mouss <mo...@ml.netoyen.net> writes: > Gerald Turner a écrit : >> Hello, I have been using SpamAssassin integrated with Postfix via >> spampd SMTP proxy and I have the following header_checks file: >> >> /^X-Spam-Level: \*{8,}/ DISCARD Spam score 8+ >> /^X-Spam-Level: \*{4,}/ REJECT Spam score 4+ >> >> There are cases where I'd rather DISCARD the low score mail (>= 4, < >> 8) than REJECT, for instance: >> >> When the mail contains mailing-list headers - some mailing lists >> unsubscribe after too many bounces, particularly Debian with >> open/unmoderated lists. >> >> When the mail was sent to a quasi-spamtrap address - I'm aliased >> on a few hosts with webmas...@example.com type addresses, some of >> which will generate bounce warnings to mailer-daemon who is >> aliased to several people, evil! >> >> Unfortunately Postfix header_checks can only process one header at a >> time, there's no way to compound conditions of multiple headers. >> I've searched and can't seem to come up with any possibility of >> configuring Postfix to conditionally discard rather than bounce. I'm >> on the verge of customizing an example Perl milter to do the job, but >> it seems like something that should be built-in to either Postfix, >> spampd, or perhaps amavisd-new - any suggestions? >> > > first, add an SA rule to detect mailing lists. for example > > header H_FROM_ML ... > score H_FROM_ML 0.01 > > (actually, you will need multiple rules, then combine them with a > meta). > > then your header checks would become > > /^X-Spam-Status: Yes, score=([8-9]|\d{2}).*H_FROM_ML/ .... >
Excellent! Checking X-Spam-Status rather than X-Spam-Level totally escaped me, thanks. > some notes: > > - unless you are calling SA during the smtp transaction, you should > not reject mail (ie after it was queued by postfix) > It is before-queue while the SMTP connection is still active. I like to bounce in case legitimate people that have yet to be whitelisted trigger a false-positive. > - discarding mail is risky. > Other than possibly dropping a false-positive is there anything else I should know of? > - spammers can forge list headers... > Yes but I think I'm getting what I want in this case: list spam is discarded, whether forged or not. > - There are other cases when you don't want to reject (mail to > ab...@example.com, ... etc). That's the other problem I'm trying to solve (don't reject mail sent to these "quasi-spamtrap" addresses, simply discard) - I can see how to do it now with custom rules checked in X-Spam-Status header. Thanks for the suggestion. -- Gerald Turner Email: gtur...@unzane.com JID: gtur...@jabber.unzane.com GPG: 0xFA8CD6D5 21D9 B2E8 7FE7 F19E 5F7D 4D0C 3FA0 810F FA8C D6D5