From: "Mark Williams" <[EMAIL PROTECTED]>
> See details:
>
> On 7/21/05, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
> > Mark Williams wrote on Thu, 21 Jul 2005 15:45:30 +0100:
> >
> > > (Q) Given that this RH machine runs only POP3 (management will not
> > > allow anything else) how do I set up my /etc/procmailrc file such that
> > > all mail that is marked as SPAM is put into the users $HOME/mail/spam
> > > file (they can then login using SSH and use Pine to look at SPAM if
> > > they need to).
> >
> > I would really suggest to use MailScanner+Mailwatch for this and no
> > procmail. But am not sure if that would work for you. What do you mean
by
> > "only POP"?
>
> The machine in question is an SMTP server in its own right for sending
> mail out. However, it presents itself as a POP3 server to the Outlook
> users.
>
> Please don't get too hung up on the decisions that have been made -
> they are out of my control (hence my not going into depth on them). I
> only mentioned it to avoid people saying install this and install that
> or install IMAP etc - for various reasons they are not options -
> installing other software is not an option. The issue is how I get
> procmail to put SPAM mail in $HOME/mail/spam for each of the users.
I realize the decision is out of your hands. "Pop3" has some good
points for it in a Windows environment. Tools like NAV will scan the
email as it comes in. So there should be no way onto the Windows
machines without passing through the local scanning and POP3 server
so that the AV based scanning is effective.
Unfortunately there is no way I know of to use POP3 only as a basis
for Outlook Express email. Everything that I can think of is rather
ugly for the users.
What I do here is run the POP3(S) as the only way into the Windows
machine. (The secure part could be blocked for your case. I use it
while on the road.) Then I run an IMAP server that (nominally) has
no way to get email in from the outside. (Really enforcing this
might take some work or creativity with procmail or fetchmail if
you use it.) The IMAP server is a repository only for spam and ham
training files. It is a means for yanking things into a trainable
format from Outlook Express. I setup a separate OE account for each
user that is the training repository. No incoming email is supposed
to come from the IMAP. Nor is it to be used for "folders". (This is
chiefly because I like the way folders work with OE better than the
IMAP implementation's folders.)
Now, I'm using the "dovecot" everything in one tool. So restricting
incoming email from the IMAP side is basically a setup issue with OE.
"Don't DO that!" For two people this is manageable. And as I note the
IMAP is solely used for training not for delivery or storage except
for ham and spam samples. Now, it might be possible to "fake it" and
run up a second dovecot with different parameters than the one used
for POP3. It could then be configured to access dummy inboxes for the
readdressed IMAP service. This would guarantee the delivery scan by
say NAV while allowing the practical training means. Bayes really does
need training. It's best trained per user. And when trained it is a
major assist to the SARE rules.
I'm not advocating this as your solution. I am merely reflecting on
what is working here. My situation is not yours. Although I would
approach the people who say NO IMAP and request a reason. You may be
able to satisfy that reason while still allowing IMAP as a means of
getting clean copies of messages for training purposes. Often the best
question is "what is your objective?" Get beneath the artificial
restrictions placed by management and find out what they really want
to accomplish. Then you design that solution, make sure it is bullet
proof, and present it as an option with two or three other less savory
solutions. (You can export individual .eml files from OE, for example.
They'd have to be exported to the spam scanning machine and then
learned individually. The export is somewhat ugly from a user's point
of view. But if IMAP doesn't work then that is the sort of thing you
may have to do - DEPENDING on what they really want to accomplish and
the tools they want to use.
{^_^} Joanne
