> On 28. Dec 2023, at 22:17, Martijn van Duren <[email protected]> > wrote: > > On Thu, 2023-12-28 at 20:05 +0100, Kirill A. Korinsky wrote: >> >> >> Example of software is sieve: as far as I know it doesn't support matching >> case insensitive strings. > > Does this currently pose a problem for anyone? If not I don't see a > reason to make a new release for it.
Well, right now it should be written in sieve like this:
> if anyof(header :is "X-Spam" "yes", header :is "X-Spam" "Yes") {
> fileinto :create "Junk";
> }
a bit ugly but I agree that it's not enough for a release.
>>
>> I've read the code and I agree that implementing whitelist can be quite
>> tricky.
>>
>> Anyway, I do have one idea: let introduce flag -i (inverse). It should
>> remove X-Spam: yes if matches with -m.
>
> Why? What does this bring? Why do you need this?
Right now I'm making a kind of the experiment: living without any statistical
analyser for my mail.
The hypotesa: usual mail traffic for family mail server is too small to make
statistical analyser like spamassasian useful by impact of mails.
So, I'm testing another approach: only DNSBL which delivers everything that is
matched into Junk folder.
Long story short I do have the following configuration:
- NiX Spam and blocklist.de <http://blocklist.de/> at spamd
- smptd configuration:
> filter dnsbl proc-exec "filter-dnsbl -m \
> all.spamrats.com \
> bip.virusfree.cz \
> bl.mailspike.org \
> bl.spamcop.net \
> bl.spameatingmonkey.net \
> cbl.abuseat.org \
> dnsbl-1.uceprotect.net \
> dnsbl.dronebl.org \
> mail-abuse.blacklist.jippg.org \
> psbl.surriel.com \
> rbl.0spam.org \
> truncate.gbudb.net \
> zen.spamhaus.org \
> XXX.combined.mail.abusix.zone \
> "
>
> filter dnswl proc-exec "filter-dnsbl -m \
> XXX.white.mail.abusix.zone \
> "
>
> filter "senderscore" proc-exec "filter-senderscore -junkBelow 70"
>
> listen on egress inet4 port smtp tls pki mx1.catap.net \
> filter { "rdns", "fcrdns", dnsbl, dnswl, "senderscore" }
- and sieve script to move mail:
> if allof(
> anyof(header :is "X-Spam" "yes", header :is "X-Spam" "Yes"),
> not header :is "X-Spam-DNSBL" "Listed at white.mail.abusix.zone") {
> fileinto :create "Junk";
> }
this works like a charm, really.
The idea of both changes to use white lists to remove X-Spam: yes from both
negative filters.
>>
>> But I haven't see any easy way to implement it for non -m case.
>>
>> During read the code of this filter I guess I've found third point which I'd
>> like to raise: filter fails in the case when one of provided DNSBL returns
>> error.
>>
>> Shall it continue?
>
> If a filter (or the intermediate DNS layer) returns an error we are in
> limbo. If we accept the mail, but it's listed we're probably delivering
> spam; if we reject the mail we're very likely to drop legit mail. Both
> are undesirable. Failing the message asking to try again later seems the
> safest option to me.
I see your point.
My point: user may wait messages and to be very nervous if it delayed for a
while.
Important message means something like a ticket for a train in 5-15 minutes or
something like that.
And here DNS seems like a single point of failure.
I think that it should be configurable by bypass DNS error by probability of
delivering spam instead of delaying everything.
--
wbr, Kirill
signature.asc
Description: Message signed with OpenPGP
