We use Exchange 2007, but I have a gateway sitting in front of it running spamassassin. I also use MailScanner (sort of similar to amavisd) and MailWatch which is a web based front end to MailScanner.
MailScanner: www.mailscanner.info<http://www.mailscanner.info> MailWatch: http://mailwatch.sourceforge.net/doku.php Any messages that come in are 'quarantined' in either a spam or non-spam directory as well as being sent to the Exchange server. If a slew of spam comes in that doesn't quite tip the scales it's easy to pull up a report in MailWatch that allows me to submit them for learning, all on the gateway machine, w/o being modified by Exchange. Of course, if we have ham that is tagged as spam, I can feed it through as well so it can be learned a legitimate. You may want to look into using them. One shortcoming you'd encounter is the users would lose the forwarding option since it's done through the web. You can set up accounts for them to get in and submit messages themselves but you'd either need an account for everybody, or everybody could see all the messages. Or they'd have to contact you for help, so it may or may not be the best option... ...Kevin -- Kevin Miller Registered Linux User No: 307357 CBJ MIS Dept. Network Systems Admin., Mail Admin. 155 South Seward Street ph: (907) 586-0242 Juneau, Alaska 99801 fax: (907 586-4500 ________________________________ From: Lars Jørgensen [mailto:l...@kb.dk] Sent: Wednesday, May 18, 2011 10:47 PM To: 'users@spamassassin.apache.org' Subject: sa-learn in an Exchange 2010 environment Hi, I have searched thoroughly for any information on the above constellation, but have not found anything useful. We have spamassassin running on a gateway server delivering mail to users on an exchange 2010 server. Sometimes spam gets through, and I would like for users to be able to send that spam to sa-learn. I set up a forwaring scheme and that works fine. But reading around on the internets, people seem to warn about that kind of setup, because From-fields on the forwarded mails belong to users and that can mark them as spammers. People recommends to either redirect the spam to sa-learn or move it to a public folder and have some sort of IMAP-mechanism pick it up and deliver it to sa-learn. There are a number of problems with those recommendations on exchange 2010: You can no longer resend mail that was not directly sent to you (or some other rule, the gist is that most spam cannot be resent), and there is no longer IMAP access to public folders (I am led to believe). The forwarding method is very convenient and uses a method that users are already intimate with, so there is no need to teach them new things. So my question is: Can I continue doing this? How bad is it that the users' names gets marked adversely in the bayesian database, when all outgoing mail is whitelisted because of trusted sources? Lars
