I have one anti spam suggestion. Sending all messages marked by the spamassassin as spam to the quarantine is very dangerous, not everything is really spam.
Lets create two limits - soft (e.g. 6) and hard (e.g. 12). Mails with score over hard limit would be quarantined in the same way as virii (no info to the sender or recipient). Mails with score between soft and hard limits would be quarantined but the sender would get a message of this form: Your message has been recognised as spam and was quarantined. If you want to deliver you message, visit this link: http://something.example.org/antispam/index.php?id=12345&crc=md5abc123 If the message was sent by a real user, he/she can visit the page and copy a code from a picture to the input box and thus push the mail forward from the quarantine to the real destination. The id in the link above is the id of the message in the quarantine (e.g. $message_id in the qmail-scanner-queue.pl script). The crc in the link prevents guessing ids of quarantined mails and can be generated as md5($id."some arbitrary password"). The index.php can control validity of the request by generating a picture with the code as first 5 characters from md5($id."another password") and ask user to copy the code from the picture to the input box. Mails with score between the spamassassin threshold would be delivered as usually (e.g. with ***SPAM*** in the subject). I modified the script this way and it works fine. No database is necessary. I have seen another company using spammassassin dealing with spam this way too. Miroslav Zacek ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Qmail-scanner-general mailing list Qmail-scanner-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
