On 7/8/2015 8:22 AM, Sam Varshavchik wrote:
> Lucio Crusca writes:
>
>> Hello all,
>>
>> here are the first four lines of my .mailfilter file
>> (lucio_at_sulweb_dot_org account):
>>
>> if (/^X-Spam-Flag: Yes/)
>> {
>> to Maildir/.spam/
>> }
>>
>> The system wide DEFAULTDELIVERY includes SpamAssassin:
>>
>> # cat /etc/courier/courierd | grep ^DEFAULTDELIVERY
>> DEFAULTDELIVERY="|/usr/bin/spamc|/usr/bin/maildrop"
>>
>> That's working ok.
>>
>> The same server hosts another domain, namely softwareliberopinerolo.org,
>> which has the info@ account that sends CC of every message to my
>> account. Here is its .mailfilter
>>
>> root@nmx:/home/mail/softwareliberopinerolo.org/info# cat .mailfilter
>> cc "[email protected]"
>>
>> Now the problem is that spamc is being called twice for CC'ed messages:
>> the first time (info@) spamc correctly marks the messages as spam, but
>> the second time (lucio@) the message is considered ham because the first
>> spamc execution had already wrapped it in a "Spam detection software,
>> running on the system nmx.sulweb.org, has identified..." container. So
>> the second spamc run "overwrites" X-Spam-Flag and X-Spam-Level headers,
>> and my .mailfilter does not move the message to the spam folder anymore.
>>
>> Solutions?
>
> Instead of running spamc from DEFAULTDELIVERY, run it via xfilter from
> /etc/courier/maildroprc only if the mail does not already have
> SpamAssassin's headers.
>
> This is not a perfect solution. Someone sending you spam can easily
> add the same headers to the spam, thus bypassing your spam filters.
If you disable the wrapping of the message in SA (report_safe 0), then
the second run will be able to score the message properly. The only
difference is that spams will be delivered to your spam filter
unmodified other than the header and subject line markup.
Not an ideal solution since you are still calling SA twice for these
messages, but at least they will be classified correctly.
> Ideally, this should be handled entirely by SpamAssassin, which should
> pass through the message immediately, unmodified, if the message was
> already tagged with its headers. Each individual SpamAssassin's
> installation should generate a long random token, include it in the
> headers of all filtered messages, and pass through the message,
> unfiltered, if it already has its own token.
Interesting idea, but if you are also filtering outbound mail, then
anyone receiving your mail will know how to bypass your spam filter
unless you somehow delete the SA headers for the outbound messages.
--
Bowie
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
