Sorry, not a direct CentOS question, but I know there's a lot of experienced users on this list...I'm using CentOS with sendmail and spamassassin. I've got it configured with spamass-milter and it is working correctly. However, I was expecting to be able to reject mail that is marked as spam, not just deliver it as usual. Anyone know if it can be done and how? I know a milter can reject mail, because I've used milter-grelist in the past to give temporary fail messages.
Following is my sendmail.m4 directive for spamass-milter:
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
At 02:35 PM 3/4/2008, you wrote:
Sorry, not a direct CentOS question, but I know there's a lot of experienced users on this list...I'm using CentOS with sendmail and spamassassin. I've got it configured with spamass-milter and it is working correctly. However, I was expecting to be able to reject mail that is marked as spam, not just deliver it as usual. Anyone know if it can be done and how? I know a milter can reject mail, because I've used milter-grelist in the past to give temporary fail messages.
Following is my sendmail.m4 directive for spamass-milter:
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
Not sure, but I think you could use procmail to filter to a junk folder based upon parsing the SpamAssassin score. Also, you can block based on RBL in sendmail , or score in spamassassin.
I use MailScanner with SpamAssassin and swear by it!
Happy (mostly), very vital list group. The author is very actively answering questions and requests. Can't get much better support!
Cheers!
Glenn wrote:
I use MailScanner with SpamAssassin and swear by it!
Happy (mostly), very vital list group. The author is very actively answering questions and requests. Can't get much better support!
mailscanner +1
Also, I have: FEATURE(`dnsbl', `sbl-xbl.spamhaus.org', `"571 ACCESS DENIED to <"$&f"> thru "$&{client_name}" by /spamhaus/ ;Please see http://www.spamhaus.org/sbl/%27%22)dnl FEATURE(`dnsbl', `relays.ordb.org', `"550 Email rejected due to sending server misconfiguration - see http://www.ordb.org/faq/%5C#why_rejected%22%27)dnl in my sendmail.mc file.
Milton Calnek wrote:
I use MailScanner with SpamAssassin and swear by it!
Happy (mostly), very vital list group. The author is very actively answering questions and requests. Can't get much better support!
mailscanner +1
MimeDefang is good too, and perhaps a little more efficient. It and clamav (if you want to tie in a virus scan for windows clients) are packaged in rpmforge. MimeDefang runs as a sendmail milter (i.e in real time during the smtp conversation) and gives you a small snippet of perl where you can control most of your mail scanning and delivery behavior.
Milton Calnek wrote:
Glenn wrote:
I use MailScanner with SpamAssassin and swear by it!
Happy (mostly), very vital list group. The author is very actively answering questions and requests. Can't get much better support!
mailscanner +1
Also, I have: FEATURE(`dnsbl', `sbl-xbl.spamhaus.org', `"571 ACCESS DENIED to <"$&f"> thru "$&{client_name}" by /spamhaus/ ;Please see http://www.spamhaus.org/sbl/%27%22)dnl FEATURE(`dnsbl', `relays.ordb.org', `"550 Email rejected due to sending server misconfiguration - see http://www.ordb.org/faq/%5C#why_rejected%22%27)dnl in my sendmail.mc file.
I also use all the dnsbl above plus spamcop.net which, I believe blocks far more spam than anything else.
FEATURE(`dnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?%22$&%7Bclient_addr%7D%27)dnl
Glenn wrote:
At 02:35 PM 3/4/2008, you wrote:
Sorry, not a direct CentOS question, but I know there's a lot of experienced users on this list...I'm using CentOS with sendmail and spamassassin. I've got it configured with spamass-milter and it is working correctly. However, I was expecting to be able to reject mail that is marked as spam, not just deliver it as usual. Anyone know if it can be done and how? I know a milter can reject mail, because I've used milter-grelist in the past to give temporary fail messages.
Following is my sendmail.m4 directive for spamass-milter:
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
Not sure, but I think you could use procmail to filter to a junk folder based upon parsing the SpamAssassin score. Also, you can block based on RBL in sendmail , or score in spamassassin.
That's exactly what I don't want to do. I don't want the mail being delivered to my system. That's why I'm using the milter. However the milter is doing the exact same thing as delivering it when it is marked as spam. That's what I am hoping to get some help with.
Tim Alberts wrote:
Glenn wrote:
At 02:35 PM 3/4/2008, you wrote:
Sorry, not a direct CentOS question, but I know there's a lot of experienced users on this list...I'm using CentOS with sendmail and spamassassin. I've got it configured with spamass-milter and it is working correctly. However, I was expecting to be able to reject mail that is marked as spam, not just deliver it as usual. Anyone know if it can be done and how? I know a milter can reject mail, because I've used milter-grelist in the past to give temporary fail messages.
Following is my sendmail.m4 directive for spamass-milter:
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
Not sure, but I think you could use procmail to filter to a junk folder based upon parsing the SpamAssassin score. Also, you can block based on RBL in sendmail , or score in spamassassin.
That's exactly what I don't want to do. I don't want the mail being delivered to my system. That's why I'm using the milter. However the milter is doing the exact same thing as delivering it when it is marked as spam. That's what I am hoping to get some help with.
The spamhaus RBLs are the most reliable in my opinion. They will kill about 60% of the spam and it's a reject at smtp. Note that for hosting or ISP environments, you should really pay them for this service.
There are milters for SpamAssassin. You can set them to reject mail at a particular score level. So, if for instance you felt comfortable with rejecting mail at a score of 10, which is pretty reliable, you can also do that at smtp level.
Just in case it hasn't been said, never bounce mail but only reject.
From there, I receive the mail and use procmail to deliver it into Spam folders in my user's mail areas. I have a script that runs once each day which removes any mail from these folders that is over X number of days old. I think I have that set to 5 days at the moment. So, it is self maintaining, you don't get a panic call from a client wondering why they didn't get that mistakenly marked as spam email as it's in their spam folder.
This is working pretty well for me. Oh, and BTW, I also run the clam av milter, so viruses get rejected at smtp level as well.
Best, John Hinton
John Hinton wrote:
There are milters for SpamAssassin. You can set them to reject mail at a particular score level. So, if for instance you felt comfortable with rejecting mail at a score of 10, which is pretty reliable, you can also do that at smtp level.
BINGO That's exactly what I'm trying to do with spamass-milter. However it either won't do it, or my configuration is incorrect. Mail marked as spam is still being delivered as normal?
Just in case it hasn't been said, never bounce mail but only reject.
Indeed, reject at the smtp level..yes..that's the goal.
Tim Alberts wrote:
John Hinton wrote:
There are milters for SpamAssassin. You can set them to reject mail at a particular score level. So, if for instance you felt comfortable with rejecting mail at a score of 10, which is pretty reliable, you can also do that at smtp level.
BINGO That's exactly what I'm trying to do with spamass-milter. However it either won't do it, or my configuration is incorrect. Mail marked as spam is still being delivered as normal?
It's how the milter is started. This is my slightly edited spamass-milter init.d file.
---------start--------------
#!/bin/bash # # Init file for Spamassassin sendmail milter. # # chkconfig: - 80 20 # description: spamass-milter is a daemon which hooks into sendmail and routes \ # email messages to spamassassin # # processname: spamass-milter # config: /etc/sysconfig/spamass-milter # pidfile: /var/run/spamass-milter
source /etc/rc.d/init.d/functions source /etc/sysconfig/network
# Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0
[ -x /usr/sbin/spamass-milter ] || exit 1
### Default variables SOCKET="/var/run/spamass.sock" EXTRA_FLAGS="-r 10" SYSCONFIG="/etc/sysconfig/spamass-milter"
### Read configuration [ -r "$SYSCONFIG" ] && source "$SYSCONFIG"
RETVAL=0 prog="spamass-milter" desc="Spamassassin sendmail milter"
start() { echo -n $"Starting $desc ($prog): " daemon $prog -p $SOCKET -f $EXTRA_FLAGS RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog return $RETVAL }
stop() { echo -n $"Shutting down $desc ($prog): " killproc $prog RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog return $RETVAL }
restart() { stop start }
case "$1" in start) start ;; stop) stop ;; restart|reload) restart ;; condrestart) [ -e /var/lock/subsys/$prog ] && restart RETVAL=$? ;; status) status $prog RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|condrestart|status}" RETVAL=1 esac
exit $RETVAL
--------- end file ---------
The key line is up there with Socket.... Extra Flags. The EXTRA_FLAGS="-r 10" line means that any email scoring 10 or above is rejected. Set this to whatever level you feel comfortable with. Personally after many years at this stuff... I think 10 is more accurate than a human. Delivering spam scored between 5 and 10 is not so bad.
From the docs....
-r nn Reject scanned email if it greater than or equal to nn. If -1, reject scanned email if SpamAssassin tags it as spam (useful if you are also using the -u flag, and users have changed their required_hits value).
My sendmail.mc entry
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=,T=C:15m;S:4m;R:4m;E:10m')dnl
Have fun!
John Hinton
John Hinton wrote:
Tim Alberts wrote:
John Hinton wrote:
There are milters for SpamAssassin. You can set them to reject mail at a particular score level. So, if for instance you felt comfortable with rejecting mail at a score of 10, which is pretty reliable, you can also do that at smtp level.
BINGO That's exactly what I'm trying to do with spamass-milter. However it either won't do it, or my configuration is incorrect. Mail marked as spam is still being delivered as normal?
It's how the milter is started. This is my slightly edited spamass-milter init.d file.
---------start--------------
#!/bin/bash # # Init file for Spamassassin sendmail milter. # # chkconfig: - 80 20 # description: spamass-milter is a daemon which hooks into sendmail and routes \ # email messages to spamassassin # # processname: spamass-milter # config: /etc/sysconfig/spamass-milter # pidfile: /var/run/spamass-milter
source /etc/rc.d/init.d/functions source /etc/sysconfig/network
# Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0
[ -x /usr/sbin/spamass-milter ] || exit 1
### Default variables SOCKET="/var/run/spamass.sock" EXTRA_FLAGS="-r 10" SYSCONFIG="/etc/sysconfig/spamass-milter"
### Read configuration [ -r "$SYSCONFIG" ] && source "$SYSCONFIG"
RETVAL=0 prog="spamass-milter" desc="Spamassassin sendmail milter"
start() { echo -n $"Starting $desc ($prog): " daemon $prog -p $SOCKET -f $EXTRA_FLAGS RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog return $RETVAL }
stop() { echo -n $"Shutting down $desc ($prog): " killproc $prog RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog return $RETVAL }
restart() { stop start }
case "$1" in start) start ;; stop) stop ;; restart|reload) restart ;; condrestart) [ -e /var/lock/subsys/$prog ] && restart RETVAL=$? ;; status) status $prog RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|condrestart|status}" RETVAL=1 esac
exit $RETVAL
--------- end file ---------
The key line is up there with Socket.... Extra Flags. The EXTRA_FLAGS="-r 10" line means that any email scoring 10 or above is rejected. Set this to whatever level you feel comfortable with. Personally after many years at this stuff... I think 10 is more accurate than a human. Delivering spam scored between 5 and 10 is not so bad.
From the docs....
-r nn Reject scanned email if it greater than or equal to nn. If
-1, reject scanned email if SpamAssassin tags it as spam (useful if you are also using the -u flag, and users have changed their required_hits value).
My sendmail.mc entry
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=,T=C:15m;S:4m;R:4m;E:10m')dnl
Have fun!
John Hinton
Oops! I knew there was another place to do this.
In /etc/sysconfig/spamass-milter
Here's my config override. I apparently looked at the config on the first machine I set up this way which had it in the init file.
### Override for your different local config #SOCKET=/var/run/spamass.sock
### Default parameter for spamass-milter is -f (work in the background) ### you may add another parameters here, see spamass-milter(1) EXTRA_FLAGS="-r 10"
Best, John Hinton
John that is perfect, exactly what I was looking for.
Thank you and thanks to everyone that contributed.
I guess it's apparent I don't read man pages very well.
Tim Alberts wrote:
John that is perfect, exactly what I was looking for.
Thank you and thanks to everyone that contributed.
I guess it's apparent I don't read man pages very well.
Does any 'man'? I normally start to get really worried about myself when I actually understand one on the first read through. :)
BTW, I'm pretty darned certain that Dag has a spamass-milter rpm in his repository if your hooked into that. But, seems like for a day or so it's not reachable as you've seen on this list. Dag hangs out here a lot which is likely why the trouble was posted here.
And now to poke just a bit of fun at a person that does fantastic work for this community!
I notice he seems to be lying low the last day or so with regards to this list! ;)
Seriously though, I bet he is concentrating on one and only one thing and that's getting his stuff back into a state of availability.
Best, John Hinton
on 3-4-2008 12:32 PM Tim Alberts spake the following:
Glenn wrote:
At 02:35 PM 3/4/2008, you wrote:
Sorry, not a direct CentOS question, but I know there's a lot of experienced users on this list...I'm using CentOS with sendmail and spamassassin. I've got it configured with spamass-milter and it is working correctly. However, I was expecting to be able to reject mail that is marked as spam, not just deliver it as usual. Anyone know if it can be done and how? I know a milter can reject mail, because I've used milter-grelist in the past to give temporary fail messages.
Following is my sendmail.m4 directive for spamass-milter:
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
Not sure, but I think you could use procmail to filter to a junk folder based upon parsing the SpamAssassin score. Also, you can block based on RBL in sendmail , or score in spamassassin.
That's exactly what I don't want to do. I don't want the mail being delivered to my system. That's why I'm using the milter. However the milter is doing the exact same thing as delivering it when it is marked as spam. That's what I am hoping to get some help with.
Looking at the docs, spamass-milter doesn't do any rejecting. I believe you can do it with mimedefang, but you will have to go through their docs to figure it out.
Scott Silva wrote:
on 3-4-2008 12:32 PM Tim Alberts spake the following:
That's exactly what I don't want to do. I don't want the mail being delivered to my system. That's why I'm using the milter. However the milter is doing the exact same thing as delivering it when it is marked as spam. That's what I am hoping to get some help with.
Looking at the docs, spamass-milter doesn't do any rejecting. I believe you can do it with mimedefang, but you will have to go through their docs to figure it out.
OK, that's what I was suspicious of.
I've been reading the sendmail docs for header tests thinking I can write something in sendmail that will look for the X-Spam-flag header and reject based on that. Anyone try that yet?
on 3-4-2008 1:03 PM Tim Alberts spake the following:
Scott Silva wrote:
on 3-4-2008 12:32 PM Tim Alberts spake the following:
That's exactly what I don't want to do. I don't want the mail being delivered to my system. That's why I'm using the milter. However the milter is doing the exact same thing as delivering it when it is marked as spam. That's what I am hoping to get some help with.
Looking at the docs, spamass-milter doesn't do any rejecting. I believe you can do it with mimedefang, but you will have to go through their docs to figure it out.
OK, that's what I was suspicious of.
I've been reading the sendmail docs for header tests thinking I can write something in sendmail that will look for the X-Spam-flag header and reject based on that. Anyone try that yet?
I guess I will have to take back my posting. It looks like it will reject. It is just a little buried in the docs.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org]On Behalf Of Glenn Sent: Tuesday, March 04, 2008 2:00 PM To: CentOS mailing list Subject: Re: [CentOS] Rejecting spam
At 02:35 PM 3/4/2008, you wrote:
Sorry, not a direct CentOS question, but I know there's a lot of experienced users on this list...I'm using CentOS with sendmail and spamassassin. I've got it configured with spamass-milter and it is working correctly. However, I was expecting to be able to reject mail that is marked as spam, not just deliver it as usual. Anyone know if it can be done and how? I know a milter can reject mail, because I've used milter-grelist in the past to give temporary
fail messages
Not really a good idea to reject all spam. Spam filtering is not that black and white. Suppose a legitmate email gets tagged as Spam. This does happen trust me and more than likely its a email your boss has been waiting for. You'll want a some way to retrieve it.
Following is my sendmail.m4 directive for spamass-milter:
INPUT_MAIL_FILTER(`spamassassin', `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
Not sure, but I think you could use procmail to filter to a junk folder based upon parsing the SpamAssassin score. Also, you can block based on RBL in sendmail , or score in spamassassin.
I use MailScanner with SpamAssassin and swear by it!
Happy (mostly), very vital list group. The author is very actively answering questions and requests. Can't get much better support!
Cheers!
I use mailscanner also, works great.
I delete whats called high scoring spam and deliver the low scoring spam. Since the low scoring spam is tagged as spam. You can either use mail client rules or a procmail receipe to move it to another folder. That way, the user can retieve it themselves.
-- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.21.4/1309 - Release Date: 3/3/2008 6:50 PM
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Dan Carl wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org]On Behalf Of Glenn Sent: Tuesday, March 04, 2008 2:00 PM To: CentOS mailing list Subject: Re: [CentOS] Rejecting spam
At 02:35 PM 3/4/2008, you wrote:
Sorry, not a direct CentOS question, but I know there's a lot of experienced users on this list...I'm using CentOS with sendmail and spamassassin. I've got it configured with spamass-milter and it is working correctly. However, I was expecting to be able to reject mail that is marked as spam, not just deliver it as usual. Anyone know if it can be done and how? I know a milter can reject mail, because I've used milter-grelist in the past to give temporary
fail messages
Not really a good idea to reject all spam. Spam filtering is not that black and white. Suppose a legitmate email gets tagged as Spam. This does happen trust me and more than likely its a email your boss has been waiting for. You'll want a some way to retrieve it.
I think it's a wonderful idea to not let spam into the server at all. If a legitimate sender is sending email that is inadvertently marked as spam, it will be returned to sender and they will be notified. That's actually why I'm trying to switch to a 'don't let it in to begin with' policy. Currently I use the spamassassin to mark spam and clients get their email and have a habit of giving the spam folder a glance over looking for legitimate email. Well, that completely defeats the purpose of marking them spam to begin with?
I'm basing this decision on having run an email server for the last 8 years, listening to the complaints of huge spam folders and mail being 'lost' in the trash because it was falsely marked as spam.