Eddy, > I'd like to continously update whitelist for spamassassin of recipients > that my sasl users have sent mail to (i.e. when the recipients reply > they will surely not be considered as spam). I am not using per-user > spamassassin configurations (only a global configuration). > > I've found several approaches but none seems to fit... Where is the best > place to insert a script that grabs recipient of mails being sent by > sasl-authenticated users?
Amavis offers this functionality through its PenPals feature. It keeps info on past messages in evidence (in SQL) and correlates sender/recipient pairs of incoming mail with their previous correspondence, but can also match previous correspondence based on Message-ID of a past message with a References or In-Reply-To header fields of new messages, which can deal also with mailing lists traffic or certain auto-responses. If an inbound message is found to match a past outbound correspondence, then negative score points are contributed to SpamAssassin score. The contributed score points are computed by an exponential decay formula, taken into account time from the last matching correspondence, a half-life interval, and a max allowed contribution score. By pushing these limits a hard whitelisting can be achieved, although keeping more moderate settings normally suffices. Search for "pen pals soft-whitelisting" in amavisd release notes for details. Mark
