On 4/14/19 3:03 AM, Jari Fredriksson wrote: > We have had some discussions of this in the past. But now I became > worried that all SA users do not have access to their border smtp and > are NOT configuring postfix with this: https://pastebin.com/LGkdi7NM > > Now, I am part of RuleQA. Should I accept everything and pass it so > SpamAssassin and to my corpus or not? Reindl Harald may have his say as > a corporate maintainer or something but the SpamAssassin user base is more. > > How can I best support SpamAssassin besides having a mass check > automation and mirrors for the sa-update?
I have a secondary iredmail server hosting a few decommissioned domains receiving both ham and spam, but mostly spam. This iredmail server has been stripped down to a very basic/stock Postfix and amavis-new configs to allow SA to score everything. I sync over my /etc/mail/spamassassin custom config files and point to the same Bayes DB in redis so it scores similarly. Dovecot Sieve rules put mail into the ham and spam folders for my masscheck processing based on very low scores for ham and very high scores for spam. Messages that score in the middle are checked and manually moved into the ham or spam folder. I also have a Spamcop folder that a script runs every 5 minutes to submit to Spamcop. If I am able to catch a compromised account quickly, then I release that email to spamcop+postmas...@sa.ena.net which automatically goes into the Spamcop folder. Note the sa.ena.net is an internal-only domain that is used to route mail to my iredmail server for the SA masscheck corpus. Once you get this type of platform setup, it can be used for other spam fighting techniques on the primary mail filters like: - train your shared redis Bayes DB with the ham and spam folder - fail2ban - run a custom script on the secondary server to block IPs on the primary filters - swatch - run custom scripts when certain rules are hit: - add entries to your own private RBL to catch zero hour spam - auto release certain messages from quarantine as an attachment - etc... -- David Jones