Sending spam forwarded by backup MX directly to primary server spam folder

Thu, 02 Nov 2017 04:32:25 -0700 

Hi Friends,
on Debian Jessie environment, using spamass-milter 0.3.2-1 and spamassassin 3.4.0-6, I would like to make sure that automatically all messages marked as spam and forwarded by the backup server mx to the primary server, the (primary server) sieve filter moves them to the spam folder. 


Now I'm using the following "sieve after" filter on both server (which 
does this only for messages received from the primary)



/etc/dovecot/sieve-after/spam-to-folder.sieve:

require ["fileinto","mailbox"];

if header :contains "X-Spam-Flag" "YES" {
 fileinto :create "INBOX/Junk";
 stop;
}



Actually the backup MX server when mark an email as spam simply forward 
to primary and the user receive from the primary the entire message on 
inbox folder added to the spam header like the following:



Spam detection software, running on the system "server2.foo.org",
has identified this incoming email as possible spam.  The original
message has been attached to this so you can view it or label
similar future email.  If you have any questions, see
the administrator of that system for details.

Content preview:  Sent from my iPhone [...]

Content analysis details:   (10.3 points, 5.0 required)

 pts rule name              description

---- ---------------------- 
--------------------------------------------------

 3.6 RCVD_IN_PBL            RBL: Received via a relay in Spamhaus PBL
                            [182.70.179.156 listed in zen.spamhaus.org]
 0.7 RCVD_IN_XBL            RBL: Received via a relay in Spamhaus XBL
 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

              [Blocked - see 
<http://www.spamcop.net/bl.shtml?182.70.179.156>]
 0.0 RCVD_IN_DNSWL_BLOCKED  RBL: ADMINISTRATOR NOTICE: The query to 
DNSWL

                            was blocked.  See

                            
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block

                             for more information.
                            [182.70.179.156 listed in list.dnswl.org]
 0.5 RCVD_IN_SORBS_SPAM     RBL: SORBS: sender is a spam source
                            [182.70.179.156 listed in dnsbl.sorbs.net]
 2.7 RCVD_IN_PSBL           RBL: Received via a relay in PSBL
                            [182.70.179.156 listed in psbl.surriel.com]

 0.2 CK_HELO_GENERIC        Relay used name indicative of a Dynamic Pool 
or

                            Generic rPTR

 1.3 RDNS_NONE              Delivered to internal network by a host with 
no rDNS


The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam.  If you wish to view
it, it may be safer to save it to a file and open it with an editor.

etc, etc..


Is this possible using spamassassin and spamass-milter?


Many thanks!

Davide






















					Reply via email to