[CentOS] Rejecting spam

John Hinton webmaster at ew3d.com
Tue Mar 4 20:40:28 UTC 2008 

Tim Alberts wrote:
> Glenn wrote:
>> At 02:35 PM 3/4/2008, you wrote:
>>
>>> Sorry, not a direct CentOS question, but I know there's a lot of 
>>> experienced users on this list...I'm using CentOS with sendmail and 
>>> spamassassin. I've got it configured with spamass-milter and it is 
>>> working correctly.  However, I was expecting to be able to reject 
>>> mail that is marked as spam, not just deliver it as usual.  Anyone 
>>> know if it can be done and how?  I know a milter can reject mail, 
>>> because I've used milter-grelist in the past to give temporary fail 
>>> messages.
>>>
>>> Following is my sendmail.m4 directive for spamass-milter:
>>>
>>> INPUT_MAIL_FILTER(`spamassassin', 
>>> `S=unix:/var/run/spamass-milter/spamass-milter.sock, F=, 
>>> T=C:15m;S:4m;R:4m;E:10m')dnl
>>> define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, 
>>> {if_name}, {if_addr}')dnl
>>> define(`confMILTER_MACROS_HELO',`s, {tls_version}, {cipher}, 
>>> {cipher_bits}, {cert_subject}, {cert_issuer}')dnl
>>
>> Not sure, but I think you could use procmail to filter to a junk 
>> folder based upon parsing the SpamAssassin score. Also, you can block 
>> based on RBL in sendmail , or score in spamassassin.
>>
> That's exactly what I don't want to do.  I don't want the mail being 
> delivered to my system.  That's why I'm using the milter.  However the 
> milter is doing the exact same thing as delivering it when it is 
> marked as spam.  That's what I am hoping to get some help with.
>
The spamhaus RBLs are the most reliable in my opinion. They will kill 
about 60% of the spam and it's a reject at smtp. Note that for hosting 
or ISP environments, you should really pay them for this service.

There are milters for SpamAssassin. You can set them to reject mail at a 
particular score level. So, if for instance you felt comfortable with 
rejecting mail at a score of 10, which is pretty reliable, you can also 
do that at smtp level.

Just in case it hasn't been said, never bounce mail but only reject.

 From there, I receive the mail and use procmail to deliver it into Spam 
folders in my user's mail areas. I have a script that runs once each day 
which removes any mail from these folders that is over X number of days 
old. I think I have that set to 5 days at the moment. So, it is self 
maintaining, you don't get a panic call from a client wondering why they 
didn't get that mistakenly marked as spam email as it's in their spam 
folder.

This is working pretty well for me. Oh, and BTW, I also run the clam av 
milter, so viruses get rejected at smtp level as well.

Best,
John Hinton

More information about the CentOS mailing list