You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Jerry M <te...@malcolms.com> on 2007/01/12 23:57:59 UTC
Auto-whitelist mailets?
I've now been using the Bayesian mailet for several days now. It's
catching about 99% of the spam and giving me about 1% false-positives.
I realize with continued training over time, the errors should approach
0%. But as a mathmetician, I know they'll never hit absolute 0%. This
leaves me with a problem that I can either just not look at the flagged
spam and cut my losses if I miss an important email that was incorrectly
flagged. Or I can continue to download and scan the hundreds of spams
daily "just to be sure". I run a business, and I can think of a lot of
bad things that will happen if I miss even one important email from a
client.
A whitelist that would bypass the spam checker altogether would help
minimize the risk. But I don't want to manually maintain a whitelist.
Which brings me to the question... It seems reasonable to have a mailet
that simply stores in a db table the target email address(es) of every
outbound note sent by a validated SMTP user, and then compare inbound
notes against this dynamic whitelist. At least if I've ever sent a note
to somebody, I have a 100% guarantee that replies or subsequent notes
will never be inadvertently flagged as spam.
I figure this isn't going to be rocket science to write both the
outbound mailet that stores in the db and the inbound matcher that
matches against the entries in the table. But I would like some
comments on a) if this has already been done with existing
matchers/mailets already available, and b) if there are horribly bad
issues with doing something like this that I haven't thought about? I
realize it will become a very long table in the db. But indexed
searches should still be reasonably efficient.
Again, just curious if this has been beat around before and if so, what
were the results?
Thanks.
Jerry
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: Auto-whitelist mailets?
Posted by David Legg <da...@searchevent.co.uk>.
Hi Jerry,
I too have been using James 2.3.0 for just over a week now. As I
mentioned in another email I've been very impressed with it.
> I figure this isn't going to be rocket science to write both the
> outbound mailet that stores in the db and the inbound matcher that
> matches against the entries in the table. But I would like some
> comments on a) if this has already been done with existing
> matchers/mailets already available, and b) if there are horribly bad
> issues with doing something like this that I haven't thought about?
I believe this has already been thought of. Have a look for the
following text in the config.xml file: -
<!-- Whitelist Management -->
<!-- Manages for each local user a "white list" of remote addresses
whose messages -->
<!-- should never be blocked as spam. -->
<!-- -->
<!-- If <automaticInsert> is true, it will check, for a local sender,
if a remote recipient -->
<!-- is already in the list: if not, it will be automatically
inserted. -->
<!-- This is under the interpretation that if a local sender X sends a
message to a -->
<!-- remote recipient Y, then later on if a message is sent by Y to X
it should be -->
<!-- considered always valid and never blocked; hence Y should be in
the white list -->
<!-- of X. -->
I considered enabling this section when I did my configuration but
decided not to in the end. Why? Because so many spam emails today have
spoofed sender addresses that it is bound to happen that a spam
pretending to be from the person in the white list will be sent.
Perhaps the chances of this are small... I don't know. But I thought
I'd see how effective the Bayesian filter was first.
- David.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: [2] Auto-whitelist mailets?
Posted by sunsetartproducts <ha...@yahoo.com>.
I found that the default configuration needed a bit of tweaking, The default
let you either auto whitelist or manually add and remove, but not both. If
you set it to auto whitelist, your e-mails to whitelist.manager@<host> got
dumped as error message user not found. If you removed the
SMTPAuthSuccessful matcher, then you could send e-mail to the
whitelist.manager, but the auto whitelisting did not work.
To get around this and allow both auto whitelisting and manual queries and
entries, I had to change the configuration making two matchers, one with the
list of users, one with the whitelistmanager specified as follows:
<mailet match="SenderIs=<comma delimited list of users' adresses
here>" class="WhiteListManager" onMailetException="ignore">
<repositoryPath> db://maildb </repositoryPath>
<automaticInsert>true</automaticInsert>
</mailet>
<mailet match="RecipientIs=whitelist.manager@xxx.yyy"
class="WhiteListManager" onMailetException="ignore">
<repositoryPath> db://maildb </repositoryPath>
<whitelistManagerAddress>whitelist.manager@xxx.yyy</whitelistManagerAddress>
<displayFlag>display</displayFlag>
<insertFlag>insert</insertFlag>
<removeFlag>remove</removeFlag>
</mailet>
Unfortunately the list of users is cumbersome, I couldn't get it to
recognize the SMTPAuthSuccessful matcher to accept that as proof of the
source of the whitelist entry. No matter what I did, I couldn't get the
SMTPAuthSuccessful to auto add to the whitelist, it just seemed to ignore
the matcher.
Maybe someone can figure that out, as the SenderIs matcher runs the risk of
a spoofed e-mail from line adding a whole bunch of addresses from a CC: line
to your whiteist.
JWM wrote:
>
> Well, that was precisely what I was looking for. Can't believe I
> overlooked it in the config....
>
> But now that I have found it, I enabled it, and now I can't get the
> WhiteListManager mailet to do anything. It created a new table in the
> database. But all mail going through it is apparently ignored. I've
> set the log levels to 'debug'. IIn the log, I see the "servicing.... by
> White List Manager Mailet" for outbound emails. But nothing ever goes
> into the database. Also, I set an email address to do the
> display/insert/etc. commands. All mail sent to that address pass right
> through it and end up undeliverable on the spool.
>
> So it looks like the mailet is there and is definitely getting called
> based on log entries, but it is completely inactive. Is there some
> trick to waking it up? (I simply enabled the block that was there. So
> the automaticInsert is definitely enabled. Are there any other flags
> that can be set to make it be a little more verbose in the logs? I'm a
> Java programmer. I can debug. I was just hoping to not have to get
> into the source to figure this out.
>
> Thanks.
>
> Jerry
>
> David Legg wrote:
>> Hi Jerry,
>>
>> I too have been using James 2.3.0 for just over a week now. As I
>> mentioned in another email I've been very impressed with it.
>>
>>> I figure this isn't going to be rocket science to write both the
>>> outbound mailet that stores in the db and the inbound matcher that
>>> matches against the entries in the table. But I would like some
>>> comments on a) if this has already been done with existing
>>> matchers/mailets already available, and b) if there are horribly bad
>>> issues with doing something like this that I haven't thought about?
>>
>> I believe this has already been thought of. Have a look for the
>> following text in the config.xml file: -
>>
>> <!-- Whitelist Management -->
>> <!-- Manages for each local user a "white list" of remote addresses
>> whose messages -->
>> <!-- should never be blocked as spam. -->
>> <!-- -->
>> <!-- If <automaticInsert> is true, it will check, for a local sender,
>> if a remote recipient -->
>> <!-- is already in the list: if not, it will be automatically
>> inserted. -->
>> <!-- This is under the interpretation that if a local sender X sends
>> a message to a -->
>> <!-- remote recipient Y, then later on if a message is sent by Y to X
>> it should be -->
>> <!-- considered always valid and never blocked; hence Y should be in
>> the white list -->
>> <!-- of X. -->
>>
>> I considered enabling this section when I did my configuration but
>> decided not to in the end. Why? Because so many spam emails today
>> have spoofed sender addresses that it is bound to happen that a spam
>> pretending to be from the person in the white list will be sent.
>> Perhaps the chances of this are small... I don't know. But I thought
>> I'd see how effective the Bayesian filter was first.
>>
>> - David.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-user-help@james.apache.org
>>
>>
>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Auto-whitelist-mailets--tf2968909.html#a9406311
Sent from the James - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: Auto-whitelist mailets?
Posted by Jerry M <te...@malcolms.com>.
Well, that was precisely what I was looking for. Can't believe I
overlooked it in the config....
But now that I have found it, I enabled it, and now I can't get the
WhiteListManager mailet to do anything. It created a new table in the
database. But all mail going through it is apparently ignored. I've
set the log levels to 'debug'. IIn the log, I see the "servicing.... by
White List Manager Mailet" for outbound emails. But nothing ever goes
into the database. Also, I set an email address to do the
display/insert/etc. commands. All mail sent to that address pass right
through it and end up undeliverable on the spool.
So it looks like the mailet is there and is definitely getting called
based on log entries, but it is completely inactive. Is there some
trick to waking it up? (I simply enabled the block that was there. So
the automaticInsert is definitely enabled. Are there any other flags
that can be set to make it be a little more verbose in the logs? I'm a
Java programmer. I can debug. I was just hoping to not have to get
into the source to figure this out.
Thanks.
Jerry
David Legg wrote:
> Hi Jerry,
>
> I too have been using James 2.3.0 for just over a week now. As I
> mentioned in another email I've been very impressed with it.
>
>> I figure this isn't going to be rocket science to write both the
>> outbound mailet that stores in the db and the inbound matcher that
>> matches against the entries in the table. But I would like some
>> comments on a) if this has already been done with existing
>> matchers/mailets already available, and b) if there are horribly bad
>> issues with doing something like this that I haven't thought about?
>
> I believe this has already been thought of. Have a look for the
> following text in the config.xml file: -
>
> <!-- Whitelist Management -->
> <!-- Manages for each local user a "white list" of remote addresses
> whose messages -->
> <!-- should never be blocked as spam. -->
> <!-- -->
> <!-- If <automaticInsert> is true, it will check, for a local sender,
> if a remote recipient -->
> <!-- is already in the list: if not, it will be automatically
> inserted. -->
> <!-- This is under the interpretation that if a local sender X sends
> a message to a -->
> <!-- remote recipient Y, then later on if a message is sent by Y to X
> it should be -->
> <!-- considered always valid and never blocked; hence Y should be in
> the white list -->
> <!-- of X. -->
>
> I considered enabling this section when I did my configuration but
> decided not to in the end. Why? Because so many spam emails today
> have spoofed sender addresses that it is bound to happen that a spam
> pretending to be from the person in the white list will be sent.
> Perhaps the chances of this are small... I don't know. But I thought
> I'd see how effective the Bayesian filter was first.
>
> - David.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org