> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of > Salvatore Toribio > Sent: Monday, December 01, 2003 11:10 AM > To: Robert Harrison; [EMAIL PROTECTED] > Subject: Re: [Qmail-scanner-general]How to reject SA Tagged spam > > > Robert Harrison, wrote: > >Hi all, > > > >Just a quick question is there any way to reject messages > marked as spam. > > > >using qmail, qmail-scanner, and spam-assassin > > > >I have seen loads of email saying the config for this is in spam > >assassin but i'm buggered if i can see how to do it. > > > >Any ideas out there. I would like to reject spam that scores above 15 > > > >Thanks for any help or for pointing me in the right direction > > > >Robert > > I've sent a post today over this. > > I've wrote a patch that actualy quaratine/delete spam, you can find > it at <http://xoomer.virgilio.it/j.toribio/qmail-scanner/>. Now I'm > testing a way to reject a messages before the remote server ends the > connection. It is working fine for me, but I need some time to write > it in a coherent way. > > If you read my previous post to Brian Ipsen, you could modify > yourself the routine 'spamassassin' and reject the messages since now. > > Salvatore > >
You should be careful! Don't forget that SA is not perfect! I have received mail marked as SPAM, but it WASN'T! If you do this thing you may lose email that you WANT. I think a better solution is to accept those messages and put them somplace temporarily, kind of like hotmail does. Have a folder called SPAM or BULKMAIL for each user and have tagged SPAM moved into that folder. I do that, and have a CRON job that runs tmpwatch on those folders and removes everything older than X days... I don't like receiving SPAM, but I HATE to miss a desired message! I also check the SPAM messages regularly at the command-prompt to see how they're changing over time, and how they're scored with SA. It's interesting to see what these bastards are doing to get the message into our INBOX. They send messages to me AS me, or they insert fake HTML tags randomly throughout the message to break up words and avoid pattern searches, etc. There is something that I saw recently that looked very interesting, and I LOST THE LINK. It involves DNS MX-type records. When receiving an SMTP connection, your MTA is given the sender ([EMAIL PROTECTED]). If the special MX record in the DNS lookup of the senders domain (yahoo.com) doesn't match the actual MTA sending the email, the connection is dropped. Or something like that. I never got the chance to check it out! Since yahoo lists hosts 10.10.10.1-10.10.10.20 (example) as their MX hosts, then if the message you're currently receiving from [EMAIL PROTECTED] is coming from HELO booger.de (10.20.30.40), then you know it's BOGUS, and the connection is dropped. Has anyone heard of this? If so, please post a LINK!! Ken ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
