Hello SA users and experts, Being a long-time and very happy SA user at home, when I was asked to set up a spam filter on our new mail server at work I new exactly what I would use. Having to support more than just the one user, I have had to learn and use some new features, and have used the archives and other resources to help, for which I thank you all.
One thing that remains a bit of a mystery is how learning occurs when a message is forwarded. We use postfix, and my Linux distro is Redhat 9. For training, I've set up dummy email accounts for mis-identified ham and spam. I have a very simple shell script for training, calling sa-learn on the spam and ham, and then deleting the contents. Later, I'll have crond do this, but for now I'm doing it manually in order to keep an eye on things. I've told my users to forward the mis-identified email to those mailboxes. The sequence of events is as follows: 1. SA running on our mail server inspects an incoming messages and believes it to be spam or non-spam. 2. Mail message is added to user's mailbox 3. User reads mail, perhaps with Netscape, Windows email client (whatever that is), Mac's email program or, in my case, pine. 4. User forwards mis-identified ham or spam to the appropriate user 5. User's mail client wraps the original message in some sort of header (perhaps in some cases it's forwarded as an attachement and not as content). 6. Postfix adds that mail message to the ham or spam mailbox 7. Once a day (or so) I run sa-learn on ham and spam with the appropriate flags. The mystery is, that spam now has a header from my user, who is forwarding the spam to the spam mail account. How does SA know to train on the contents, and not my legitimate user's header? Thanks for any insight, Michael
