-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello Mark,
Monday, August 4, 2003, 2:17:17 PM, you wrote:
MH> I have some feature suggestions, for what I feel might be the
MH> "typical" user - like me, for example.
MH> Am I typical - well, maybe not. You decide...
No, you're not a typical user. You're more like me in that regards.
MH> I use a POP client (in my case, Eudora). SA runs on my ISPs mail
MH> server. Mail is marked, and I filter out the spam on my PC.
Ditto, except my POP client is The Bat!, and I retrieve a dozen different
email accounts from four different servers (three of which have SA, on
which I have no shell access but do have FTP access).
Where I have a bit more control than you have is that those three servers
are not just mail servers, but full domain servers, to which I can add as
many POP email accounts as I desire.
MH> Its complex and difficult to communicate with SA. I do have a shell
MH> account, but not everyone does, and no one should have to use the
MH> shell to configure their PC tools. However, my ISP has moved the POP
MH> server to a different machine than the shell server, making
MH> configuring SA more complicated. (we're only talking about user
MH> configuration here, not admin).
I use Wordpad on my Windows computer to edit the user_prefs file, and FTP
the user_prefs file (in ascii mode) to the server(s) to update my
instructions to SA.
MH> I can log into the shell server and change white list and black list,
MH> but there is some complexity because the SA profiles aren't in my
MH> home directory, they are on another machine. Another option is to FTP
MH> the lists to and from the system with the POP server. But this is
MH> much more complicated than it should be. Using VI is not the average
MH> users strength.
Actually, if you can FTP between the shell server and the pop server, you
should be able to FTP directly from your home system to the pop server.
If so, then an FTP directly to that system from your home system might be
the way to go.
MH> What I CAN'T do is send an email to SA for training. Since I don't
MH> use shell mail at all, there is really no way that I know to send
MH> email back from my home PC to SA, with an indication that its spam,
MH> and the filters should be trained to recognize it.
I can't help you there yet, but keep reading...
MH> So... some suggestions.
MH> One idea (probably the most work) is to create a web interface to SA
MH> for end users. I could change both black and white lists. To handle
MH> the training, perhaps I could set Eudora to leave mail on the server
MH> for a day or two, and SA could show these to allow me to mark them -
MH> black, white, or spam. Or perhaps SA could copy (and maybe
MH> compact/excerpt) all incoming mail, store for a short time, so that
MH> when I copy an email with its limited headers from Eudora into the
MH> web page, there is enough information to identify the original mail
MH> with full information for filter training.
Do you have webmail access to that account? If so, can you create
additional folders? My father uses webmail to access his
[EMAIL PROTECTED], and I've created three folders for him:
* auto-bulkmail -- his webmail filters drop anything already marked by SA
into this folder, so he can check for false positives.
* learn-spam -- when he finds spam that SA didn't flag, he moves it to
this folder. I have an hourly cron job which looks to see if there's
anything in this file, and if so then sa-learn is run against it. The
cron job then forwards that file into my spamtrap.
* learn-ham -- when he finds non-spam wrongly flagged by SA in his
auto-bulkmail folder, he moves or copies that email here. The same
hourly job feeds the contents into sa-learn and then forwards it into
my hamtrap.
I haven't given any thought to combining webmail access with pop access
to the same account, other than knowing that only the inbox is normally
accessed by pop, and the other folders are ignored. Maybe there's
something in this method you could use.
MH> Another scheme would be to let me forward email to SA (a special
MH> account), with some instructions to tell SA that this piece of mail
MH> is to be white listed, black listed, or is spam.
How flexible is your access to the pop server? Whenever I build up enough
FPs or FNs, I export those collections from my pop client's files into
Unix mailbox-like files on my Windows system at home, and then FTP them
to the server (as files named newspam.txt and newham.txt). That same
hourly job tests for these files, and if found, feeds them into sa-learn
appropriately, and then deletes them.
MH> Not being an engineer, I'm don't want to solve the problem. But it IS
MH> a PROBLEM. Spam seems to be getting smarter by the day, with more
MH> and more emails marked 3.9, or 4.5, just getting through the SA
MH> filter.
I've developed a system which works for me, not only the ideas above, but
which allows me to actually place new header and body rules into my
user_prefs file, and have them executed by SA. It does require multiple
mailboxes.
* Define mailbox1 -- which receives the inbound mail from the Internet.
This is the email address to which email is sent ([EMAIL PROTECTED]).
This mailbox feeds SA.
* Define a destination mailbox, unknown to the outside world, but which
is the email account used by my pop client.
* Define a cron job which regularly scans through mailbox1. For each
email:
- If SA has already flagged it as spam, drop it into a spamtrap file.
- If SA has already flagged it as ham (score<0), forward to mailbox2.
- Otherwise run SA against it, in local mode (don't repeat DNSBL
overhead), but with added rules activated from user_prefs file.
- If now spam, drop it into the spamtrap file.
- Otherwise forward to mailbox2.
If you have this level of access -- ftp access to the appropriate server,
and the ability to have multiple email mailboxes, and the ability to run
cron jobs on that server, then I can share my system with you.
I created it on one domain, then generalized it to make it parameter
driven and ported it to a second domain, where it's been working fine.
I'll shortly port it to the third domain, and then will replace the
original (non-generalized) system. I think it's ready for someone else to
try out, to see what types of changes or corrections may be needed.
MH> And I have no convenient way to use the more sophisticated features
MH> of SA.
I didn't either, until I developed this system.
MH> If it helps, email shows up with this version information:
MH> SpamAssassin 2.52 (1.174.2.8-2003-03-24-exp)
Talk your ISP into upgrading to 2.55 -- 2.51 through 2.53 had a fair
number of "nice" rules which have been identified and used by spammers to
sneak their spam through.
Until they do, drop the scores of the "nice" rules from negatives to zero
in your user_prefs file. That alone will help you catch a lot more spam.
Bob Menschel
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
iQA/AwUBPy8SlJebK8E4qh1HEQI4KQCg+hadQy/chSEgtoEq825hd93kJbgAoNA/
Y39SwdEC2esggmwsXpxBIeOU
=P6gE
-----END PGP SIGNATURE-----
-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
