trevor wrote:
I have all that running already, that's the easy part.This is all doable and pretty easy to add to the current toaster. I've done it. All you need to install is qmail-scanner, spamassassin, and clamav. Spamassassin uses qmail-scanner to checks all incoming emails and makes a score based on a rules file. It can then mark the subject with "SPAM" (or whatever you want), and also adds a header with a score and whether or not it's spam. You can then configure your mail client to filter things to a spam folder based on that header. Clamav also uses qmail-scanner to scan for viruses and you can set up a cron job to check for new definitions daily. It all works nicely. Check out http://qmail-scanner.sourceforge.net/ http://useast.spamassassin.org/index.html http://clamav.elektrapro.com/
What I'm suggesting here is a method of refusing the incoming message at the SMTP level, so it doesn't make it to the scanner as it is simply turned away at SMTP with a 5XX error to the sending MTA.
I know a patch exists now to turn away based on file attachment that someone did up for the Sobig.F action. Yes we can discard this at the Qmailscanner check, but it would be nice if we could simply refuse to even accept the message at the SMTP level, which in turn lightens the load on the scanner and cuts down on bandwidth usage too.
The first thing I'd like to see though is the subject line scan at SMTP level, this would allow us to refuse to accept messages with objectionable subject lines so we can make a good attempt at getting rid of the spam. Tagging with SpamAssassin is fine, but it still means the end user has to look at subject lines with the latest Viagra offers, etc. I know my ISP clients would be quite happy if we could drop those types of spams at the door entirely.
We could use Qmailscanner to quarantine those spams, but I would much prefer to send the spammers a message by not accepting their nonsense entirely at the front door :)
