When you use MS Exchange as your Mailserver there is the problem that Exchange
removes some of the mail headers when re-sending an email (as attachment or as
an reply) or if a user puts the message into a public folder that is pulled via
IMAP for retraining (retrain-as-spam or retrain-as-innocent e.g.).
I use dspam with virtual-UIDs and I configured my exim sitting in front of
Exchange to circumvent this header-remove problem. Exim adds the dspam
signature to the Received: header and when this message is presented for
retraining the dspam signature is extracted from this Received: header and the
original X-DSPAM-Signature is reconstructed (btw in exim header variable names
are caseless, so $header_x-dspam-signature: is the same as
$header_X-DSPAM-Signature:):
Store signature in Received: header:
====================================
received_header_text = Received: \
${if def:sender_rcvhost {from $sender_rcvhost\n\t}\
{${if def:sender_ident \
{from ${quote_local_part:$sender_ident} }}\
${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}\
by $primary_hostname \
${if def:received_protocol {with $received_protocol}} \
${if def:tls_cipher {($tls_cipher)\n\t}}\
(MTA)\n\t\
id $message_exim_id\
${if def:header_x-dpam-signature: { (dssig $header_x-dspam-signature:)}}\
${if def:received_for {\n\tfor $received_for}}
Result looks like this
======================
Received: from dspam by nospam.sdm.de with dspam-scanned (MTA)
id 1IKYNF-00019x-DH (dssig 42345,46c0448944501530714789)
for [EMAIL PROTECTED]; Mon, 13 Aug 2007 13:46:17 +0200
Retreive signature and reconstruct when delivering locally:
===========================================================
# alias Router
system_aliases:
driver = redirect
domains = +local_domains
allow_fail
allow_defer
data = ${lookup{$local_part}dbm{/var/db/aliases.db}}
# user = exim
file_transport = address_file
pipe_transport = address_pipe
# get the dspam signature that is saved in the Received: header lines and
place
# it as a normal header so that dspam can read and interpret it correctly0
headers_add = ${if and{\
{match {$header_Received:}{dssig ([^)]*)}}\
{!def:header_x-dspam-signature:}\
}\
{X-DSPAM-Signature: $1}{}\
}
# localuser Router
localuser:
driver = accept
domains = +local_domains
check_local_user
transport = local_delivery
# get the dspam signature that is saved in the Received: header lines and
place
# it as a normal header so that dspam can read and interpret it correctly
headers_add = ${if and{\
{match {$header_Received:}{dssig ([^)]*)}}\
{!def:header_x-dspam-signature:}\
}\
{X-DSPAM-Signature: $1}{}\
}
Additional information:
=======================
I use fetchmail (very nice) to fetch messages out of a public folder from
Exchange for retraining. My .fetchmailrc looks like this:
set no bouncemail
set syslog
set invisible
set no spambounce
set properties ""
poll mda.foo.com
proto imap
user '<your-user>'
password '<your-user-password>'
batchlimit 100
folder "Public Folders/Antispam/Retrain-As-Spam"
fetchall
no rewrite
mda "/bin/exim -i -oem -f [EMAIL PROTECTED] [EMAIL PROTECTED]"
poll mda.foo.com
proto imap
user '<your-user>'
password '<your-user-password>'
batchlimit 100
folder "Public Folders/Antispam/Retrain-As-Innocent"
fetchall
no rewrite
mda "/bin/exim -i -oem -f [EMAIL PROTECTED] [EMAIL PROTECTED]"
#################
A simple crontab entry will retrain you token base. My alias file looks like
this:
# aliases
spam-retrain: "|/bin/dspam --user [EMAIL PROTECTED] --class=spam --source=error"
ham-retrain: "|/bin/dspam --user [EMAIL PROTECTED] --class=innocent
--source=error"
Dspam will retreive the correct signature from the message to retrain the token
base.
It is better to use "mda" than "smtpname [EMAIL PROTECTED]" because "mda"
rewrites the sender address to a local one ([EMAIL PROTECTED]) so the original
sender of the message will not get a DSN in case of a delivery error what would
be awkward.
Best regards
Joerg Pichel
sd&m - 25 years expertice in software engineering
--
Joerg Pichel [EMAIL PROTECTED]
sd&m AG http://www.sdm.de/
software design & management
Carl-Wery-Str. 42, 81739 Muenchen,
Germany Tel +49 89 63812-112, Fax -555
Management board: Edmund Küpper (chairman), Burkhard Kehrbusch,
Rüdiger Azone, Dr. Uwe Dumslaff, Kai Grambow, Dr. Michael Rading
Chairman of the board of directors: Pierre Hessler
Location and county court: München HRB 126057
