On 10/11/2016 3:03 PM, Justin Edmands wrote:

We have SA running via Mimedefang on our MTAs. We have Zimbra MDA to manage our mailstores. We do not currently have the MDA run SA checks on mail. We let everything be done by the MTA. Because of this, the inidivudal users preferences to "mark as spam" does not help the individual user. They will Mark as Spam and it will really train for the entire domain as a whole. Not ideal but it's been working OK for some time. We want the inidividual user to have spam prefs for themselves as well.

Our concern is that the MDA would be able to train Bayes DBs on a per user level, while the MTA does not. It's all just trained to a single SA user on the MTA. All mail flowing to and from the MTA will pass through the rules and be delivered with headers modified to the MDA.

When users hit the "Mark as spam" button in Zimbra, it is sent to a user "spamngvrnui...@domain.com <mailto:spamngvrnui...@domain.com>". I then have this mail sent over to the MTAs and train it as spam. These BAYES DBs are synced up together so they don't have to rescore mail that is clearly already in the BAYES DB.

We have whitelisting on the MTAs in the event that someone spams a known good address.

OK so I suppose what I really want to know is...Will enabling SA on the MDA cause any issues on the MTA level? Will already processed and scored messages delivered by the MTA to the MDA, (which will be processing the users personal rules built over time) cause some weird issue?

The main issue is that SA on the MDA will throw out all of the SA headers from the MTA and start from scratch. You can only have results from one version of SA in the message. Also, SA running on your MTA (depending on the exact mail flow) can result in rejection of a spam message, while the MDA can only do tag-and-deliver (or delete, depending on your policies).

If you use subject line tagging, you should configure your MTA instance to NOT tag the subject line of the message to avoid double-tagging. I would also suggest that you set up your training system so that it trains both the MTA and MDA Bayes DBs. This will give you a single Bayes DB on the MTA and per-user Bayes DBs on the MDA.

The results of what you describe will be this:

- The MTA will receive the message and scan it.
- Depending on the results of the scan, the mail will be either rejected or forwarded on to the MDA.
- The MDA will receive the message and scan it.
- Depending on the results of this scan (completely independent of the first scan), the mail will be either delivered normally, or marked as spam and delivered to a spam folder, or however you prefer to do it. - The end user will receive the mail with the results of the MDA spam scan in the headers.


Reply via email to