You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Suhag P Desai <sp...@gnvfc.net> on 2010/07/24 16:35:56 UTC
SA scan internal to external / internal to internal
Hi Mailing List users,
This is my first message in this mail community and I am evaluating SA very
first time.
I have few question in my mind regarding working of SA. I gone through a FAQ
and some documentation from official SA websites.
1. Is SA for external to internal mail only ??? or it can be used to
scan internal to external and internal to internal mail also ?
2. How SA consider mail as a SPAM based on the score ?
3. How SA used /usr/share/spamassissin/*.cf file ?
Thanks in Advance ,
Suhag Desai.
RE: SA scan internal to external / internal to internal
Posted by Suhag P Desai <sp...@gnvfc.net>.
Anyone has any comment ?
-----Original Message-----
From: Bowie Bailey [mailto:Bowie_Bailey@BUC.com]
Sent: Monday, July 26, 2010 8:16 PM
To: Suhag P Desai
Subject: Re: SA scan internal to external / internal to internal
courier-authlib is the authentication database that stores userids and
passwords. courier-imap is the IMAP server that lets users retrieve
their mail. Neither of those has anything to do with sending and
receiving mail. I would be willing to bet that qmail-toaster uses qmail
as its MTA.
And, as I said before, if you send your replies back to the list rather
than replying directly to an individual, everyone will be able to see
your reply and you are much more likely to find someone who can help you.
A quick Google search leads to this page:
http://wiki.qmailtoaster.com/index.php/spamassassin
It doesn't say anything about outbound scanning, but it does give you
the basics on how it works.
Bowie
============================================================================
=====================================================
On 7/26/2010 10:37 AM, Suhag P Desai wrote:
> Qmailtoaster include both courier-authlib-toaster-0.59.2-1.3.10.src.rpm
and
> courier-imap-toaster-4.1.2-1.3.10.src.rpm so it use as a MTA.
============================================================================
==============================================================
I have no idea. I've never even seen qmail-toaster. I use Courier-MTA and
Amavisd-new.
Please keep your replies on the list and someone there may be able to help
you further. Alternately, ask on the qmail-toaster list.
--
Bowie
============================================================================
==============================================================
That's greate Bowie,
Now I have installed fresh qmail-toaster (with SA obviously) in test setup
centos without any extra configuration. Now let me know by default SA scan
external to internal mail only ? I can send / receive mail without any
problem. I am not sure whethere my SA is working.
If I want to scan internal-to-internal / internal to external, what changes
to be done in my configuration. ?
Thanks,
Re: SA scan internal to external / internal to internal
Posted by Bowie Bailey <Bo...@BUC.com>.
On 7/26/2010 9:47 AM, Suhag P Desai wrote:
> That's greate Bowie,
>
> Now I have installed fresh qmail-toaster (with SA obviously) in test setup
> centos without any extra configuration. Now let me know by default SA scan
> external to internal mail only ? I can send / receive mail without any
> problem. I am not sure whethere my SA is working.
>
> If I want to scan internal-to-internal / internal to external, what changes
> to be done in my configuration. ?
>
> Thanks,
>
>
>
> -----Original Message-----
> From: Bowie Bailey [mailto:Bowie_Bailey@BUC.com]
> Sent: Monday, July 26, 2010 7:09 PM
> To: users@spamassassin.apache.org
> Subject: Re: SA scan internal to external / internal to internal
>
> On 7/24/2010 10:35 AM, Suhag P Desai wrote:
>> Hi Mailing List users,
>>
>>
>>
>> This is my first message in this mail community and I am evaluating SA
>> very first time.
>>
>>
>>
>> I have few question in my mind regarding working of SA. I gone through
>> a FAQ and some documentation from official SA websites.
>>
>>
>>
>> 1. Is SA for *external to internal* mail only ??? or it can be
>> used to scan *internal to external* and *internal to internal* mail also ?
>>
> SA will scan anything you send it. It is up to you to configure your
> system to send the mail to SA that you wish to scan.
>
>> 2. How SA consider mail as a SPAM based on the score ?
>>
> SA scores a message based on the total score of all of the rules that
> matched the message. By default, messages scoring 5 points or higher
> are considered spam and will get that information added into their
> header and possibly also the subject line depending on your
> configuration. It is then up to your MTA, procmail, maildrop, or
> whatever other "glue" program you are using to decide what to do with
> the message.
>
>> 3. How SA used /usr/share/spamassissin/*.cf file ?
>>
> Older versions of SA used this to store the original stock rules that
> came with the install. The current version does not use this
> directory. It comes with no built-in rules and you must run sa-update
> to get the latest rules after installation. These rules will go into
> /var/lib/spamassassin/3.003001 (for the current version 3.3.1).
>
I have no idea. I've never even seen qmail-toaster. I use Courier-MTA
and Amavisd-new.
Please keep your replies on the list and someone there may be able to
help you further. Alternately, ask on the qmail-toaster list.
--
Bowie
Re: SA scan internal to external / internal to internal
Posted by Bowie Bailey <Bo...@BUC.com>.
On 7/24/2010 10:35 AM, Suhag P Desai wrote:
>
> Hi Mailing List users,
>
>
>
> This is my first message in this mail community and I am evaluating SA
> very first time.
>
>
>
> I have few question in my mind regarding working of SA. I gone through
> a FAQ and some documentation from official SA websites.
>
>
>
> 1. Is SA for *external to internal* mail only ??? or it can be
> used to scan *internal to external* and *internal to internal* mail also ?
>
SA will scan anything you send it. It is up to you to configure your
system to send the mail to SA that you wish to scan.
> 2. How SA consider mail as a SPAM based on the score ?
>
SA scores a message based on the total score of all of the rules that
matched the message. By default, messages scoring 5 points or higher
are considered spam and will get that information added into their
header and possibly also the subject line depending on your
configuration. It is then up to your MTA, procmail, maildrop, or
whatever other "glue" program you are using to decide what to do with
the message.
> 3. How SA used /usr/share/spamassissin/*.cf file ?
>
Older versions of SA used this to store the original stock rules that
came with the install. The current version does not use this
directory. It comes with no built-in rules and you must run sa-update
to get the latest rules after installation. These rules will go into
/var/lib/spamassassin/3.003001 (for the current version 3.3.1).
--
Bowie
Re: SA scan internal to external / internal to internal
Posted by Martin Gregorie <ma...@gregorie.org>.
On Sat, 2010-07-24 at 20:05 +0530, Suhag P Desai wrote:
> 1. Is SA for external to internal mail only ??? or it can be used
> to scan internal to external and internal to internal mail also ?
>
That depends on how you feed it:
- at present I'm only scanning incoming by using this chain:
ISP ---pop3--->getmail | SA | sendmail ---smtp---> Postfix
- If you run SA as a Postfix service I think it scans all mail submitted
to Postfix via SMTP on port 25
> 2. How SA consider mail as a SPAM based on the score ?
>
That's external. SA scores the mail so that something downstream of it
can use the score, such as procmail or a filter in the recipients MUA
If you use amavis-new as an SA front end, it can use the score to
deliver/quarantine/delete etc the message
> 3. How SA used /usr/share/spamassissin/*.cf file ?
>
Base rules, replaced with a new set in /var/lib/spamassassin/ the first
time you run sa_update. Your configuration and, optionally,
site-specific rules are usually in /etc/mail/spamassassin/local.cf or
you can add extra site-specific rules as /etc/mail/spamassassin/*.cf
Martin