k      0B   100%    /dev
zroot/tmp          1.8T     35k    1.8T     0%    /tmp
zroot/usr          1.8T    377M    1.8T     0%    /usr
zroot/usr/ports    1.8T    406M    1.8T     0%    /usr/ports
zroot/usr/src      1.8T    358M    1.8T     0%    /usr/src
zroot/var          1.8T    6.3M    1.8T     0%    /var
zroot/var/empty    1.8T     31k    1.8T     0%    /var/empty
zroot/var/run      1.8T     59k    1.8T     0%    /var/run
zroot/var/tmp      1.8T     32k    1.8T     0%    /var/tmproot@skyline:/home # du -hs /home
6.0k    /home
root@skyline:/home #

root@skyline:/root # zpool list
zroot  1.81T  1.49G  1.81T     0%  1.00x  ONLINE  -
root@skyline:/root #

As we can see, that the free ALLOC is 1.49 TB. I will copy the 2.2 GB to the zroot, and other Testdedup folder.

root@skyline:/root # zpool list
zroot  1.81T  3.61G  1.81T     0%  1.00x  ONLINE  -
root@skyline:/root #

root@skyline:/home # du -hs *
2.1G    Testdedup1
1.5k    Testdedup2
1.5k    Testdedup3
root@skyline:/home #

root@skyline:/home # cp Testdedup1/FreeBSD-8.2-RELEASE-i386-dvd1.iso Testdedup2/
root@skyline:/home # du -hs *
2.1G    Testdedup1
2.1G    Testdedup2
1.5k    Testdedup3

root@skyline:/home # zpool list
zroot  1.81T  3.62G  1.81T     0%  2.00x  ONLINE  -
root@skyline:/home #

I copy to another Testdedup3

cp Testdedup1/FreeBSD-8.2-RELEASE-i386-dvd1.iso Testdedup3/
root@skyline:/home # du -hs *
2.1G    Testdedup1
2.1G    Testdedup2
2.1G    Testdedup3
root@skyline:/home #

How about if I rename the source file to FreeBSD-8.2-RELEASE-i386-dvd1.iso.renamefile

root@skyline:/home # mv Testdedup1/FreeBSD-8.2-RELEASE-i386-dvd1.iso Testdedup1/FreeBSD-8.2-RELEASE-i386-dvd1.iso.renamefile
root@skyline:/home # ls
TestRenameDedup1        Testdedup1              Testdedup2              Testdedup3
root@skyline:/home # du -hs *
1.5k    TestRenameDedup1
2.1G    Testdedup1
2.1G    Testdedup2
2.1G    Testdedup3
root@skyline:/home # cp Testdedup1/FreeBSD-8.2-RELEASE-i386-dvd1.iso.renamefile TestRenameDedup1/
root@skyline:/home # du -hs *
2.1G    TestRenameDedup1
2.1G    Testdedup1
2.1G    Testdedup2
2.1G    Testdedup3
root@skyline:/home #

root@skyline:/home # ls -al TestRenameDedup1/
total 2225265
drwxr-xr-x  2 root  wheel           3 Jan 14 11:43 .
drwxr-xr-x  6 root  wheel           6 Jan 14 11:42 ..
-rw-r--r--  1 root  wheel  2276931584 Jan 14 11:44 FreeBSD-8.2-RELEASE-i386-dvd1.iso.renamefile
root@skyline:/home #

root@skyline:/home # zpool list
zroot  1.81T  3.62G  1.81T     0%  4.00x  ONLINE  -
root@skyline:/home #

As we can see that,  the ALLOC is still 3.62 GB

Note :
from man zpool hereis the some of explanation.

alloc          Amount of storage space within the pool that has been physi-
                  cally allocated.
capacity     Percentage of pool space used. This property can also be
                  referred to by its shortened column name, "cap".
dedupratio  The deduplication ratio specified for a pool, expressed as a
                  multiplier.  For example, a value of 1.76 indicates that 1.76
                  units of data were stored but only 1 unit of disk space was
                  actually consumed. See zfs(8) for a description of the dedu-
                  plication feature.
 free           Number of blocks within the pool that are not allocated.
 size           Total size of the storage pool.

Friday, January 4, 2013

Data Center Basic, a brief

Today, ICT stand for Information and Communication Technology, for some people specially in big city in the world is basic needs. As we can see, the technology is growth so fast. Internet connection and telecommunication right now is never sleep. Start from my experience on 1995 my first experience browsing using modem 28 kbps, and today my internet connection in my house is 1 mbps, and the contents is vary from text or news become streaming. So that's why the rapid growth of data become exponential growth.
Data center is vital, from data center design, architecture, requirement etc, must be calculate.

A data center or computer centre (also datacenter) is a facility used to house computer systems and associated components, such as telecommunications and storage systems. It generally includes redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and security devices. 

Availability, in other word is no downtime, even planed or unplanned downtime.

Availability % Downtime per year Downtime per month* Downtime per week
90% ("one nine") 36.5 days 72 hours 16.8 hours
95% 18.25 days 36 hours 8.4 hours
97% 10.96 days 21.6 hours 5.04 hours
98% 7.30 days 14.4 hours 3.36 hours
99% ("two nines") 3.65 days 7.20 hours 1.68 hours
99.5% 1.83 days 3.60 hours 50.4 minutes
99.8% 17.52 hours 86.23 minutes 20.16 minutes
99.9% ("three nines") 8.76 hours 43.8 minutes 10.1 minutes
99.95% 4.38 hours 21.56 minutes 5.04 minutes
99.99% ("four nines") 52.56 minutes 4.32 minutes 1.01 minutes
99.999% ("five nines") 5.26 minutes 25.9 seconds 6.05 seconds
99.9999% ("six nines") 31.5 seconds 2.59 seconds 0.605 seconds
99.99999% ("seven nines") 3.15 seconds 0.259 seconds 0.0605 seconds

As we can see above, total allowable downtime for planned and unplanned downtime. Base on the SLA/SR
In real life, the cause of downtime can several factors for example blackout power electricity, UPS failure, wrong calcutation, hardware failure, software bugs, human error/unskilled operator.

ICT  especially Enterprise/middle scale must be managed and organize correctly. Strategic, design, transition, operation and continual service improvement should be implement correctly (base on ITIL), YES it's not easy, but it doesn't mean impossible.

The calculation cause by downtime from "IT outage" impact to the lost of revenue.We can calculate base on this equation below.

Quantify Lost Revenue Costs

Revenue Cost = (Revenue / Annual Hours) X Impact X Outage Hours

Revenue = Gross annual revenue
Annual Hours = Total annual business hours
Impact = Percentage impact (e.g. % reduction in transactions or dollars during outage)
Outage Hours = Number of hours of outage

Quantify Lost Labor Costs

Labor Cost = People X Impact X Rate X Hours

People = Number of workers affected
Impact = Avg. % of work they could not perform
Rate = Average employee cost per hour
Hours = Number of hours of outage

Well, even I work in mining company it's really different with retail or banking etc,  but I believe that calculation is close to the real cost.

Solaris fail to boot, stack in grub

In December 10, 2012, my file server getting failure with unknown reason. After booting the system, it stack in grub command with the following error.

"Error 15: File not found"

Information after repair the grub.
[root@northern ~]#uname -a
SunOS 5.10 Generic_141445-09 i86pc i386 i86pc
[root@northern ~]#
[root@northern ~]#isainfo -kv
64-bit amd64 kernel modules
[root@northern ~]#

I got the idea and reference from this following link

After making plan (because this zpool contain about 1.7 TB) I decided to try repair the boot loader.

Here is my step :
1. Boot from disk solaris.
2. Choose the "Single User Shell"
3. It will search for Installed OS instances ...
4. OS was found with the following list.
 somethink like this :

1 zfs-RAID-5.0:DiskID   ROOT/s10x_u8wos_08a

5. Try to mount the ZFS pool. Choose the number
6. cd /a
7. Make sure the drive can be read, try with ls command
8. cd /a/boot/grub
9. installgrub stage1 stage 2 /dev/rdsk/c0t0d0s0

Reboot the system, and the system is UP again.

I must check the zpool healthy, unfortunately the zpool is degraded.

[root@northern rdsk]#zpool list
zfs-RAID-5.0  1.81T  1.77T  48.4G    97%  DEGRADED  -
[root@northern rdsk]#
[root@northern rdsk]#zpool status
pool: zfs-RAID-5.0
 state: DEGRADED
status: One or more devices has experienced an error resulting in data
        corruption.  Applications may be affected.
action: Restore the file in question if possible.  Otherwise restore the
        entire pool from backup.
 scrub: none requested

        NAME        STATE     READ WRITE CKSUM
        zfs-RAID-5.0  DEGRADED     0     0    14
          c0t0d0s0  DEGRADED     0     0    28  too many errors

errors: 1 data errors, use '-v' for a list
[root@northern rdsk]#

This mean that the disk is degraded.

For disaster recovery, always make backup and secondary backup. Make some scenario for disaster recovery, drill the operator and so on.

Wednesday, January 2, 2013

Nginx Configuration example

Here is nginx configuration for some purpose. This example is for roundcube, drupal, and postfix.

server {
        listen       80 ;
        listen       443 ssl;

        #server_name  localhost;

        ssl_certificate      server.crt;
        ssl_certificate_key  server.key;

        ssl_session_timeout  5m;

        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   /usr/local/www/nginx;
            index  index.html index.htm index.php;

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/local/www/nginx-dist;

        # proxy the PHP scripts to Apache listening on
        #location ~ \.php$ {
        #    proxy_pass;

        # pass the PHP scripts to FastCGI server listening on
        location ~ \.php$ {
            root           html;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  /usr/local/www/$fastcgi_script_name;
            include        fastcgi_params;

# Alias Directory

        location /roundcube {
        alias //usr/local/www/roundcube; # Roundcube directory
        #deny all;
        deny all;
        index index.php;

        location ~ /roundcube/.*\.php$ {
        if ($fastcgi_script_name ~ /roundcube(/.*\.php)$) {
        set $valid_fastcgi_script_name $1;

        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /usr/local/www/roundcube$valid_fastcgi_script_name;
        include fastcgi_params;

location /postfixadmin {
        alias //usr/local/www/postfixadmin; # Postifx Directory
        #deny all;
        deny all;
        index index.php index.html index.htm;

        location ~ /postfixadmin/.*\.php$ {
        if ($fastcgi_script_name ~ /postfixadmin(/.*\.php)$) {
        set $valid_fastcgi_script_name $1;

        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /usr/local/www/postfixadmin$valid_fastcgi_script_name;
        include fastcgi_params;

location /portal {
        alias //usr/local/www/portal; # Drupal directory
        #deny all;
#        allow;
        allow all;
        index index.php index.html index.htm;

        location ~ /portal/.*\.php$ {
        if ($fastcgi_script_name ~ /portal(/.*\.php)$) {
        set $valid_fastcgi_script_name $1;

        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /usr/local/www/portal$valid_fastcgi_script_name;
        include fastcgi_params;
# End of alias directory

Friday, December 28, 2012

Upgrading FreeBSD 8.2 to STABLE

After for a long time not posting blogspot. In my spare time making documentation for upgrading FreeBSD release to stable. This is old topic and so many documentation around but it's still important who is consider for upgrading FreeBSD to Stable one.

So whats the different between Current and Stable? Well, I think you should read this link :)

This is my email server.

mail# uname -a
FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Tue Dec 25 00:22:30 WIT 2012  i386

As we can see, is using FreeBSD 8.2-RELEASE, and I need to upgrade to STABLE one.

First, install cvsup using ports.
mail#make install clean
cp `cat ../M3TARGET`/cvpasswd.1 /usr/local/man/man1/cvpasswd.1
chmod 644 /usr/local/man/man1/cvpasswd.1
===>   Compressing manual pages for cvsup-without-gui-16.1h_4
===>   Registering installation for cvsup-without-gui-16.1h_4
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:

After everything is OK, copy the default configuration of stable supfile in :
mail# cp /usr/share/examples/cvsup/stable-supfile /root/

Edit stable-supfile.

Here is for example :

*default base=/var/db
*default prefix=/usr
*default release=cvs tag=RELENG_8
*default delete use-rel-suffix

# If you seem to be limited by CPU rather than network or disk bandwidth, try
# commenting out the following line.  (Normally, today's CPUs are fast enough
# that you want to run compression.)
*default compress

## Main Source Tree.
# The easiest way to get the main source tree is to use the "src-all"
# mega-collection.  It includes all of the individual "src-*" collections.
# Please note:  If you want to track -STABLE, leave this uncommented.

mail# cvsup -g -L 2 stable-supfile &
Checkout src/usr.sbin/zzz/Makefile
Checkout src/usr.sbin/zzz/zzz.8
Checkout src/usr.sbin/zzz/
Shutting down connection to server
Finished successfully

[1]    Done                          cvsup -g -L 2 stable-supfile

Remove OLD obj in directory /usr/obj if needed.

Now is time to buildworld, because I custimize my kernel options, so I have to build kernel too.
You can skip this, if using default kernel options.

mail#cd /usr/src
mail# make buildworld
mail# make buildkernel KERNCONF=MYKERNEL

After for awhile, compile kernel is complete

text    data     bss     dec     hex filename
8465186  752516  608536 9826238  95efbe kernel.debug
objcopy --only-keep-debug kernel.debug kernel.symbols
objcopy --strip-debug --add-gnu-debuglink=kernel.symbols kernel.debug kernel
>>> Kernel build for MYKERNEL completed on Fri Dec 28 06:49:32 WIT 2012

mail# make installkernel KERNCONF=MYKERNELmail# make installworld
mail# reboot

Check server using this command below.

mail# uname -a
FreeBSD 8.3-STABLE FreeBSD 8.3-STABLE #0: Fri Dec 28 06:49:27 WIT 2012  i386


Tuesday, December 25, 2012

Simple command and very useful in Windows

I use this command for administering My server, Microsft Windows 2003 Enterprise.

xcopy /c /e /f /h /i /a /s /v /D /z /Y Z:\ E:\share

FORFILES /P D:\Backup /S /M *.bak /D 01/06/2012 /C "cmd /c xcopy @file F:\DB1011\2011 /Y"

FORFILES /P %backupgl% /S /M *.bak /D -366 /C "cmd /c del @file"

Robocopy X:\*.* C:\temp /E /Z /SEC /MIR /R:1 /LOG:%log%

Robocopy command you can download it from microsoft website.

Saturday, December 1, 2012

viperbsd# uname -a
FreeBSD 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sat Jun 7 01:50:54 WIT 2008 i386

#cd /usr/src
# make buildworld
# make buildkernel KERNCONF=ROUTER
# make installkernel KERNCONF= ROUTER
# make installworld
# reboot

DTrace on FreeBSD

DTrace, also known as Dynamic Tracing, was developed by Sun™ as a tool for locating performance bottlenecks in production and pre-production systems. It is not, in any way, a debugging tool, but a tool for real time system analysis to locate performance and other issues. (

Well, I am trying to install on my old machine, FreeBSD 7.1

Add this following options to your configuration kernel.

options KDTRACE_HOOKS # Kernel DTrace hooks
options DDB_CTF

Compile your kernel with this options WITH_CTF=1

This articel is out of date. Not open my blog for long time, still in draft.

Friday, June 8, 2012

Installing Spamassassin Postfix/Dovecot on FreeBSD 8.2

I decided to install SpamAssassin in my email server. Actually, I already using spamcop, for at least more than 6 months our email server never get SPAM, fight using header_check, upgrading to pcre support. Well now I need install SpamAssassin.

On 2012 until this day we got huge traffic email. I have to protect the users from SPAM.

Email Traffic

Mails successfully sent

1,028,599448.49 GB
(457.2 KB/Mails)
Mails failed/refused

936,17323.55 GB

First, I upgrade my ports collections using cvsup.
#cvsup –L 2 port-supfiles
My old perl version is 5.8, so I have to upgrade to new one.
Don’t forget to read the UPDATING in /usr/ports/UPDATING (20110517)
This file, will explain many thinks.
#cd /usr/ports/mail/p5-Mail-SpamAssassin
#make clean
#make install

And I got these error :

NOTE: the optional HTTP::Date module is not installed.

  The "sa-update" program requires this module to make HTTP
  If-Modified-Since GET requests.

REQUIRED module missing: HTML::Parser
REQUIRED module missing: Net::DNS
REQUIRED module missing: NetAddr::IP
optional module missing: Digest::SHA1
optional module missing: Mail::SPF
optional module missing: IP::Country
optional module missing: Razor2
optional module missing: Net::Ident
optional module missing: IO::Socket::INET6
optional module missing: IO::Socket::SSL
optional module missing: Mail::DKIM
optional module missing: DBI
optional module missing: LWP::UserAgent
optional module missing: HTTP::Date

warning: some functionality may not be available,
please read the above report before continuing!

Can't open Makefile: No such file or directory.
===>  Building for p5-Mail-SpamAssassin-3.3.2_6
make: cannot open Makefile.
*** Error code 1
Stop in /usr/ports/mail/p5-Mail-SpamAssassin.
*** Error code 1
Stop in /usr/ports/mail/p5-Mail-SpamAssassin.

So I have to install perl module.
#perl –MCPAN –e shell
cpan[1]> install HTML::Parser Net::DNS NetAddr::IP Digest::SHA1 Mail::SPF IP::Country Razor2 Net::Ident IO::Socket::INET6 IO::Socket::SSL Mail::DKIM DBI LWP::UserAgent HTTP::Date
#cd /usr/ports/mail/p5-Mail-SpamAssassin
#make clean  (Don’t forget always make clean after getting error)
#make install
Some package maybe just already installs with older version, just make deinstall, make clean then, start again.

sa-update now places state files in /var/db/spamassassin and not
/var/lib/spamassassin.  This is to be consistant with Freebsd file
directory conventions.

If you run sa-compile, you will notice that files are in
/var/db/spamassassin/compiled// instead of
No attempts have been made to move old versions over. You must recomp            ile.

If you are running with spamd, you must add the following to rc.conf:

Security Note:  If you did NOT deselected AS_ROOT, spamd will be runn            ing
as root. To change this, also add this to rc.conf:
spamd_flags="-u spamd -H /var/spool/spamd"
===> Correct pkg-plist sequence to create group(s) and user(s)
===>   Compressing manual pages for p5-Mail-SpamAssassin-3.3.2_6
===>   Running ldconfig
/sbin/ldconfig -m /usr/local/lib
===>   Registering installation for p5-Mail-SpamAssassin-3.3.2_6
# netstat -a |grep LISTEN
tcp4       0      0 localhost.783          *.*                    LISTEN
Before configure and please READ CAREFULLY this

Spamassasin configuration

rewrite_header Subject **SPAM**
required_score 6.0
report_safe 1
use_bayes 1
bayes_path /var/spool/spamd/.spamassassin/bayes
skip_rbl_checks 0
use_razor2 0
use_dcc 0
use_pyzor 0
dns_available yes
header LOCAL_RCVD Received =~ /.*\(\S+\.mydomain\.com\s+\[.*\]\)/
describe LOCAL_RCVD Received: from
score LOCAL_RCVD -50
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000

I want to pool, all spam to one email is  a script :
#Filter Script
SENDMAIL="/usr/sbin/sendmail -i"


trap "rm -f /var/spool/spamd/filter/out.$$" 0 1 2 3 15
cat | /usr/local/bin/spamc -u spamd | sed 's/^\.$/../' > /var/spool/spamd/filter                      /out.$$

if $EGREP -q "^X-Spam-Level: \*{$SPAMLIMIT,}" < /var/spool/spamd/filter/out.$$
   $SENDMAIL < /var/spool/spamd/filter/out.$$
  $SENDMAIL "$@" < /var/spool/spamd/filter/out.$$

exit $?

edit the
#smtp      inet  n       -       n       -       -       smtpd
smtp      inet  n       -       n       -       -       smtpd
#        -o content_filter=filter:dummy
         -o content_filter=spamassassin:dummy
spamassassin    unix  -       n       n       -       10      pipe
    flags=Rq user=spamd argv=/usr/sbin/ -f ${sender} -- ${recipient}

Jun  8 16:52:36 blade postfix/qmgr[49965]: C8F22F7550: from=, size=1345, nrcpt=1 (queue active)
Jun  8 16:52:36 blade postfix/smtpd[96866]: disconnect from[]
Jun  8 16:52:36 blade spamd[86197]: spamd: connection from localhost [] at port 17055
Jun  8 16:52:36 blade spamd[86197]: spamd: processing message <> for spamd:58
Jun  8 16:52:36 blade spamd[86197]: spamd: clean message (-2.9/6.0) for spamd:58 in 0.1 seconds, 1353 bytes.
Jun  8 16:52:36 blade spamd[86197]: spamd: result: . -2 - ALL_TRUSTED,BAYES_00,T_RP_MATCHES_RCVD scantime=0.1,size=1353,user=spamd,uid=58,required_score=6.0,rhost=localhost,raddr=,rport=17055,mid=<>,bayes=0.000000,autolearn=ham
Jun  8 16:52:37 blade postfix/pickup[94779]: 002A3F7574: uid=58 from=
Jun  8 16:52:37 blade postfix/cleanup[97102]: 002A3F7574: message-id=<>
Jun  8 16:52:37 blade postfix/pipe[97103]: C8F22F7550: to=, relay=spamassassin, delay=0.18, delays=0.02/0/0/0.16, dsn=2.0.0, status=sent (delivered via spamassassin service)
Jun  8 16:52:37 blade postfix/qmgr[49965]: C8F22F7550: removed
Jun  8 16:52:37 blade spamd[1622]: prefork: child states: II
Jun  8 16:52:37 blade postfix/qmgr[49965]: 002A3F7574: from=, size=1683, nrcpt=1 (queue active)
Jun  8 16:52:37 blade postfix/virtual[97142]: 002A3F7574: to=, relay=virtual, delay=0.13, delays=0.06/0/0/0.07, dsn=2.0.0, status=sent (delivered to maildir)
Jun  8 16:52:37 blade postfix/qmgr[49965]: 002A3F7574: removed


Subject: **SPAM** =?GB2312?B?16jStcPYyunQ0NX+yMvUsby8xNzM4cn9?=
Date: Thu, 7 Jun 2012 05:44:11 +0800
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
X-Spam-Flag: YES
X-Spam-Level: **************
X-Spam-Status: Yes, score=15.0 required=6.0 tests=BAYES_99,DOS_OE_TO_MX,
     RCVD_IN_SORBS_WEB,RDNS_NONE,TO_NO_BRKTS_MSFT autolearn=spam version=3.3.2
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_4FCFCF20.8B19D0B7"
Message-Id: <>