On Wed, 1 Oct 2003, Bill wrote:
>
> > How do I set up Sendmail to reject email with a high score or
> > forward email to a local mailbox if it is within a certain
> > range of score?
>
> The way I would do it is with a procmail recipe. Configure spamassassin to
> use the stars header system and then set a recipe to redirect based on the
> number of stars. I think its covered somewhere in the docs.
OK, folks SMTP reject is -NOT- a bounce. You -CANNOT- do a reject
with procmail or -any- program that runs after the initial MTA[1].
A reject says that we never even let the garbage get in the front door,
so the 'From' address is a non-issue. (IE if it never even gets on
our turf we don't have to try to do a return-to-sender nor worry about
deleting it).
Think about it in terms of the doorman who won't let you in the bar
if you look 'bad' verses the bouncer who trys to toss you out of the
joint after you've shown yourself to be bad.
The whole concept is that if you run SA closely integrated with your
incoming MTA, configured to check for spam DURING the initial SMTP
transaction then the MTA can respond to the SMTP transaction with a 550
error code at the end of the transaction. Thus the turkey trying to hand
the garbage to you never gets to finish the job and is left holding the
bag.
With SA(spamd)+milter+sendmail, you can configure the milter to examine
the results from spamd and return a 550 status to sendmail for that
specific transaction (the '-r' option to spamass-milter and
miltrassassin). You want to pick a high enough value that it does
not inconvience users when false positives hit but low enough to
eliminate obvious garbage. I've got my 'required_hits' set to tag at
6 and '-r' reject threshold set to 18.
If you want "intermediate" spam routed to another folder or mailbox
procmail is the tool of choice (but note that you've already decided
to keep such messages, just rerouted).
[1] To be pedantic, you can do a reject with an internal MTA but that
is worthless as you've already taken it from the external agent and
now are left holding the bag and have to decide whether to try to
return-to-sender (which is probably forged) or just drop.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
