-------- Original-Nachricht --------
> Datum: Thu, 3 May 2012 19:04:13 -0500
> Von: Chad M Stewart <c...@balius.com>
> An: Steve <steeeeev...@gmx.net>
> CC: "postfix-users@postfix.org" <postfix-users@postfix.org>
> Betreff: Re: a header check rule to do <= or >=
>
>
> On May 3, 2012, at 5:26 PM, "Steve" <steeeeev...@gmx.net> wrote:
>
> > -------- Original-Nachricht --------
> >> Datum: Thu, 3 May 2012 17:03:15 -0500
> >> Von: Chad M Stewart <c...@balius.com>
> >> An: Postfix users <postfix-users@postfix.org>
> >> Betreff: a header check rule to do <= or >=
> >
> > Hello Chad,
> >
> >
> >>
> >> Is it possible to write a header check (I'm thinking pcre is probably
> the
> >> way to go) that would find a header, and then take action based on the
> >> value of said header.
> >>
> >> Sample header
> >>
> >> X-spam-Confidence: 0.8505
> >>
> >>
> >> In pseudo code I'd like something like
> >>
> >> if header (/X-spam-Confidence/) && ($value >= 0.7000)
> >> then redirect msg to /dev/null
> >>
> > I think I know what direction you are trying to go. DSPAM? Right?
>
> Yes you are correct dspam. The dspam part I have up and working. Plus
> delivering to users spam folder. Figure I could enhance a bit more by only
> delivering that which is questionable.
>
> At some point I'll figure out a quarantine in my configuration too for
> those users that want it.
>
> >
> > Below the untested code but I think it should work:
> > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> > if /^X\-DSPAM\-Confidence\:\s+/
> > /^X\-DSPAM\-Confidence\:\s+(0\.[7-9]\d+)$/ DISCARD DSPAM confidence
> ${1} greater than 0.700
> > endif
> > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> >
>
> Thank you I'll give that a try.
>
Be very careful with the code from above. It will trigger as soon as the
confidence is equal or above 0.700 and below 0.999 but it does not check the
classification it self. So it will trigger for the class SPAM and for the class
INNOCENT. What you really want is to trigger only for the class SPAM,
BLACKLISTED, BLOCKLISTED and VIRUS.
While writing you the response I realized that I am not handling the case where
the confidence could be 1.000 (aka 100%).
So the above should be changed to:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
if /^X\-DSPAM\-Confidence\:\s+/
/^X\-DSPAM\-Confidence\:\s+(0\.[7-9]\d+|1\.000)$/ DISCARD DSPAM confidence
${1} greater than 0.700
endif
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> Chad
>
Steve
>
> >
> >
> >>
> >> I'm looking to have sieve script functionality, but at the MTA layer
> and
> >> not delivery. This will be implemented on a relay machine. The intent
> >> being that when the anti-spam engine has assigned a high enough score
> to the
> >> message that instead of delivering to the user, we simply throw it
> away,
> >> assuming of course the user has opt-in for such a service.
> >>
> >>
> >> Thank you,
> >> Chad
> >>
> > Steve
> > --
> > NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!
>
> > Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a
> >
--
NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!
Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a
