> -----Original Message----- > From: Eddy Beliveau [mailto:[EMAIL PROTECTED] > Sent: Friday, April 04, 2008 6:17 PM > > ----- Message d'origine ----- > De : "Michael Scheidell" <[EMAIL PROTECTED]> > À : "ram" <[EMAIL PROTECTED]>; "spamassassin-users" > <users@spamassassin.apache.org> > Envoyé : 27 mars 2008 10:04 > Objet : Re: Spam abuse report plugin > > > > > >> From: ram <[EMAIL PROTECTED]> > >> Date: Thu, 27 Mar 2008 15:36:04 +0530 > >> To: spamassassin-users <users@spamassassin.apache.org> > >> Subject: Spam abuse report plugin > >> > >> I get a lot of spam on my servers which get detected by SA though > are > >> generated by innocent mail servers. > >> > >> We see a lot of mail users have insanely simple passwords , spammers > are > >> using these accounts and send spam. By the time the administrator > >> realizes the server has sent 1000's of spam > > So you would spam the abuse@ account '-) > > > >> > >> If spamassassin had an option to send abuse report to servers > >> automatically and send mails to abuse@<server-admin> the moment the > >> first sure spam comes in the admin could be warned before much > damage > >> has been done. Obviously we limit to only 1 or 2 reports in an hour > to a > >> particular id > > > > Best is to set up something to use 'spamassassin -r' (report) > feature. > > Set up a SpamCop account, put that information in local.cf. > > SpamCop will scan the emails for uri's add them to uri blacklists, > add the > > server to spamcop blacklists, track down the responsible isp, and > > pre-format > > a complain email. > > > > If you have DCC and RAZOR, it will also submit the information to > those > > databases. > > > > NOTE: YOU DO NOT WANT TO AUTOMATICALLY SEND REPORTS AS THIS _WILL_ > SPAM > > INNOCENT, FORGED DOMAINS ADDING TO THE BACKSCATTER PROBLEMS. > > Hi! > > This subject is very interesting > > I received many spams daily and have to manually analyse headers or > email > content to be able to send abuse report > > Is there a tool which can do this for me ? > > I imagine some web form (unix/windows) in which I can put a cut/paste > of > original email (including headers) > and that tool can prepare abuse complaint automagically. > > Does that beast exist ?
Well, if you run amavisd-new as a filter over postfix, I can spare my one dirty script. It is named "spamgrass". It should periodically run as the user owning the amavisd quarantine directory (often "amavis", but your mileage may vary). When run, it scans the quarantine dir looking for high-scoring spam (default threshold is 20) and virus mails, then it "packs" as many messages as it can in a report message to be sent to your own quickreport account at spamcop. Also, it keeps track of the last message scanned, avoiding to report already reported messages. There are also options to your own local handoff headers in order to avoid disclosing your topology, antispam and antivirus kind and setup to people whom reports will be sent. You may get the latest copy @ http://www.tomassoni.biz/download/spamgrass.pl . Have a check to the plenty of options available first. In the first stages of deploying, the --dry-run option may be very useful. Enjoy, Giampaolo > > Thanks, > Eddy
