Re: Quarantine Management
On Sat, 10 Apr 2010, Dennis B. Hopp wrote: What are people using for quarantine management with spamassassin? We use an homegrown arrangement. I've forgotten the details since it's running without problems since ages, but in the nutshell we have this: - spam is quarantined system-wide (not by user) in a daily folder (actually two, one on each MX) - a crontab rotates the quarantine folder. We keep one week of old folders. - the same crontab sends a report to each user which has received some spam. A complex awk arrangement which also expand mail aliases so it signals also spam sent to internal mailing lists. The list is essentially in a form of lists of from/to/subject. So each user receives 2 to 2n reports (2 one per MX, 2n if there was also spam for n-1 mailing lists he is member of). The user can look at the report and ask for occasional false positives to the sys adm. We get, I guess, only a few of them per month for all our users. See note (*) - the same crontab prepares material for statistics (run later by another crontab of mine) - another crontab (on both MX), using the result of the previous one stored on a shared disk, runs sa-learn, so that both servers learn the same spam. The same crontab also learns additional spam stored by willing users, and exceptionally some ham (false positives retrieved from quarantine by the sys adm) (*) I tend to trust what spamassassin does, and not look at the reports. Instead I have some personal procmail script which take all the reports sent to me in one day, and makes a super-summary ... if there is a message repeated with the same subject for instance it is definitely spam, so the super-summary just says "n messages". If it is alone, it is listed. I do keep the reports in a folder for a week, and I have also additional procmail-based personal spam filtering. -- Lucio Chiappetti - INAF/IASF - via Bassini 15 - I-20133 Milano (Italy) Citizens entrusted of public functions have the duty to accomplish them with discipline and honour [Art. 54 Constitution of the Italian Republic] For more info : http://www.iasf-milano.inaf.it/~lucio/personal.html
Re: Quarantine Management
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 4/10/10 4:24 PM, Dennis B. Hopp wrote: > Yes exactly what I'm referring to. Wishlist would be: > > User controllable (i.e users can release spam messages back into their > mailbox) > Whitelist/blacklist management > Domain configurations > > maia mailguard has pretty much all of that but hasn't been updated in a > while, just looking for other possibilities. Mainly because it just works for most of us... :) We are pretty close to having a new release ready (I know it's been that way for quite a while) and the 1.0 branch is an improved interface, and yet still just an incremental change so it should be very stable. - -- David Morton Morton Software & Design http://www.dgrmm.net - Ruby on Rails PHP Applications Maia Mailguard http://www.maiamailguard.com- Spam management for mail servers -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFLwQCVUy30ODPkzl0RAoHiAKDMgQLCFSQdhfm6/CHvi5JSPeleDACgqFfa cPE/s8K6xte2tGXBdNIQVZE= =C8IF -END PGP SIGNATURE-
Re: Quarantine Management
Quoting Alex : Hi, Just wondering what other tools are out there that people like. I use postfix as my MTA right now, but am not completely opposed to using something else if necessary to use a specific quarantine system. Amavisd-new works well with postfix maia mailguard using amavisd-new but an old version. I think he's probably referring to something that would help him manage the quarantine itself, such as to query it for FNs, provide some type of reporting, forward FPs back to the proper recipient, manage expiry, expunging, and scoring, etc? Yes exactly what I'm referring to. Wishlist would be: User controllable (i.e users can release spam messages back into their mailbox) Whitelist/blacklist management Domain configurations maia mailguard has pretty much all of that but hasn't been updated in a while, just looking for other possibilities. Do people just flag the message as spam (maybe in the header) and then let users filter to a spam folder? We are using this as a front end to exchange so I guess we could just flag it and then have exchange deliver it to the users "Junk E-mail" folder, but then bayes can't learn from its mistakes as easily. --Dennis
Re: Quarantine Management
Hi, >> Just wondering what other tools are out there that people like. >> >> I use postfix as my MTA right now, but am not completely opposed to using >> something else if necessary to use a specific quarantine system. > > Amavisd-new works well with postfix. I think he's probably referring to something that would help him manage the quarantine itself, such as to query it for FNs, provide some type of reporting, forward FPs back to the proper recipient, manage expiry, expunging, and scoring, etc? Something like this would be very useful, and although it exists in individual programs, a collective set of programs would be pretty handy. After all, maia is based on amavisd, no? Best, Alex
Re: Quarantine Management
Dennis B. Hopp wrote: What are people using for quarantine management with spamassassin? I've been using maia mailguard and it works decently but hasn't been updated in what seems like forever (svn has been updated, but no formal release). Just wondering what other tools are out there that people like. I use postfix as my MTA right now, but am not completely opposed to using something else if necessary to use a specific quarantine system. Amavisd-new works well with postfix.
Quarantine Management
What are people using for quarantine management with spamassassin? I've been using maia mailguard and it works decently but hasn't been updated in what seems like forever (svn has been updated, but no formal release). Just wondering what other tools are out there that people like. I use postfix as my MTA right now, but am not completely opposed to using something else if necessary to use a specific quarantine system. Thanks, --Dennis