Hi Bill,
>I was wondering how to set up a spam address that would accept
>forwarded
>messages from users and feed them into SA for learning as
>spam. Is there an
>easy way to do this? Is SA smart enough to know not to
>blacklist the sender
>of the forwarded message and to only analyze the forwarded
>portion? FAQ?
Two cases here: if you've got an exchange server available: set up a public
folder, have users drag/drop spam to the public folder and learn from there
using imap. Scripts / links have been posted during the lasdt few days, check
the archives.
If you haven't got an exchange server:
When running sendmail/mimedefang/spamassassin; If not ideal but here's what I
came up with:
- in the mimedefang configration, I'm skipping SA processing if the
recipient is the spamreport address - this avoids both white/blackliting and
spam bounces.
- I have users forward spam to the report address as attachments; this seems
to be the only way to get a reasonably intact message
- from a cronjob I run a perl script that extracts the forwared mails and
runs sa-learn on them.
Here's the script I'm using - adapted from the imap learning script posted by
Jason Crummack.
Bye, Martin
#!/usr/bin/perl
# Durchschauen einer mailbox nach message/rfc822 attachments
use Mail::Util qw(read_mbox);
use MIME::Parser;
use IO::Lines;
# set to 1 to enable debugging
my $debug = 0;
# set to 1 if running under cron (disables output)
my $cron = 0;
my $mailbox="/var/spool/mail/s/t/steiermark.report-spam";
my $tempdir = "/tmp/spamassassin";
my $learndir = "/tmp/spamassassin/learn";
#
# execute sa-learn command
#
sub sa_learn {
my $dir = shift (@_);
my $type = shift (@_);
my $learncmd = "/usr/bin/sa-learn ".$type." --dir ".$dir;
if ($cron == 0) { $learncmd .= " --showdots"; }
else { $learncmd .= " > /dev/null 2>&1"; }
#
# Run sa-learn script on spam directory
#
#my $sh = Shell->new;
my @args = ($learncmd);
system (@args) == 0 or die "system @args failed: $?";
}
#
# Removes files in directory $dir with extension $ext
#
sub clear_directory{
my $dir = shift (@_);
opendir (DIR, $dir) or die "Couldn't open dir: $dir\n";
my @files = readdir (DIR);
close (DIR);
for (my $i = 0; $i <= $#files; $i++ )
{
if ($files[$i] !~ /\.+$/) {
unlink ($dir."/".$files[$i]);
}
}
}
mkdir ($tempdir);
mkdir ($learndir);
-r $mailbox || exit;
@msgs = read_mbox($mailbox);
unlink ($mailbox);
$cnt = 0;
foreach (@msgs) {
$debug && print ("Message $cnt\n");
my $parser = new MIME::Parser;
$parser->output_dir($tempdir);
$parser->extract_nested_messages(0);
$AH = new IO::Lines;
$AH->open($_);
$entity = $parser->parse($AH);
$num_parts = $entity->parts;
$debug && print (" Parts: $num_parts\n");
for ($i=0;$i<$num_parts;$i++) {
$part = $entity->parts($i);
if ($part->effective_type eq "message/rfc822") {
$debug && print (" File:
".$part->bodyhandle->path."\n");
@args = ("cp", $part->bodyhandle->path, $learndir);
system (@args);
}
}
$parser->filer->purge;
#$entity->dump_skeleton;
$cnt++;
}
sa_learn ($learndir, "--spam");
clear_directory ($learndir);
-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
