-------- Original-Nachricht -------- > Datum: Sun, 6 May 2012 16:22:48 -0500 > Von: Chad M Stewart <c...@balius.com> > An: Steve <steeeeev...@gmx.net> > CC: postfix-users@postfix.org > Betreff: Re: a header check rule to do <= or >=
> > On May 3, 2012, at 7:23 PM, Steve wrote: > > >> > >>> > >>> Below the untested code but I think it should work: > >>> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > >>> if /^X\-DSPAM\-Confidence\:\s+/ > >>> /^X\-DSPAM\-Confidence\:\s+(0\.[7-9]\d+)$/ DISCARD DSPAM confidence > >> ${1} greater than 0.700 > >>> endif > >>> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > >>> > >> > >> Thank you I'll give that a try. > >> > > Be very careful with the code from above. It will trigger as soon as the > confidence is equal or above 0.700 and below 0.999 but it does not check > the classification it self. So it will trigger for the class SPAM and for > the class INNOCENT. What you really want is to trigger only for the class > SPAM, BLACKLISTED, BLOCKLISTED and VIRUS. > > Which means that unless the reading I've been doing is wrong, I won't be > able to accomplish this within Postfix. Postfix header checks can not be > combined, so I can't do if the matching logic I'm thinking about, if the > class is SPAM and the Confidence is greater than X. > You can do it in Postfix. It would be messy but you could do it. Think about something like this: 1) Postfix smtpd listening on port 25 (lets call it instance A) 2) Postfix smtpd listening on port 11025 (lets call it instance B) 3) Postfix smtpd listening on port 12025 (lets call it instance C) Mail gets from outside to (A). (A) does all the spam checking and such. (A) does the header check. If mail is SPAM then redirect/filter to instance B on port 11025. If mail is HAM then redirect/filter to instance C on port 12025. (B) checks the confidence of the SPAM mail (only SPAM mails should reach instance B). If confidence is greater than X then the mail is discarded. Everything else gets redirected/filtered to instance C on port 12025. (C) is delivery to the end user. I think you get what I mean. However... I don't know if this will work and even if it would work then I would not suggest you to do it that way. Better would be to use milter or such to handle that in Postfix or use DSPAM delivery agent option to specify your own delivery agent and handle inside that delivery agent your specific needs. > Part of me thinks the best place for this is the final delivery server, > but in my scenario my customers may want the ability to not have messages > with high confidence even delivered into their network. I guess I could route > those customers through a custom policy service which could do the logic > and discard accordingly. > Yes. That is what I personally would suggest you to do. > > > > > While writing you the response I realized that I am not handling the > case where the confidence could be 1.000 (aka 100%). > > > > So the above should be changed to: > > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > > if /^X\-DSPAM\-Confidence\:\s+/ > > /^X\-DSPAM\-Confidence\:\s+(0\.[7-9]\d+|1\.000)$/ DISCARD DSPAM > confidence ${1} greater than 0.700 > > endif > > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > > > > Good point, thank you. > > > -Chad -- NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone! Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a