You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Eric A. Hall" <eh...@ehsco.com> on 2005/06/10 21:04:45 UTC
AWL pokes, and SAGray.pm
I'm looking to do a quick-n-dirty plugin that:
1) reads the spam threshold score from config (eg, default is "5.0")
2) reads the spam score for the current message
3) compares if the current score is greater than the threshold score,
AND if the auto-whitelist learner has not seen this sender tuple
4) append header field that says probable spam from unknown sender
The purpose of this is to allow my MTA to defer accepting messages that
have this header field, providing a psuedo-greylisting feature that is
keyed to spamassassin score which reuses the AWL tracking. Using this
approach, I can do selective keying on spam instead of everybody (thus
minimizing collateral damage to the honest mail systems that don't respond
well to greylisting), and can avoid implementing yet-another tracking
system (if I can get away with reusing AWL).
[I should state the obligitory -- this module won't do much for people who
call SA from procmail. But in my setup, postfix is calling spamassassin
during the transfer process and I'm currently rejecting spam over 8.0, and
rerouting mail in the 5.0-8.0 range to a per-user "Junk mail" folder for
quarantine. This module would simply defer mail in the 5.0-8.0 range the
first time they try, while subsequent transfers would be quarantined as
current behavior.]
Looking through the permsgstatus docs, getting the threshold and current
spam score values looks pretty simple. But there doesn't seem to be much
support for working with the AWL system, and I'm looking for suggestions
here. I don't want to manipulate the database since it may not exist
(maybe its using SQL storage or something).
What I specifically need from AWL is number of instances for the current
sender tuple, with the value of "one" (for the current message) being the
magic number. Any suggestions would be appreciated.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Re: AWL pokes, and SAGray.pm
Posted by "Eric A. Hall" <eh...@ehsco.com>.
On 6/10/2005 3:04 PM, Eric A. Hall wrote:
> [I should state the obligitory -- this module won't do much for people
> who call SA from procmail.
Actually there is the possibility of using a rule that adds ~1.0 to the
score, instead of adding a header. I can check for the presence of the
rule to achieve my objectives, while the additional score would also serve
to penalize first-time ~spam (possibly causing it to be rejected outright)
which would benefit local users too.
I should think about this stuff more before posting probably.
Anyway, I still need a way to read AWL data.
Thanks
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Re: AWL pokes, and SAGray.pm
Posted by "Eric A. Hall" <eh...@ehsco.com>.
On 6/10/2005 3:04 PM, Eric A. Hall wrote:
> What I specifically need from AWL is number of instances for the current
> sender tuple, with the value of "one" (for the current message) being the
> magic number. Any suggestions would be appreciated.
http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_AutoWhitelist.html
says that "$meanscore = awl->check_address($addr, $originating_ip);" is
supposed to work for this but it always seems to return undef no matter
what. Is it supposed to do what I think it's supposed to do or do I need
to do some other stuff first (like setup a factory or whatever)?
> Looking through the permsgstatus docs, getting the threshold and current
> spam score values looks pretty simple.
This doesn't seem to be easy, either. It looks like I have to put the code
for pulling current score in a sub check_end {} block but it's not
behaving... I'm trying to figure out what URIBLDNS does here but it's not
simple like I'd hoped.
So much for "quick and dirty"
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/