On Sep 20, 2013, at 18:12, azurIt <azu...@pobox.sk> wrote: >> On 2013-09-20 09:42, azurIt wrote: >>> i'm having problems with spam forwarding - lot's of our users enabled >>> forwarding to gmail and every spam they receive is also forwarded. >>> Today gmail block us because of spam (which we were just forwarding, >>> not sending). Any tips how can i disable forwarding in case of a spam >>> (for example, when message has X-Spam-Status: Yes) ? Thanks. >> >> You may first want to look at why you are receiving the spam in the >> first place and not rejecting it. There are many ways to fight this, >> much of which will come down to what your policies are regarding >> rejecting mail, false positives, etc. >> >> You could always turn off the ability of your users to forward mail to >> other services, problem solved. > > This is not an option, we are offering commercial services and users demands > this feature.
Gmail offers POP3 retrieval, which is a perfectly servicable option if users DEMAND every spam message, plus forwarding. > Blocking emails based on spam filters are always wrong. Spam recognition will > NEVER be 100%, there are always false positives. We are accepting all emails > and filter them after. I just need to tell Postfix to NOT forward particular > messages and only deliver them locally (for example, as mentioned before, > based on headers). Has it occurred to you that the reason lots of your users enable forwarding to Gmail may be the fact that you accept everything? And that they are essentially using Gmail as the spam filter they need because of this? You are creating this problem yourself. No spam filtering is 100% without false positives, but properly configured before-queue defenses generally cut out ~90% of the garbage you get from bots and zombies. Or more, depending on how tight of a ship you can afford to run. It also presents a traceable error path to any senders that may be caught with their pants down because of configuration issues, compromised systems and what have you. This means that anything that actually reaches the stage where you decide whether to store or forward is about 10% of what you are accepting now, and much less likely to cause trouble with forwarding. If you must do your own thing, figure out how to use the quarantine features of your chosen content filtering software, and do forwarding from there based on rules you specify. Or dig into the Postfix documentation and figure out how you might achieve what you are after without backscattering, or discarding mail. Mvg, Joni
