On 10/11/2016 3:03 PM, Justin Edmands wrote:
We have SA running via Mimedefang on our MTAs. We have Zimbra MDA to
manage our mailstores. We do not currently have the MDA run SA checks
on mail. We let everything be done by the MTA. Because of this, the
inidivudal users preferences to "mark as spam" does not help the
individual user. They will Mark as Spam and it will really train for
the entire domain as a whole. Not ideal but it's been working OK for
some time. We want the inidividual user to have spam prefs for
themselves as well.
Our concern is that the MDA would be able to train Bayes DBs on a per
user level, while the MTA does not. It's all just trained to a single
SA user on the MTA. All mail flowing to and from the MTA will pass
through the rules and be delivered with headers modified to the MDA.
When users hit the "Mark as spam" button in Zimbra, it is sent to a
user "spamngvrnui...@domain.com <mailto:spamngvrnui...@domain.com>". I
then have this mail sent over to the MTAs and train it as spam. These
BAYES DBs are synced up together so they don't have to rescore mail
that is clearly already in the BAYES DB.
We have whitelisting on the MTAs in the event that someone spams a
known good address.
OK so I suppose what I really want to know is...Will enabling SA on
the MDA cause any issues on the MTA level? Will already processed and
scored messages delivered by the MTA to the MDA, (which will be
processing the users personal rules built over time) cause some weird
issue?
The main issue is that SA on the MDA will throw out all of the SA
headers from the MTA and start from scratch. You can only have results
from one version of SA in the message. Also, SA running on your MTA
(depending on the exact mail flow) can result in rejection of a spam
message, while the MDA can only do tag-and-deliver (or delete, depending
on your policies).
If you use subject line tagging, you should configure your MTA instance
to NOT tag the subject line of the message to avoid double-tagging. I
would also suggest that you set up your training system so that it
trains both the MTA and MDA Bayes DBs. This will give you a single
Bayes DB on the MTA and per-user Bayes DBs on the MDA.
The results of what you describe will be this:
- The MTA will receive the message and scan it.
- Depending on the results of the scan, the mail will be either rejected
or forwarded on to the MDA.
- The MDA will receive the message and scan it.
- Depending on the results of this scan (completely independent of the
first scan), the mail will be either delivered normally, or marked as
spam and delivered to a spam folder, or however you prefer to do it.
- The end user will receive the mail with the results of the MDA spam
scan in the headers.
--
Bowie