Re: Training new spamass-milter setup
Am 17.02.2015 um 23:37 schrieb LuKreme: On 17 Feb 2015, at 08:27 , Robert Schetterer r...@sys4.de wrote: Am 17.02.2015 um 16:13 schrieb LuKreme: OK, so I have spamass-milter running, but I need to train it. What is the proper way to do this? you dont train spamass-milter, you should train spamassassin spamassassin has existing user-specific training already in place. Spamass-milter isn’t using the user DBs. because in a default milter-setup the one and only user is the user which SA and the miler service are running as, hence my script which needs maybe small adjustments for your environment (--no-sync and so on depend on the config, directories needs to exist and permissions for samples needs to be correct) no mysql and what not, just a default bayes-db, two traing-folders for ham and spam and the script for feed new eml-samples as well as the option for ac omplete rebuild based on the current samples, the corpus will stay forever on that machines and samples are named -mm-dd-number.eml hence we start spamd as well as the milter service with the same user, both on a high port and directly with the correct user and group with systemd after that all relevant is in milter-home below .spamassassin and the global settings as usal in local.cf that setup with the global bayes is now running for 6 months replacing a commercial solution after 10 years and after all the training and adjustment effort i have never faced a more accurate filter in case of spam as well of ham to prevent false positives signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
On 02/17/2015 11:16 PM, ricky gutierrez wrote: 2015-02-17 16:10 GMT-06:00 Axb axb.li...@gmail.com: _ also prevented by my suggestion of header_checks BCC with Postfix 3.0 Note 1: the BCC address is added as if it was specified with NOTIFY=NONE. The sender will not be notified when the BCC address is undeliverable, as long as all down-stream software implements RFC 3461. to each his own... I'd endorse lighweight Fuglu (http://fuglu.org) and its plugin framework which give you all the bells whistles without bending depending of a particular Postfix version. this replaces amavisd-new? it's an alternative, different approach, different language..
Re: Training new spamass-milter setup
Am 17.02.2015 um 23:37 schrieb LuKreme: On 17 Feb 2015, at 08:27 , Robert Schetterer r...@sys4.de wrote: Am 17.02.2015 um 16:13 schrieb LuKreme: OK, so I have spamass-milter running, but I need to train it. What is the proper way to do this? you dont train spamass-milter, you should train spamassassin spamassassin has existing user-specific training already in place. Spamass-milter isn’t using the user DBs. additionally do my previous mail some technical facts how the milter works: * postfix connects to the milter * the milter connects to spamd via TCP * spamd fires up if not present spamc forks * they are running as the ilter user * spamassassin running as that user proceeds the scan * spamassassin adds his headers to the messge * the new message with headers is passed back to the milter * the milter parses the headers * especially the score * based on that score it gives back to postfix the reject command * the parsing of that headers is *case sensitive* * replace the score=_SCORE_ below with Score=_SCORE_ and spamass-milter won't ever reject a mail, been there, done that * add_header spam Flag _YESNO_ needs to be present in case of spam not rejected, otherwise rewrite_header won't work which is where i called to outright lying as i reported that back here months ago # header configuration clear_headers fold_headers 1 add_header spam Flag _YESNO_ add_header all Status _YESNO_, score=_SCORE_, tag-level=_REQD_, block-level=8.0 report_safe 0 add_header all Report Flag: _YESNO_, _REPORT_ rewrite_header Subject [SPAM] signature.asc Description: OpenPGP digital signature
Re: Training new spamass-milter setup
On 17 Feb 2015, at 15:46 , Reindl Harald h.rei...@thelounge.net wrote: because in a default milter-setup the one and only user is the user which SA and the miler service are running as, hence my script which needs maybe small adjustments for your environment (--no-sync and so on depend on the config, directories needs to exist and permissions for samples needs to be correct) Right. I’m going through your scripts now. They look interesting and with only a few weeks should drop in perfectly. no mysql and what not, just a default bayes-db, two traing-folders for ham and spam and the script for feed new eml-samples as well as the option for ac omplete rebuild based on the current samples, the corpus will stay forever on that machines and samples are named -mm-dd-number.eml Setting up the spam and ham corpus separately is on thing holding me up right now, and I’d honestly rather run with a mysql database, but I’m sure that is possible with some tweaking to the scripts, which I may or may not do. -- There is a road, no simple highway, between the dawn and the dark of night
Training new spamass-milter setup
OK, so I have spamass-milter running, but I need to train it. What is the proper way to do this? -- What beep from yonder speaker sounds?
Re: Training new spamass-milter setup
Am 17.02.2015 um 16:13 schrieb LuKreme: OK, so I have spamass-milter running, but I need to train it. What is the proper way to do this? cat /var/lib/spamass-milter/training/learn.sh #!/usr/bin/bash # Home-Directory und Name des Milter-Users SA_MILTER_HOME=/var/lib/spamass-milter SA_MILTER_USER=sa-milt # Sicherstellen dass wir nicht als 'root' laufen if test `whoami` = $SA_MILTER_USER then /bin/echo /dev/null else /bin/echo Das Script 'learn.sh' muss als Benutzer '$SA_MILTER_USER' aufgerufen werden exit fi # Wechsel in Home-Directory damit sich 'find' nicht beschwert cd $SA_MILTER_HOME # Check ob erster Parameter leer 'rebuild' oder eine Zahl ist SHOW_HELP=0 if [ $1 == rebuild ] || [ $1 == ] || [ `echo $((($1*2)/2))` == $1 ]; then # Kompletter Rebuild angefordert (Temp-Folder und Move nach Abschluss) if [ $1 == rebuild ]; then # Temp-Folder sicherstellen in dem wir die neue Datenbank aufbauen BAYES_TEMP=$SA_MILTER_HOME/training/.temp mkdir $BAYES_TEMP 2 /dev/null /dev/null # Bayes-Reset /usr/bin/sa-learn --dbpath $BAYES_TEMP/bayes --clear # SPAM-Training MY_TIME=$(/usr/bin/date +%d-%m-%Y %H:%M:%S) echo $MY_TIME: Verarbeite SPAM Samples nice -n 19 /usr/bin/sa-learn --dbpath $BAYES_TEMP/bayes --max-size=0 --no-sync --progress --spam $SA_MILTER_HOME/training/spam/ MY_TIME=$(/usr/bin/date +%d-%m-%Y %H:%M:%S) echo $MY_TIME: Synchronisiere Journal nice -n 19 /usr/bin/sa-learn --dbpath $BAYES_TEMP/bayes --sync echo # HAM-Training MY_TIME=$(/usr/bin/date +%d-%m-%Y %H:%M:%S) echo $MY_TIME: Verarbeite HAM Samples nice -n 19 /usr/bin/sa-learn --dbpath $BAYES_TEMP/bayes --max-size=0 --no-sync --progress --ham $SA_MILTER_HOME/training/ham/ MY_TIME=$(/usr/bin/date +%d-%m-%Y %H:%M:%S) echo $MY_TIME: Synchronisiere Journal nice -n 19 /usr/bin/sa-learn --dbpath $BAYES_TEMP/bayes --sync echo # Neu generierte Datenbank in den eigentlichen Folder verschieben mv -f $BAYES_TEMP/bayes_seen $BAYES_TEMP/bayes_toks $SA_MILTER_HOME/.spamassassin/ sync # Nur neue Samples direkt in die Live-Datenbank verarbeiten else # Default auf aktuellen Tag oder Parameter if [ $1 == ]; then TRAIN_DAYS=1 else TRAIN_DAYS=$1 fi # SPAM-Training MY_TIME=$(/usr/bin/date +%d-%m-%Y %H:%M:%S) echo $MY_TIME: Verarbeite SPAM Samples nice -n 19 /usr/bin/find $SA_MILTER_HOME/training/spam/ -type f -mtime -$TRAIN_DAYS | xargs -r /usr/bin/sa-learn --max-size=0 --no-sync --spam nice -n 19 /usr/bin/sa-learn --sync echo # HAM-Training MY_TIME=$(/usr/bin/date +%d-%m-%Y %H:%M:%S) echo $MY_TIME: Verarbeite HAM Samples nice -n 19 /usr/bin/find $SA_MILTER_HOME/training/ham/ -type f -mtime -$TRAIN_DAYS | xargs -r /usr/bin/sa-learn --max-size=0 --no-sync --ham nice -n 19 /usr/bin/sa-learn --sync echo fi else SHOW_HELP=1 fi # Hilfe ausgeben if [ $1 == --help ] || [ $1 == -h ] || [ $SHOW_HELP == 1 ]; then echo Bayes-Maintaining-Skript echo Usage: echo rebuild: Bayes komplett zuruecksetzen und anhand der Samples neu aufbauen echo days: Alter der zu trainierenden Samples in Tagen (Default: 1) exit fi # Training abgeschlossen MY_TIME=$(/usr/bin/date +%d-%m-%Y %H:%M:%S) echo $MY_TIME: Done echo # Bayes-Statistik ausgeben nice -n 19 /usr/bin/sa-learn --dump magic echo # Listing des Userhomes ausgeben (Size 'bayes_toks' interessant) /usr/bin/ls -l -h --time-style=long-is $SA_MILTER_HOME/.spamassassin/ echo signature.asc Description: OpenPGP digital signature
Re: FreeMail Plugin
2015-02-17 10:52 GMT-06:00 Kevin A. McGrail kmcgr...@pccc.com: That variable comes from $Mail::SpamAssassin::Util::RegistrarBoundaries::VALID_TLDS_RE; Hi Kevin, good to hear around here, Sounds like you might have some mish-mash of SpamAssassin versions and plugins. well , update to version spamassassin-3.3.2-4.el6.rfx.x86_64 -- rickygm http://gnuforever.homelinux.com
FreeMail Plugin
Hi, I have been updating some dependencies CPAN, but spamassassin shows that warn: spamassassin --lint [18198] warn: Use of uninitialized value $tlds in regexp compilation at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/FreeMail.pm line 121. someone on the list could explain this warn? my best regards -- rickygm http://gnuforever.homelinux.com
Re: FreeMail Plugin
On 2/17/2015 11:42 AM, ricky gutierrez wrote: Hi, I have been updating some dependencies CPAN, but spamassassin shows that warn: spamassassin --lint [18198] warn: Use of uninitialized value $tlds in regexp compilation at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/FreeMail.pm line 121. someone on the list could explain this warn? my best regards That variable comes from $Mail::SpamAssassin::Util::RegistrarBoundaries::VALID_TLDS_RE; Sounds like you might have some mish-mash of SpamAssassin versions and plugins.
Re: Training new spamass-milter setup
On 17.02.15 08:13, LuKreme wrote: OK, so I have spamass-milter running, but I need to train it. What is the proper way to do this? if you use -u parameter (maybe with -x), you should train it as the user who receives the mail -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. How does cat play with mouse? cat /dev/mouse
Re: Uptick in spam
Am 17.02.2015 um 15:19 schrieb LuKreme: On 16 Feb 2015, at 12:01 , Reindl Harald h.rei...@thelounge.net wrote: given that 24266 messages had BAYES_00 with a total number of 30401 delivered mails in the current month that training strategy seems to work well [root@mail-gw:~]$ bayes-stats.sh What is bayes-stats.sh? as simple shell script #!/usr/bin/dash su -c /usr/bin/sa-learn --dump magic sa-milt echo su -c /usr/bin/ls -l -h --color=tty -X --group-directories-first --time-style=long-iso /var/lib/spamass-milter/.spamassassin/ sa-milt echo su -c echo \BAYES_00: `grep 'BAYES_00,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_05: `grep 'BAYES_05,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_20: `grep 'BAYES_20,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_40: `grep 'BAYES_40,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_50: `grep 'BAYES_50,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_60: `grep 'BAYES_60,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_80: `grep 'BAYES_80,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_95: `grep 'BAYES_95,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_99: `grep 'BAYES_99,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron su -c echo \BAYES_999: `grep 'BAYES_999,' /var/log/maillog | grep -c 'spamd: result:'`\ wwwcron echo su -c echo \Delivered: `grep 'relay=' /var/log/maillog | grep -c 'status=sent'`\ wwwcron su -c echo \SpamAssassin: `grep -c 'Blocked by SpamAssassin' /var/log/maillog`\ wwwcron signature.asc Description: OpenPGP digital signature
Re: Training new spamass-milter setup
Am 17.02.2015 um 16:13 schrieb LuKreme: OK, so I have spamass-milter running, but I need to train it. What is the proper way to do this? you dont train spamass-milter, you should train spamassassin http://spamassassin.apache.org/full/3.0.x/dist/doc/sa-learn.html Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Re: Uptick in spam
On 16 Feb 2015, at 12:01 , Reindl Harald h.rei...@thelounge.net wrote: given that 24266 messages had BAYES_00 with a total number of 30401 delivered mails in the current month that training strategy seems to work well [root@mail-gw:~]$ bayes-stats.sh What is bayes-stats.sh? -- I have a cunning plan.
Re: DKIM dependency issues
Hi, Feb 15 18:44:41.383 [16434] dbg: spf: [...] Compilation failed in require at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/SPF.pm line 500. Looks to me like the same issue (but a different symptom) as reported my mls mid January 2015 on the SA users mailing list: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping ... I can now reproduce it here now (only with SPF, not with DKIM or in compiling header tests). configuration issue, but it only happens on mbox files. The ones I've tested have only one message. The only happens on mbox files was a key, thanks! It does not seem to be a misconfiguration, more like a genuine bug somewhere in the @INC or 'require' logic. Awesome. it really looked like a configuration problem, but there wasn't nothing in my mail logs along these lines - it was only when run from the command-line. I was also pretty sure that mail-spf-query has long been deprecated in favor of mail-spf so I didn't want to go that route, and I know my config has been working well on multiple machines for quite a while. Is there now a bug report submitted for this? Not yet. I'm trying to boil it down to a manageable test case. So far it seems it will end up as a perl bug report. Please open a SA problem report so that the issue can be tracked. There may be a workaround, but first the problem must be understood. Bug opened here: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7140 Thanks, Alex
Re: Some tips email gateway
2015-02-17 13:06 GMT-06:00 Jeremy McSpadden jer...@fluxlabs.net: Are you using any RBLs with postfix ? -- Yes , only these two: reject_rbl_client pbl.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, -- rickygm http://gnuforever.homelinux.com
Re: Some tips email gateway
On Tuesday 17 Feb 2015 at 20:05, ricky gutierrez wrote: 2015-02-17 13:44 GMT-06:00 Reindl Harald h.rei...@thelounge.net: where the ccount lives don't matter the only resticiton is that header_checks BCC in Postfix 3.0 only works for header_checks and *not* smtp_header_checks, hence it need to be defined on the downstream server instead on the MX Reindl let me understand, the postfix could leave a copy BCC locally on the gateway, or send a copy to another MX server defined in my bind? BCCs will be delivered wherever the address points to. If your gateway has mail accounts (unlikely?) then they can be delivered there; otherwise they'll go to whichever is the MX for the BCC address. where the target address itself is located don't matter, postfix just generates a BCC and sends it to that local or remote address but be sure you consider the legal implications! if this is'll have to talk to my boss. Basically, you must ensure that nobody ever sees the emails - they must only be used for automated processing, unless there is a very good and justified reason for looking at some of them to investigate problems etc (and even in this case the person is only allowed to look at the part of the email needed to investigate - so if they need to see the body of a false-positive ham- identified-as-spam, they shouldn't look at the headers. If they need to see the headers, they almost certainly shouldn't see the recipient (since that's very unlikely ever to be involved in classifying an email as ham or spam)). Hope that helps, Antony. -- #define SIX 1+5 #define NINE 8+1 int main() { printf(%d\n, SIX * NINE); } - thanks to ECB for bringing this to my attention Please reply to the list; please *don't* CC me.
Re: Some tips email gateway
ok I'll be test with their advice, I will be in touch with you regardss 2015-02-17 14:16 GMT-06:00 Antony Stone antony.st...@spamassassin.open.source.it: On Tuesday 17 Feb 2015 at 20:05, ricky gutierrez wrote: 2015-02-17 13:44 GMT-06:00 Reindl Harald h.rei...@thelounge.net: where the ccount lives don't matter the only resticiton is that header_checks BCC in Postfix 3.0 only works for header_checks and *not* smtp_header_checks, hence it need to be defined on the downstream server instead on the MX Reindl let me understand, the postfix could leave a copy BCC locally on the gateway, or send a copy to another MX server defined in my bind? BCCs will be delivered wherever the address points to. If your gateway has mail accounts (unlikely?) then they can be delivered there; otherwise they'll go to whichever is the MX for the BCC address. where the target address itself is located don't matter, postfix just generates a BCC and sends it to that local or remote address but be sure you consider the legal implications! if this is'll have to talk to my boss. Basically, you must ensure that nobody ever sees the emails - they must only be used for automated processing, unless there is a very good and justified reason for looking at some of them to investigate problems etc (and even in this case the person is only allowed to look at the part of the email needed to investigate - so if they need to see the body of a false-positive ham- identified-as-spam, they shouldn't look at the headers. If they need to see the headers, they almost certainly shouldn't see the recipient (since that's very unlikely ever to be involved in classifying an email as ham or spam)). Hope that helps, Antony. -- #define SIX 1+5 #define NINE 8+1 int main() { printf(%d\n, SIX * NINE); } - thanks to ECB for bringing this to my attention Please reply to the list; please *don't* CC me. -- rickygm http://gnuforever.homelinux.com
Re: Some tips email gateway
Am 17.02.2015 um 21:05 schrieb ricky gutierrez: 2015-02-17 13:44 GMT-06:00 Reindl Harald h.rei...@thelounge.net: where the ccount lives don't matter the only resticiton is that header_checks BCC in Postfix 3.0 only works for header_checks and *not* smtp_header_checks, hence it need to be defined on the downstream server instead on the MX Reindl let me understand, the postfix could leave a copy BCC locally on the gateway, or send a copy to another MX server defined in my bind? the gateway *can't fo* anything than add the headers so that they match the regex from my first response on the destinations servers header_checks apply for incoming smtp smtp_header_checks apply for outgoing smtp BCC is only valid for *incoming* smtp hence these rules needs to be on the *final destination* we have also a global postfix running all sort of filters and deliver filtered mail to currently 2 postfix servers with dbmail as storage/IMAP/POP3 and hence on both downstream server are identical header_checks with the same BCC adress which is finally on one of them both final destination servers are stoarge and submission only, hence the MX delivers on a own port in master.cf defined skipping milters to not re-scan messages again (-o receive_override_options=no_milters) http://www.postfix.org/header_checks.5.html ACTIONS BCC user@domain Add the specified address as a BCC recipient This feature is available in Postfix 3.0 and later. This feature is not supported with smtp header/body checks. where the target address itself is located don't matter, postfix just generates a BCC and sends it to that local or remote address but be sure you consider the legal implications! if this is'll have to talk to my boss do that and in any case write a sieve-rule for the central account which get's the BCC to discard anything but messages to listed envelopes signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
Am 17.02.2015 um 20:25 schrieb ricky gutierrez: 2015-02-17 13:06 GMT-06:00 Jeremy McSpadden jer...@fluxlabs.net: Are you using any RBLs with postfix ? Yes , only these two: reject_rbl_client pbl.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org while my other answer solves the how to get training messages problem with a recent postfix you have postscreen and can add a ton of RBL's with different scoring to prevent false positives while reject much more spam with the postscreen config below your SA will mostly have only to handle junk from compromised accounts and so the remaining bayes training according to my previous answer is way less work postscreen_dnsbl_ttl = 5m postscreen_dnsbl_threshold = 8 postscreen_dnsbl_action = enforce postscreen_greet_action = enforce postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*7 dnsbl.inps.de=127.0.0.2*7 bl.mailspike.net=127.0.0.2*5 bl.mailspike.net=127.0.0.[10;11;12]*4 dnsbl.sorbs.net=127.0.0.10*8 dnsbl.sorbs.net=127.0.0.5*6 dnsbl.sorbs.net=127.0.0.7*3 dnsbl.sorbs.net=127.0.0.8*2 dnsbl.sorbs.net=127.0.0.6*2 dnsbl.sorbs.net=127.0.0.9*2 zen.spamhaus.org=127.0.0.[10;11]*8 zen.spamhaus.org=127.0.0.[4..7]*6 zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.4*1 hostkarma.junkemailfilter.com=127.0.1.2*1 wl.mailspike.net=127.0.0.[18;19;20]*-2 list.dnswl.org=127.0.[0..255].0*-2 list.dnswl.org=127.0.[0..255].1*-3 list.dnswl.org=127.0.[0..255].2*-4 list.dnswl.org=127.0.[0..255].3*-5 hostkarma.junkemailfilter.com=127.0.0.1*-2 signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
Am 17.02.2015 um 21:16 schrieb Antony Stone: On Tuesday 17 Feb 2015 at 20:05, ricky gutierrez wrote: 2015-02-17 13:44 GMT-06:00 Reindl Harald h.rei...@thelounge.net: where the ccount lives don't matter the only resticiton is that header_checks BCC in Postfix 3.0 only works for header_checks and *not* smtp_header_checks, hence it need to be defined on the downstream server instead on the MX Reindl let me understand, the postfix could leave a copy BCC locally on the gateway, or send a copy to another MX server defined in my bind? BCCs will be delivered wherever the address points to. If your gateway has mail accounts (unlikely?) then they can be delivered there; otherwise they'll go to whichever is the MX for the BCC address. but the BCC option for header_checks is not available at the gateway because it runs *before* contentfilters and so makes no sense and since it's not available for smtp_header_checks you can't do anything on the gateway where the target address itself is located don't matter, postfix just generates a BCC and sends it to that local or remote address but be sure you consider the legal implications! if this is'll have to talk to my boss. Basically, you must ensure that nobody ever sees the emails - they must only be used for automated processing, unless there is a very good and justified reason for looking at some of them to investigate problems etc (and even in this case the person is only allowed to look at the part of the email needed to investigate - so if they need to see the body of a false-positive ham- identified-as-spam, they shouldn't look at the headers. If they need to see the headers, they almost certainly shouldn't see the recipient (since that's very unlikely ever to be involved in classifying an email as ham or spam)) to be honest that is wrong and hence you need *explicit* opt-in from the users, you typically need only a handful of users for both ham/spam because spam repeats as well as newletters, registration confirmations, bookings and so on have common tokens to train a global bayes you need to complete context from headers to body and in doubt also the RCPT until you want take the phone and speak with the user before classify and in that case you can skip the whole idea and just setup shared folders where users move samples to if someone believes he could train without the complete context he can also enable autolearning and forget the whole idea about a manual and with care maintained bayes at the end of the day the manual trained, global bayes will win for several reasons: * you ignore not 100% clear samples * train BAYES_50 samples where you are sure in the correct direction * train clear spam not hitting BAYS_99 * the user won't train it at the end of the day enough and balanced * if the users trains he makes too much mistakes * while in theory a user-specific bayes would be better the problem is the balance of enough ham *and* spam and most user bayes won't get enabled at all by miss the 200/200 requirement not only once a took the phone and asked seriously? for a message moved by a user by hand in the SPAM-folder for training and it turned out to be a commpletly wrong classification even a candiate for HAM signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
Are you using any RBLs with postfix ? -- Jeremy McSpadden Flux Labs | http://www.fluxlabs.nethttp://www.fluxlabs.net/ | Endless Solutions Office : 850-250-5590x501tel:850-250-5590;501 | Cell : 850-890-2543tel:850-890-2543 | Fax : 850-254-2955tel:850-254-2955 On Feb 17, 2015, at 1:05 PM, ricky gutierrez xserverli...@gmail.commailto:xserverli...@gmail.com wrote: Hi , I have mounted one gateway filtering me all spam in the business, I have to postfix + centos6.6 + amavisd-new 2.8 + clamav + spamassassin, currently captures 65% of spam the other 35 gets through, I want to improve the effectiveness making a Bayesian db. I am not an expert in postfix and spamassassin, I was thinking to leave a copy of all messages for the domain and classify emails as spam and ham, and then build the db, the problem is that postfix is only a gateway and leaves no emails locally! , someone has faced this type of situation? -- rickygm http://gnuforever.homelinux.com
Re: FreeMail Plugin
On 2/17/2015 12:21 PM, ricky gutierrez wrote: 2015-02-17 10:52 GMT-06:00 Kevin A. McGrail kmcgr...@pccc.com: That variable comes from $Mail::SpamAssassin::Util::RegistrarBoundaries::VALID_TLDS_RE; Hi Kevin, good to hear around here, Sounds like you might have some mish-mash of SpamAssassin versions and plugins. well , update to version spamassassin-3.3.2-4.el6.rfx.x86_64 That sounds like an RPM. Missing RPMs and CPAN may lead to issues. What did you update from CPAN? What distribution, etc. are you using?
Some tips email gateway
Hi , I have mounted one gateway filtering me all spam in the business, I have to postfix + centos6.6 + amavisd-new 2.8 + clamav + spamassassin, currently captures 65% of spam the other 35 gets through, I want to improve the effectiveness making a Bayesian db. I am not an expert in postfix and spamassassin, I was thinking to leave a copy of all messages for the domain and classify emails as spam and ham, and then build the db, the problem is that postfix is only a gateway and leaves no emails locally! , someone has faced this type of situation? -- rickygm http://gnuforever.homelinux.com
Re: FreeMail Plugin
On Tue, 17 Feb 2015, Kevin A. McGrail wrote: On 2/17/2015 12:21 PM, ricky gutierrez wrote: 2015-02-17 10:52 GMT-06:00 Kevin A. McGrail kmcgr...@pccc.com: That variable comes from $Mail::SpamAssassin::Util::RegistrarBoundaries::VALID_TLDS_RE; Hi Kevin, good to hear around here, Sounds like you might have some mish-mash of SpamAssassin versions and plugins. well , update to version spamassassin-3.3.2-4.el6.rfx.x86_64 That sounds like an RPM. Missing RPMs and CPAN may lead to issues. Very minor clarification there: Kevin meant to say mixing. CPAM modules should either be installed using RPMs (or whatever package your distro uses) OR directly from CPAN. If you mix methods you can't rely on getting clean results, things may not be properly updated. What did you update from CPAN? What distribution, etc. are you using? -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- ...for a nation to tax itself into prosperity is like a man standing in a bucket and trying to lift himself up by the handle. -- Winston Churchill --- 5 days until George Washington's 283rd Birthday
Re: Some tips email gateway
Am 17.02.2015 um 20:06 schrieb Jeremy McSpadden: Are you using any RBLs with postfix ? that was not the question the question was how to get spam/ham-samples for train bayes after all other filters and RBL's are running in a sane setup long before contentfilters see me response to that topic Jeremy McSpadden Flux Labs | http://www.fluxlabs.net http://www.fluxlabs.net/ | Endless Solutions Office : 850-250-5590x501 tel:850-250-5590;501 | Cell : 850-890-2543 tel:850-890-2543 | Fax : 850-254-2955 tel:850-254-2955 On Feb 17, 2015, at 1:05 PM, ricky gutierrez xserverli...@gmail.com mailto:xserverli...@gmail.com wrote: Hi , I have mounted one gateway filtering me all spam in the business, I have to postfix + centos6.6 + amavisd-new 2.8 + clamav + spamassassin, currently captures 65% of spam the other 35 gets through, I want to improve the effectiveness making a Bayesian db. I am not an expert in postfix and spamassassin, I was thinking to leave a copy of all messages for the domain and classify emails as spam and ham, and then build the db, the problem is that postfix is only a gateway and leaves no emails locally! , someone has faced this type of situation? signature.asc Description: OpenPGP digital signature
Re: FreeMail Plugin
2015-02-17 11:49 GMT-06:00 Kevin A. McGrail kmcgr...@pccc.com: That sounds like an RPM. Missing RPMs and CPAN may lead to issues. What did you update from CPAN? What distribution, etc. are you using? CentOS release 6.6 (Final) add a list cpan modules. -- rickygm http://gnuforever.homelinux.com r CPAN: Storable loaded ok (v2.20) Reading '/root/.cpan/Metadata' Database was generated on Tue, 17 Feb 2015 17:41:02 GMT Package namespace installedlatest in CPAN file AppConfig 1.66 1.69 NEILB/AppConfig-1.69.tar.gz Archive::Extract 0.38 0.74 BINGOS/Archive-Extract-0.74.tar.gz Attribute::Handlers0.85 0.96 SMUELLER/Attribute-Handlers-0.96.tar.gz Authen::SASL 2.13 2.16 GBARR/Authen-SASL-2.16.tar.gz AutoLoader 5.68 5.74 SMUELLER/AutoLoader-5.74.tar.gz B::Debug 1.11 1.23 RURBAN/B-Debug-1.23.tar.gz B::Lint1.11 1.20 RJBS/B-Lint-1.20.tar.gz BerkeleyDB 0.43 0.54 PMQS/BerkeleyDB-0.54.tar.gz Bit::Vector 7.1 7.4 STBEY/Bit-Vector-7.4.tar.gz CGI3.51 4.13 LEEJO/CGI-4.13.tar.gz CGI::Fast 1.08 2.05 LEEJO/CGI-Fast-2.05.tar.gz CPAN::Meta::Requirements 2.127 2.132 DAGOLDEN/CPAN-Meta-Requirements-2.132.tar.gz CPANPLUS 0.880.9152 BINGOS/CPANPLUS-0.9152.tar.gz CPANPLUS::Dist::Build 0.36 0.78 BINGOS/CPANPLUS-Dist-Build-0.78.tar.gz Carp 1.111.3301 ZEFRAM/Carp-1.3301.tar.gz Carp::Clan 6.03 6.04 STBEY/Carp-Clan-6.04.tar.gz Class::ISA 0.33 0.36 SMUELLER/Class-ISA-0.36.tar.gz Convert::ASN1 0.22 0.27 GBARR/Convert-ASN1-0.27.tar.gz Version string '1.119 ' contains invalid data; ignoring: ' ' at /usr/local/share/perl5/ExtUtils/MM_Unix.pm line 2784. Convert::BinHex 1.119 1.123 STEPHEN/Convert-BinHex-1.123.tar.gz Convert::UUlib 1.34 1.4 MLEHMANN/Convert-UUlib-1.4.tar.gz Crypt::OpenSSL::RSA0.25 0.28 PERLER/Crypt-OpenSSL-RSA-0.28.tar.gz Crypt::OpenSSL::Random 0.04 0.10 RURBAN/Crypt-OpenSSL-Random-0.10.tar.gz Crypt::SSLeay 0.57 0.72 NANIS/Crypt-SSLeay-0.72.tar.gz DBD::SQLite1.27 1.46 ISHIGAKI/DBD-SQLite-1.46.tar.gz DBD::mysql4.013 4.029 CAPTTOFU/DBD-mysql-4.029.tar.gz DBIx::Simple 1.32 1.35 JUERD/DBIx-Simple-1.35.tar.gz Data::UUID1.203 1.220 RJBS/Data-UUID-1.220.tar.gz Devel::DProf 20080331.00 20110802.00 FLORA/Devel-DProf-20110802.00.tar.gz Devel::PPPort 3.19 3.28 WOLFSAGE/Devel-PPPort-3.28.tar.gz Devel::SelfStubber 1.03 1.05 FLORA/Devel-SelfStubber-1.05.tar.gz Digest 1.16 1.17 GAAS/Digest-1.17.tar.gz Digest::HMAC 1.01 1.03 GAAS/Digest-HMAC-1.03.tar.gz Dumpvalue 1.13 1.17 FLORA/Dumpvalue-1.17.tar.gz Encode 2.35 2.70 DANKOGAI/Encode-2.70.tar.gz Env1.00 1.04 FLORA/Env-1.04.tar.gz Error 0.17015 0.17023 SHLOMIF/Error-0.17023.tar.gz Exporter 5.63 5.70 TODDR/Exporter-5.70.tar.gz ExtUtils::Command 1.16 1.20 BINGOS/ExtUtils-Command-1.20.tar.gz ExtUtils::Install 1.54 2.04 BINGOS/ExtUtils-Install-2.04.tar.gz ExtUtils::Manifest 1.65 1.70 ETHER/ExtUtils-Manifest-1.70.tar.gz ExtUtils::ParseXS2.2203 3.24 SMUELLER/ExtUtils-ParseXS-3.24.tar.gz File::CheckTree 4.4 4.42 RJBS/File-CheckTree-4.42.tar.gz File::Fetch0.24 0.48 BINGOS/File-Fetch-0.48.tar.gz File::Path 2.08 2.09 DLAND/File-Path-2.09.tar.gz Filter::Simple 0.84 0.91 SMUELLER/Filter-Simple-0.91.tar.gz GSSAPI 0.26 0.28 AGROLMS/GSSAPI-0.28.tar.gz Git0.01 0.40 MSOUTH/Git-0.40.tgz HTML::Form5.829 6.03 GAAS/HTML-Form-6.03.tar.gz I18N::Collate 1.01 1.02 FLORA/I18N-Collate-1.02.tar.gz IP::Country2.27 2.28 NWETTERS/IP-Country-2.28.tar.gz IPC::Cmd 0.56 0.92 BINGOS/IPC-Cmd-0.92.tar.gz IPC::SysV 2.01 2.04 MHX/IPC-SysV-2.04.tar.gz JSON::PP2.27203 2.27300 MAKAMAKA/JSON-PP-2.27300.tar.gz LWP::Protocol::http10 undef 6.03 GAAS/LWP-Protocol-http10-6.03.tar.gz LWP::Protocol::https undef 6.06 MSCHILLI/LWP-Protocol-https-6.06.tar.gz Locale::Maketext 1.13 1.26
Re: Some tips email gateway
Am 17.02.2015 um 20:03 schrieb ricky gutierrez: Hi , I have mounted one gateway filtering me all spam in the business, I have to postfix + centos6.6 + amavisd-new 2.8 + clamav + spamassassin, currently captures 65% of spam the other 35 gets through, I want to improve the effectiveness making a Bayesian db. I am not an expert in postfix and spamassassin, I was thinking to leave a copy of all messages for the domain and classify emails as spam and ham, and then build the db, the problem is that postfix is only a gateway and leaves no emails locally! , someone has faced this type of situation? update to Postfix 3.0 and use the new BCC feature for header_checks on the *downstream servers* to use that as training data *but* be sure you place a sieve rule there to discard all the BCC's to users without a explicit opt-in for *legal* reasons! and protect that BCC account from receive mails on the MX! _ the sieve rule just lists the subscribed Users in the To/Cc-Header with 'keep' and the elseif 'discard' if you want to optimize that add your own enevlope-headers on the MX which covers also BCC and can be used by the sieve-rules instead From/Cc http://comments.gmane.org/gmane.mail.postfix.user/193456 _ main.cf: header_checks = pcre:/etc/postfix/header_checks_smtpd.cf nested_header_checks = mime_header_checks = /etc/postfix/header_checks_smtpd.cf: /^X\-Spam\-Flag: Yes/ BCC spamfil...@thelounge.net /^X\-Spam\-Report: Flag: No.*(BAYES_80|BAYES_95|BAYES_99)/ BCC spamfil...@thelounge.net /^X\-Spam\-Report: Flag: No.*(BAYES_50)/ BCC spamfilter+inbox...@thelounge.net Spamassassin local.cf: clear_headers fold_headers 1 add_header spam Flag _YESNO_ add_header all Status _YESNO_, score=_SCORE_, tag-level=_REQD_, block-level=8.0 report_safe 0 add_header all Report Flag: _YESNO_, _REPORT_ rewrite_header Subject [SPAM] signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
2015-02-17 13:44 GMT-06:00 Reindl Harald h.rei...@thelounge.net: where the ccount lives don't matter the only resticiton is that header_checks BCC in Postfix 3.0 only works for header_checks and *not* smtp_header_checks, hence it need to be defined on the downstream server instead on the MX Reindl let me understand, the postfix could leave a copy BCC locally on the gateway, or send a copy to another MX server defined in my bind? where the target address itself is located don't matter, postfix just generates a BCC and sends it to that local or remote address but be sure you consider the legal implications! if this is'll have to talk to my boss. -- rickygm http://gnuforever.homelinux.com
Re: Some tips email gateway
this solution looks cool , I was thinking of putting another server with a specific account and through transport map from the gw send e-mail server to another server with a specific account. I was looking for how to handle this with postfix 2015-02-17 13:14 GMT-06:00 Reindl Harald h.rei...@thelounge.net: Am 17.02.2015 um 20:03 schrieb ricky gutierrez: Hi , I have mounted one gateway filtering me all spam in the business, I have to postfix + centos6.6 + amavisd-new 2.8 + clamav + spamassassin, currently captures 65% of spam the other 35 gets through, I want to improve the effectiveness making a Bayesian db. I am not an expert in postfix and spamassassin, I was thinking to leave a copy of all messages for the domain and classify emails as spam and ham, and then build the db, the problem is that postfix is only a gateway and leaves no emails locally! , someone has faced this type of situation? update to Postfix 3.0 and use the new BCC feature for header_checks on the *downstream servers* to use that as training data *but* be sure you place a sieve rule there to discard all the BCC's to users without a explicit opt-in for *legal* reasons! and protect that BCC account from receive mails on the MX! _ the sieve rule just lists the subscribed Users in the To/Cc-Header with 'keep' and the elseif 'discard' if you want to optimize that add your own enevlope-headers on the MX which covers also BCC and can be used by the sieve-rules instead From/Cc http://comments.gmane.org/gmane.mail.postfix.user/193456 _ main.cf: header_checks = pcre:/etc/postfix/header_checks_smtpd.cf nested_header_checks = mime_header_checks = /etc/postfix/header_checks_smtpd.cf: /^X\-Spam\-Flag: Yes/ BCC spamfil...@thelounge.net /^X\-Spam\-Report: Flag: No.*(BAYES_80|BAYES_95|BAYES_99)/ BCC spamfil...@thelounge.net /^X\-Spam\-Report: Flag: No.*(BAYES_50)/ BCC spamfilter+inbox...@thelounge.net Spamassassin local.cf: clear_headers fold_headers 1 add_header spam Flag _YESNO_ add_header all Status _YESNO_, score=_SCORE_, tag-level=_REQD_, block-level=8.0 report_safe 0 add_header all Report Flag: _YESNO_, _REPORT_ rewrite_header Subject [SPAM] -- rickygm http://gnuforever.homelinux.com
Re: Some tips email gateway
Am 17.02.2015 um 20:38 schrieb ricky gutierrez: this solution looks cool , I was thinking of putting another server with a specific account and through transport map from the gw send e-mail server to another server with a specific account. I was looking for how to handle this with postfix where the ccount lives don't matter the only resticiton is that header_checks BCC in Postfix 3.0 only works for header_checks and *not* smtp_header_checks, hence it need to be defined on the downstream server instead on the MX where the target address itself is located don't matter, postfix just generates a BCC and sends it to that local or remote address but be sure you consider the legal implications! 2015-02-17 13:14 GMT-06:00 Reindl Harald h.rei...@thelounge.net: Am 17.02.2015 um 20:03 schrieb ricky gutierrez: Hi , I have mounted one gateway filtering me all spam in the business, I have to postfix + centos6.6 + amavisd-new 2.8 + clamav + spamassassin, currently captures 65% of spam the other 35 gets through, I want to improve the effectiveness making a Bayesian db. I am not an expert in postfix and spamassassin, I was thinking to leave a copy of all messages for the domain and classify emails as spam and ham, and then build the db, the problem is that postfix is only a gateway and leaves no emails locally! , someone has faced this type of situation? update to Postfix 3.0 and use the new BCC feature for header_checks on the *downstream servers* to use that as training data *but* be sure you place a sieve rule there to discard all the BCC's to users without a explicit opt-in for *legal* reasons! and protect that BCC account from receive mails on the MX! _ the sieve rule just lists the subscribed Users in the To/Cc-Header with 'keep' and the elseif 'discard' if you want to optimize that add your own enevlope-headers on the MX which covers also BCC and can be used by the sieve-rules instead From/Cc http://comments.gmane.org/gmane.mail.postfix.user/193456 _ main.cf: header_checks = pcre:/etc/postfix/header_checks_smtpd.cf nested_header_checks = mime_header_checks = /etc/postfix/header_checks_smtpd.cf: /^X\-Spam\-Flag: Yes/ BCC spamfil...@thelounge.net /^X\-Spam\-Report: Flag: No.*(BAYES_80|BAYES_95|BAYES_99)/ BCC spamfil...@thelounge.net /^X\-Spam\-Report: Flag: No.*(BAYES_50)/ BCC spamfilter+inbox...@thelounge.net Spamassassin local.cf: clear_headers fold_headers 1 add_header spam Flag _YESNO_ add_header all Status _YESNO_, score=_SCORE_, tag-level=_REQD_, block-level=8.0 report_safe 0 add_header all Report Flag: _YESNO_, _REPORT_ rewrite_header Subject [SPAM] signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
2015-02-17 13:06 GMT-06:00 Jeremy McSpadden jer...@fluxlabs.net: Are you using any RBLs with postfix ? On 17.02.15 13:25, ricky gutierrez wrote: Yes , only these two: reject_rbl_client pbl.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, why not reject_rbl_client zen.spamhaus.org ? it makes exactly the same job, but halves number of queries -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. BSE = Mad Cow Desease ... BSA = Mad Software Producents Desease
Re: Some tips email gateway
On Tue, 2015-02-17 at 13:38 -0600, ricky gutierrez wrote: this solution looks cool , I was thinking of putting another server with a specific account and through transport map from the gw send e-mail server to another server with a specific account. I was looking for how to handle this with postfix The Postfix 'always_bcc' directive writes copies of all incoming and outgoing e-mail to a mail user you'd set up to receive that mail stream. I use it to feed my mail archiving system, but of course you can do pretty much anything you want with it. Martin
Re: Some tips email gateway
Am 17.02.2015 um 22:44 schrieb Martin Gregorie: On Tue, 2015-02-17 at 13:38 -0600, ricky gutierrez wrote: this solution looks cool , I was thinking of putting another server with a specific account and through transport map from the gw send e-mail server to another server with a specific account. I was looking for how to handle this with postfix The Postfix 'always_bcc' directive writes copies of all incoming and outgoing e-mail to a mail user you'd set up to receive that mail stream. I use it to feed my mail archiving system, but of course you can do pretty much anything you want with it but that won't help you with train a bayes you don't want to have all mails as BCC for that task :-) signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
Am 17.02.2015 um 22:50 schrieb Axb: On 02/17/2015 10:44 PM, Martin Gregorie wrote: On Tue, 2015-02-17 at 13:38 -0600, ricky gutierrez wrote: this solution looks cool , I was thinking of putting another server with a specific account and through transport map from the gw send e-mail server to another server with a specific account. I was looking for how to handle this with postfix The Postfix 'always_bcc' directive writes copies of all incoming and outgoing e-mail to a mail user you'd set up to receive that mail stream. I use it to feed my mail archiving system, but of course you can do pretty much anything you want with it. including ugly backscattering if your bCC target has a hickup not really Note: with Postfix 2.3 and later the BCC address is added as if it was specified with NOTIFY=NONE. The sender will not be notified when the BCC address is undeliverable, as long as all down-stream software implements RFC 3461. _ also prevented by my suggestion of header_checks BCC with Postfix 3.0 Note 1: the BCC address is added as if it was specified with NOTIFY=NONE. The sender will not be notified when the BCC address is undeliverable, as long as all down-stream software implements RFC 3461. signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
Am 17.02.2015 um 22:04 schrieb Matus UHLAR - fantomas: 2015-02-17 13:06 GMT-06:00 Jeremy McSpadden jer...@fluxlabs.net: Are you using any RBLs with postfix ? On 17.02.15 13:25, ricky gutierrez wrote: Yes , only these two: reject_rbl_client pbl.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, why not reject_rbl_client zen.spamhaus.org ? it makes exactly the same job, but halves number of queries it contains more zenhaus lists and hence more false positives but honestly sbl.spamhaus.org is asking for troubles and should never be scored the same way as xbl, the same for spam.dnsbl.sorbs.net look at one of my previous replies to that thread, the different scores for different sorbs/zen respones are not random - they prevent way too much false positives and support calls even in scoring setups hence i also disabled most builtin RBL scores in SA and write my own rules feeded from the same table and even that needs to be combined with a sensitive DNSWL list with different scores what we *never* should forget as mailadmin is the our primary job is make sure that mail is received and not blocked - that#s in any case a hard job but one false positive does so much more harm than 10 slipped junk mails. signature.asc Description: OpenPGP digital signature
Re: Some tips email gateway
On 02/17/2015 10:44 PM, Martin Gregorie wrote: On Tue, 2015-02-17 at 13:38 -0600, ricky gutierrez wrote: this solution looks cool , I was thinking of putting another server with a specific account and through transport map from the gw send e-mail server to another server with a specific account. I was looking for how to handle this with postfix The Postfix 'always_bcc' directive writes copies of all incoming and outgoing e-mail to a mail user you'd set up to receive that mail stream. I use it to feed my mail archiving system, but of course you can do pretty much anything you want with it. including ugly backscattering if your bCC target has a hickup. Smart glue applications give you the option to selectively quarantine spam without extra risky smtp sesssions.
Re: Some tips email gateway
On 02/17/2015 10:54 PM, Reindl Harald wrote: Am 17.02.2015 um 22:50 schrieb Axb: On 02/17/2015 10:44 PM, Martin Gregorie wrote: On Tue, 2015-02-17 at 13:38 -0600, ricky gutierrez wrote: this solution looks cool , I was thinking of putting another server with a specific account and through transport map from the gw send e-mail server to another server with a specific account. I was looking for how to handle this with postfix The Postfix 'always_bcc' directive writes copies of all incoming and outgoing e-mail to a mail user you'd set up to receive that mail stream. I use it to feed my mail archiving system, but of course you can do pretty much anything you want with it. including ugly backscattering if your bCC target has a hickup not really Note: with Postfix 2.3 and later the BCC address is added as if it was specified with NOTIFY=NONE. The sender will not be notified when the BCC address is undeliverable, as long as all down-stream software implements RFC 3461. _ also prevented by my suggestion of header_checks BCC with Postfix 3.0 Note 1: the BCC address is added as if it was specified with NOTIFY=NONE. The sender will not be notified when the BCC address is undeliverable, as long as all down-stream software implements RFC 3461. to each his own... I'd endorse lighweight Fuglu (http://fuglu.org) and its plugin framework which give you all the bells whistles without bending depending of a particular Postfix version.
Re: Some tips email gateway
2015-02-17 16:10 GMT-06:00 Axb axb.li...@gmail.com: _ also prevented by my suggestion of header_checks BCC with Postfix 3.0 Note 1: the BCC address is added as if it was specified with NOTIFY=NONE. The sender will not be notified when the BCC address is undeliverable, as long as all down-stream software implements RFC 3461. to each his own... I'd endorse lighweight Fuglu (http://fuglu.org) and its plugin framework which give you all the bells whistles without bending depending of a particular Postfix version. this replaces amavisd-new? -- rickygm http://gnuforever.homelinux.com
Re: Training new spamass-milter setup
On 17 Feb 2015, at 08:27 , Robert Schetterer r...@sys4.de wrote: Am 17.02.2015 um 16:13 schrieb LuKreme: OK, so I have spamass-milter running, but I need to train it. What is the proper way to do this? you dont train spamass-milter, you should train spamassassin spamassassin has existing user-specific training already in place. Spamass-milter isn’t using the user DBs. -- Don't just *do* something: *sit* there!
Re: train filter based on spam to ex-employees?
Am 17.02.2015 um 00:54 schrieb ttgh: @Antony, I particularly appreciated your response (and the spelling of your name). To clarify: I am not saying that all messages to ALL ex-staff are spam, only the messages to specific ex-staff. Also, this email server is acting as relay/filter for an internal Exchange server and does not have a list of still-valid internal accounts so until recently it accepted and scanned any message, even to long-gone employees. (And then wasted time trying to send the polite 'Unknown user' reply from Exchange.) than just fix your exchange to response correctly for nvalid users and enable http://www.postfix.org/ADDRESS_VERIFICATION_README.html on your MX - voila now it knows valid accounts - you should always solve problems where they exists and not screw around them skip_rcpt_verification.cf in the config below contains domains where we know the RCPT and given that all targets where we don't know are a wildcahrd on the postfix server reject_unlisted_recipient is finein the relay restrictions unverified_recipient_reject_code = 550 unverified_recipient_reject_reason = Recipient address lookup failed address_verify_positive_expire_time = 24h address_verify_positive_refresh_time = 12h address_verify_negative_expire_time = 2h address_verify_negative_refresh_time = 1h address_verify_poll_delay= 5s smtpd_relay_restrictions = reject_unlisted_recipient reject_unauth_destination reject_non_fqdn_recipient reject_non_fqdn_sender check_recipient_access proxy:hash:/etc/postfix/skip_rcpt_verification.cf reject_unverified_recipient signature.asc Description: OpenPGP digital signature