Hi Bill,

>I was wondering how to set up a spam address that would accept 
>forwarded
>messages from users and feed them into SA for learning as 
>spam. Is there an
>easy way to do this? Is SA smart enough to know not to 
>blacklist the sender
>of the forwarded message and to only analyze the forwarded 
>portion?  FAQ?

Two cases here: if you've got an exchange server available: set up a public
folder, have users drag/drop spam to the public folder and learn from there
using imap. Scripts / links have been posted during the lasdt few days, check
the archives.

If you haven't got an exchange server:
When running sendmail/mimedefang/spamassassin; If not ideal but here's what I
came up with:

 - in the mimedefang configration, I'm skipping SA processing if the
recipient is the spamreport address - this avoids both white/blackliting and
spam bounces.

 - I have users forward spam to the report address as attachments; this seems
to be the only way to get a reasonably intact message 

 - from a cronjob I run a perl script that extracts the forwared mails and
runs sa-learn on them. 

Here's the script I'm using - adapted from the imap learning script posted by
Jason Crummack. 

Bye, Martin

#!/usr/bin/perl

# Durchschauen einer mailbox nach message/rfc822 attachments
use Mail::Util qw(read_mbox);
use MIME::Parser;
use IO::Lines;

# set to 1 to enable debugging
my $debug = 0;

# set to 1 if running under cron (disables output)
my $cron = 0;

my $mailbox="/var/spool/mail/s/t/steiermark.report-spam";
my $tempdir = "/tmp/spamassassin";
my $learndir = "/tmp/spamassassin/learn";

#
# execute sa-learn command
#
sub sa_learn {
  my $dir = shift (@_);
  my $type = shift (@_);
  my $learncmd = "/usr/bin/sa-learn ".$type." --dir ".$dir;

  if ($cron == 0) { $learncmd .= " --showdots"; }
  else { $learncmd .= " > /dev/null 2>&1"; }

  #
  # Run sa-learn script on spam directory
  #
  #my $sh = Shell->new;
  my @args = ($learncmd);

  system (@args) == 0 or die "system @args failed: $?";
}

#
# Removes files in directory $dir with extension $ext
#
sub clear_directory{
  my $dir = shift (@_);

  opendir (DIR, $dir) or die "Couldn't open dir: $dir\n";
  my @files = readdir (DIR);
  close (DIR);

  for (my $i = 0; $i <= $#files; $i++ )
  {
    if ($files[$i] !~ /\.+$/) {
        unlink ($dir."/".$files[$i]);
    }
  }
}

mkdir ($tempdir);
mkdir ($learndir);

-r $mailbox || exit;

@msgs = read_mbox($mailbox);
unlink ($mailbox);

$cnt = 0;
foreach (@msgs) {
        $debug && print ("Message $cnt\n");
        my $parser = new MIME::Parser;
        $parser->output_dir($tempdir);
        $parser->extract_nested_messages(0);

        $AH = new IO::Lines;
        $AH->open($_);

        $entity = $parser->parse($AH);

        $num_parts  = $entity->parts;
        $debug && print ("      Parts: $num_parts\n");
        for ($i=0;$i<$num_parts;$i++) {
                $part = $entity->parts($i);
                if ($part->effective_type eq "message/rfc822") {
                        $debug && print ("      File:
".$part->bodyhandle->path."\n");
                        @args = ("cp", $part->bodyhandle->path, $learndir);
                        system (@args);
                }
        }
        $parser->filer->purge;

        #$entity->dump_skeleton;

        $cnt++;
}

sa_learn ($learndir, "--spam");
clear_directory ($learndir);



-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to