On Tuesday, July 23, 2002, at 05:11 , Roderick A. Anderson wrote:
> On Tue, 23 Jul 2002, Jim Hale wrote: > >> :0fw >> | spamassassin -P >> >> All this does is TAG the SPAM so that I could see just how much I was >> getting on each account and then my Mail Client would just throw these >> messages in another folder. Well, for 3 months now everything seems to >> be running fine and I'm ready to go ahead and not 'preview' the SPAM >> anymore. What do I need to do to the above so that it sends anything >> tagged as Spam to NOWHERE. I think I saw something before about >> redirecting it to null, but I can't remember. > > how about this after your about receipe > > :0: > * ^X-Spam-Status: Yes > /dev/null > I thought about doing that, but decided that completely blind throwing away of messages wouldn't be a good idea. So, I'm sort of building together a combination of SA and the concepts behind TMDA (is that the right system acronym? I can't remember). So, here's the plan (btw: this is my for my home email address, [EMAIL PROTECTED] ): my first procmail recipe will look to see if the sender is in a "totally banned" list (there aren't multiple levels of blacklist are there? not like there are multiple levels of whitelist? I wish SA was my symetric about what features it offers for blacklists and whitelists, but it might just be my own lack of reading), it gets deleted no matter who it's to or from. my second procmail reciple will look to see if it's to "[EMAIL PROTECTED]", and deposit it into one particular folder if it is. I will use that to review messages from people who claim that I shouldn't have blacklisted them. If anyone ever spams that address, then they'll get put into the "totally banned" list. I'll probably be creating/ managing this list by hand, unless there are two different levels of "blacklist", in which case I'll have the more severe blacklist used here. my third recipe will look to see if my mailscanner spamcheck says the sender is in my SA blacklist. If it is, it gets deleted without review (I do this AFTER rule 2, because blacklisted users are still allowed to send mail to user+blacklist, so that I can get messages from friends who sent me something that was a false positive for rule 4, so I can whitelist them and remove them from the blacklist). recipe 4: the mailscanner spamcheck will see if the message IS spam, but does NOT mention a whitelist. If it matches, then it gets sent to a filter program which will: a) submit it to the razor (though, I don't use the razor so I don't know how useful that is ... I'd like to make sure it gets submitted to all the right places, anyone know where else I should send it? ), b) send a "you've been blacklisted, here's the possible causes, if you want to appeal, send it to [EMAIL PROTECTED]" message to the sender (the worst spammers wont get the response because the sender is bogus, so they wont ever appeal), c) add them to my blacklist. (note: when invoked via procmail, A wont actually happen, blocked out by CLI argument, I just mention that feature here for complete description of the program) I'm calling this program "blacklist". Now, for spam that leaks through? I have a mail folder called "AddBlacklist", and a cronjob, with a program named "blacklist_folder", will split that folder out into individual messages, and then submit them to that same filter program one by one. With one exception (by CLI argument): they wont inform the sender (because these are human reviewed messages, so I've already decided whether or not it's accurate). This one WILL use feature A (from above), though, and report the message to various authorities. So, when a spam leaks through, I'll drop it into this folder, and a little while later they'll get blacklisted. I'm going to have another mail folder called "AddWhitelist" which will basically be for rule 3 appeals. I'll have a cron job go through and break it up into individual messages, and then remove them from the blacklist and add them to the whitelist. This program will be "whitelist_folder". Since SA doesn't have an "include" feature right now, I'll probably have a fourth program, "build_sa_prefs" which will take a base_prefs file (with local rules), the blacklist file, and the whitelist file, and use that to generate the site-wide prefs file. So far, I have written "blacklist", and "blacklist_folder". From there, I think the other two programs should be easy to write. Then I just need to put together those procmail recipies (which shouldn't be too hard either). ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
