Re: SpamAssassin & MX Gateway Server
From: "Daniel Staal" <[EMAIL PROTECTED]>
--As of September 30, 2006 12:32:41 PM -0500, Russ B. is alleged to have said:
Basically, anything that arrives over 15 in score, will have that
SPAM-STATUS header embedded, so it does NOT run SpamAssassin on this
server, and just puts it in the Caught-Spam. If it has LOWER than a score
of 15 from the MX, then the MX server didn't put a header on it, so it's
processed here and filed here.
Why do that? Because my users on the sendmail server farm have a whole
variety of score choices they are using, so I want their specfic score to
be utilized - but by making the score on the MX 15, I'm saving the
sendmail server from a WHOLE LOT of processing, and nobody's going to have
a default score over 15... so that's a safe number?
--As for the rest, it is mine.
Just as a thought: Since you are running procmail on them anyway, it should > be
possible to have a script in there that reads the desired score and uses > the score
count Spamassassin embeds in the 'X-Spam-Level:' header to filter.
It wouldn't reformat the mail (at least not without a lot of work), but you > could at
least file it differently...
If you can have per user rules and system wide Bayes it becomes real
easy to have the per user rules be one line, their spam threshold. Of
course, with per user Bayes you can have far better anti-spam because
you are not dealing with "one person's ham is another person's spam."
But it gets to be a maintenance nightmare as the number of users goes
up and the user computer sophistication goes down.
{^_^}
Re: SpamAssassin & MX Gateway Server
--As of September 30, 2006 12:32:41 PM -0500, Russ B. is alleged to have said: Basically, anything that arrives over 15 in score, will have that SPAM-STATUS header embedded, so it does NOT run SpamAssassin on this server, and just puts it in the Caught-Spam. If it has LOWER than a score of 15 from the MX, then the MX server didn't put a header on it, so it's processed here and filed here. Why do that? Because my users on the sendmail server farm have a whole variety of score choices they are using, so I want their specfic score to be utilized - but by making the score on the MX 15, I'm saving the sendmail server from a WHOLE LOT of processing, and nobody's going to have a default score over 15... so that's a safe number? --As for the rest, it is mine. Just as a thought: Since you are running procmail on them anyway, it should be possible to have a script in there that reads the desired score and uses the score count Spamassassin embeds in the 'X-Spam-Level:' header to filter. It wouldn't reformat the mail (at least not without a lot of work), but you could at least file it differently... Daniel T. Staal --- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. ---
Re: SpamAssassin & MX Gateway Server
I'm not the authority on such things, but I don't believe it's possible
without some customization.
I really wanted to ask you, though, how you handle mail rejection on the
"inner" layer of mail servers? If mail gets through your front end SA box
and needs to be rejected because it's to an invalid address or some other
reason, how do you handle that?
Jerry
> I have a unique but interesting problem:
>
> I have a farm of servers that use Sendmail/ProcMail/SpamAssassin.
>
> Due to their very heavy loads and my custom rules, I have built a
> dual-proc-dual-core FBSD AMD64 bit OS server to do nothing but my major
> spam knockdowns and processing to send back to the
> Sendmail/Procmail/SpamAssassin server farm.
>
> On my gateway MX server, I'm using Postfix/AmavisD and Spamassassin, and
> it works great. It's flat out rejecting spam scored over "150" spam score,
> it tags spam as spam if it's over "15" size, and it just puts in the spam
> headers over "15" size as well. If it scores UNDER 15, it neither get's
> scored nor given headers.
>
> Then, on the Sendmail farm, I use this recipe, which works great:
>
> :0:
> * ! ^X-Spam-Status: YES
> {
> :0fw
> * < 256000
> |/usr/local/bin/spamc -f
> }
>
> :0:
> * ^X-Spam-Status: Yes
> $HOME/mail/Caught-Spam
>
> Basically, anything that arrives over 15 in score, will have that
> SPAM-STATUS header embedded, so it does NOT run SpamAssassin on this
> server, and just puts it in the Caught-Spam. If it has LOWER than a score
> of 15 from the MX, then the MX server didn't put a header on it, so it's
> processed here and filed here.
>
> Why do that? Because my users on the sendmail server farm have a whole
> variety of score choices they are using, so I want their specfic score to
> be utilized - but by making the score on the MX 15, I'm saving the
> sendmail server from a WHOLE LOT of processing, and nobody's going to have
> a default score over 15... so that's a safe number?
>
> Make sense? This works great. The MX get's the mail, knocks down the
> really bad spam, tags the medium spam and let's the end servers re-score
> the questionable stuff to the user preferences.
>
> Ok - my question/problem is this:
>
> Is there a way I can run spamc (or spamassassin) so that it doesn't
> actually RESCORE/REPROCESS the mail (the large amount of work), but
> instead just looks at the users required score (required_score 6.0) and
> only re-tags the "X-Spam-Status" flag to YES or No??
>
> See, in my current setup (as explained above):
>
> MX server scores it as spam score 205 --> sendmail farm nukes it
>
> MX server scores it as spam score 16 - MX tags it as spam --> sendmail
> farm just files it in the user's Caught-Spam folder.
>
> MX server scores it as score 7, which is below questionable as 15, so it
> doesn't score it ---> sendmail then runs spamass on it, rescores it and
> then files it to user's settings.
>
>
Re: SpamAssassin & MX Gateway Server
Fix to above post's last lines: MX server scores it as spam score 200 --> MX server just nukes it MX server scores it as spam score 16 - MX tags it as spam --> sendmail farm just files it in the user's \Caught-Spam folder. MX server scores it as score 7, which is below questionable which is set to 15, so it doesn't score it (nor gives it any spam headers) ---> sendmail then runs spamass on it, rescores it and then files it to user's settings.
SpamAssassin & MX Gateway Server
I have a unique but interesting problem:
I have a farm of servers that use Sendmail/ProcMail/SpamAssassin.
Due to their very heavy loads and my custom rules, I have built a
dual-proc-dual-core FBSD AMD64 bit OS server to do nothing but my major
spam knockdowns and processing to send back to the
Sendmail/Procmail/SpamAssassin server farm.
On my gateway MX server, I'm using Postfix/AmavisD and Spamassassin, and
it works great. It's flat out rejecting spam scored over "150" spam score,
it tags spam as spam if it's over "15" size, and it just puts in the spam
headers over "15" size as well. If it scores UNDER 15, it neither get's
scored nor given headers.
Then, on the Sendmail farm, I use this recipe, which works great:
:0:
* ! ^X-Spam-Status: YES
{
:0fw
* < 256000
|/usr/local/bin/spamc -f
}
:0:
* ^X-Spam-Status: Yes
$HOME/mail/Caught-Spam
Basically, anything that arrives over 15 in score, will have that
SPAM-STATUS header embedded, so it does NOT run SpamAssassin on this
server, and just puts it in the Caught-Spam. If it has LOWER than a score
of 15 from the MX, then the MX server didn't put a header on it, so it's
processed here and filed here.
Why do that? Because my users on the sendmail server farm have a whole
variety of score choices they are using, so I want their specfic score to
be utilized - but by making the score on the MX 15, I'm saving the
sendmail server from a WHOLE LOT of processing, and nobody's going to have
a default score over 15... so that's a safe number?
Make sense? This works great. The MX get's the mail, knocks down the
really bad spam, tags the medium spam and let's the end servers re-score
the questionable stuff to the user preferences.
Ok - my question/problem is this:
Is there a way I can run spamc (or spamassassin) so that it doesn't
actually RESCORE/REPROCESS the mail (the large amount of work), but
instead just looks at the users required score (required_score 6.0) and
only re-tags the "X-Spam-Status" flag to YES or No??
See, in my current setup (as explained above):
MX server scores it as spam score 205 --> sendmail farm nukes it
MX server scores it as spam score 16 - MX tags it as spam --> sendmail
farm just files it in the user's Caught-Spam folder.
MX server scores it as score 7, which is below questionable as 15, so it
doesn't score it ---> sendmail then runs spamass on it, rescores it and
then files it to user's settings.
