You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by JohnKelly <Jo...@yahoo.com> on 2007/01/10 17:53:44 UTC
Re-route spam for all users to a single mailbox?
Using SpamAssassin v3.15, would like to have any message tagged as spam to be
re-routed to a single email account on the server instead of the individual
user's email account. 50+ users and constantly changing, so would like this
to be a global setting if possible.
When installing SpamAssassin, it gave the option to delete spam, tag only or
re-direct to a spam mailbox for the user. But I don't want 50+ mailboxes, I
want it all to go to one.
Docs didn't seem to explain how to do this, so I'm not sure of SpamAssassin
can do this or procmail (Linux server).
Many thanks for help.
--
View this message in context: http://www.nabble.com/Re-route-spam-for-all-users-to-a-single-mailbox--tf2953672.html#a8261335
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Re-route spam for all users to a single mailbox?
Posted by JohnKelly <Jo...@yahoo.com>.
Elizabeth Schwartz wrote:
>
> On the social side, the other reason to think twice about doing this is
> that
> false positives happen. If you intercept all tagged mail, your users won't
> get the chance to review their spam, and conversely you might find
> yourself
> with private email (someone's x-rated note, perhaps, or mortgage info?)
>
> Just something to think about.
>
> (in the last few months, I've had both my own and my boss's travel
> confirmation emails get false positive tags. Just sayin'.)
>
>
I understand, but thanks for mentioning it. It's just that some of the spam
messages are so, well, disgusting, that some of our more sensitive staff
don't even wish to receive them at all. So we decided to dump all spam into
a central garbage can so to speak.
--
View this message in context: http://www.nabble.com/Re-route-spam-for-all-users-to-a-single-mailbox--tf2953672.html#a8266624
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Re-route spam for all users to a single mailbox?
Posted by Elizabeth Schwartz <be...@gmail.com>.
On the social side, the other reason to think twice about doing this is that
false positives happen. If you intercept all tagged mail, your users won't
get the chance to review their spam, and conversely you might find yourself
with private email (someone's x-rated note, perhaps, or mortgage info?)
Just something to think about.
(in the last few months, I've had both my own and my boss's travel
confirmation emails get false positive tags. Just sayin'.)
Re: Re-route spam for all users to a single mailbox?
Posted by "Jack L. Stone" <ja...@sage-american.com>.
On 10 Jan 2007 at 18:21, John D. Hardin wrote:
> On Wed, 10 Jan 2007, Jack L. Stone wrote:
>
> > Hi, John: Looked at your stuff with interest, especially the
> > milter- regex.conf file.
> >
> > This line: header /Subject/i /[??
> > ...appears to be missing a delimiter on the end "/i" perhaps?
> > ...or anything more should be there and what does it do?
>
> That line has raw high-bit characters in it. It's not too surprising
> that it looks wierd, depending on the editor you use, and it may not
> display properly in a browser.
>
Ah yes. Did a wget and opened in a Unix editor and got the high bits.
Makes sense now.
Thanks!
Regards,
Jack L. Stone
System Admin
Re: Re-route spam for all users to a single mailbox?
Posted by "John D. Hardin" <jh...@impsec.org>.
On Wed, 10 Jan 2007, Jack L. Stone wrote:
> Hi, John: Looked at your stuff with interest, especially the
> milter- regex.conf file.
>
> This line: header /Subject/i /[??
> ...appears to be missing a delimiter on the end "/i" perhaps?
> ...or anything more should be there and what does it do?
That line has raw high-bit characters in it. It's not too surprising
that it looks wierd, depending on the editor you use, and it may not
display properly in a browser.
{tries it}
Yeah, if I look at my local copy using a file:// URL it looks fine,
but if I look at the copy on the webserver it spits out question
marks.
I did a File -> Save As and looked at the file in vi and it looks
correct. How are you looking at the file?
> Sorry to shift from the procmail portion....
No problem for me, but it's getting off-topic for the list.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
So Microsoft's invented the ASCII equivalent to ugly ink spots that
appear on your letter when your pen is malfunctioning.
-- Greg Andrews, about Microsoft's way to encode apostrophes
-----------------------------------------------------------------------
7 days until Benjamin Franklin's 301st Birthday
Re: Re-route spam for all users to a single mailbox?
Posted by "Jack L. Stone" <ja...@sage-american.com>.
On 10 Jan 2007 at 9:35, John D. Hardin wrote:
> On Wed, 10 Jan 2007, JohnKelly wrote:
>
> > When installing SpamAssassin, it gave the option to delete spam,
>
> Spamassassin marks, it does NOT dispose. There's some automatic
> infrastructure beyond spamassassin involved here. Can you give us some
> more details about your MTA and how it delivers messages to use
> mailboxes?
>
> > Docs didn't seem to explain how to do this, so I'm not sure of
> > SpamAssassin can do this or procmail (Linux server).
>
> There's a sample spamassassin procmail script at
> http://www.impsec.org/~jhardin/antispam/
>
Hi, John: Looked at your stuff with interest, especially the milter-
regex.conf file.
This line: header /Subject/i /[??
...appears to be missing a delimiter on the end "/i" perhaps? ...or
anything more should be there and what does it do?
Sorry to shift from the procmail portion....
Regards,
Jack L. Stone
System Admin
Re: Re-route spam for all users to a single mailbox?
Posted by JohnKelly <Jo...@yahoo.com>.
I've sent requested info via "reply to author" link, thanks!
John D. Hardin wrote:
>
> On Wed, 10 Jan 2007, JohnKelly wrote:
>
>> I'm not sure about the MTA... running sendmail on a FreeBSD
>> server.
>
> ...and discussing procmail implies procmail is your delivery agent.
> Okay.
>
>> Actually I was planning on forwarding to a pseudo-user, by setting
>> up a POP account for spam@domain.com and then redirecting all spam
>> to that "user".
>
> Good.
>
>> I'm guessing the above code goes into the procmailrc file -- or is
>> it a drop-in replacement?
>
> The way it's intended to be used is you drop it into /etc/procmail/
> and edit it to match your MTA config (hostnames, local networks,
> etc.), and then in the global /etc/procmailrc or in the per-used
> $HOME/.procmailrc files you add:
>
> INCLUDERC=/etc/procmail/spamassassin.procmail
>
> There's some log trolling involved, so it's intended to occur before
> any procmail "DROPPRIVS=yes" commands occur.
>
> So if you want to implement SA for all your users, drop it into
> /etc/procmail/, edit the hostnames and local network(s) to match your
> situation (you might need to look at the headers in an email you've
> received to gte the Received header details right), and near the top
> of /etc/procmailrc add the above INCLUDERC= command.
>
> Again, if you want everybody's high-scoring spam to go to the
> pseudo-account by default, you'll have to take out the per-user
> Keep_All_Spams test, and change the handling of the spams.
>
> If you send me offlist a copy of the headers from a sample inbound
> message, and list whatever private network ranges you're using, I'll
> make those changes for you.
>
>> ## begin spamassassin vinstall (do not remove these comments)
>> ## edits inside this block may be reverted at upgrade. Edit at your own
>> risk!
>>
>> TMPLOGFILE=$LOGFILE
>> TMPLOGABSTRACT=$LOGABSTRACT
>> TMPVERBOSE=$VERBOSE
>>
>> DROPPRIVS=yes
>> LOGFILE=/dev/null
>> LOGABSTRACT=yes
>> VERBOSE=no
>>
>> :0fw
>> |/usr/local/bin/spamc -U /var/run/spamd.sock
>>
>> LOGFILE=$TMPLOGFILE
>> LOGABSTRACT=$TMPLOGABSTRACT
>> VERBOSE=$TMPVERBOSE
>> ## end spamassassin vinstall (do not remove these comments)
>
> Is that the global /etc/procmailrc, or a per-user $HOME/.procmailrc?
>
> If you decide to use the script I provide, you'll want to turn off the
> scripting that the "spamassassin vinstall" has added. I don't know
> what's doing that, so I can't make any recommendations there.
>
> --
> John Hardin KA7OHZ http://www.impsec.org/~jhardin/
> jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
> -----------------------------------------------------------------------
> Windows and its users got mentioned at home today, after my wife the
> psych major brought up Seligman's theory of "learned helplessness."
> -- Dan Birchall in a.s.r
> -----------------------------------------------------------------------
> 7 days until Benjamin Franklin's 301st Birthday
>
>
>
--
View this message in context: http://www.nabble.com/Re-route-spam-for-all-users-to-a-single-mailbox--tf2953672.html#a8266613
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Re-route spam for all users to a single mailbox?
Posted by "John D. Hardin" <jh...@impsec.org>.
On Wed, 10 Jan 2007, JohnKelly wrote:
> I'm not sure about the MTA... running sendmail on a FreeBSD
> server.
...and discussing procmail implies procmail is your delivery agent.
Okay.
> Actually I was planning on forwarding to a pseudo-user, by setting
> up a POP account for spam@domain.com and then redirecting all spam
> to that "user".
Good.
> I'm guessing the above code goes into the procmailrc file -- or is
> it a drop-in replacement?
The way it's intended to be used is you drop it into /etc/procmail/
and edit it to match your MTA config (hostnames, local networks,
etc.), and then in the global /etc/procmailrc or in the per-used
$HOME/.procmailrc files you add:
INCLUDERC=/etc/procmail/spamassassin.procmail
There's some log trolling involved, so it's intended to occur before
any procmail "DROPPRIVS=yes" commands occur.
So if you want to implement SA for all your users, drop it into
/etc/procmail/, edit the hostnames and local network(s) to match your
situation (you might need to look at the headers in an email you've
received to gte the Received header details right), and near the top
of /etc/procmailrc add the above INCLUDERC= command.
Again, if you want everybody's high-scoring spam to go to the
pseudo-account by default, you'll have to take out the per-user
Keep_All_Spams test, and change the handling of the spams.
If you send me offlist a copy of the headers from a sample inbound
message, and list whatever private network ranges you're using, I'll
make those changes for you.
> ## begin spamassassin vinstall (do not remove these comments)
> ## edits inside this block may be reverted at upgrade. Edit at your own
> risk!
>
> TMPLOGFILE=$LOGFILE
> TMPLOGABSTRACT=$LOGABSTRACT
> TMPVERBOSE=$VERBOSE
>
> DROPPRIVS=yes
> LOGFILE=/dev/null
> LOGABSTRACT=yes
> VERBOSE=no
>
> :0fw
> |/usr/local/bin/spamc -U /var/run/spamd.sock
>
> LOGFILE=$TMPLOGFILE
> LOGABSTRACT=$TMPLOGABSTRACT
> VERBOSE=$TMPVERBOSE
> ## end spamassassin vinstall (do not remove these comments)
Is that the global /etc/procmailrc, or a per-user $HOME/.procmailrc?
If you decide to use the script I provide, you'll want to turn off the
scripting that the "spamassassin vinstall" has added. I don't know
what's doing that, so I can't make any recommendations there.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Windows and its users got mentioned at home today, after my wife the
psych major brought up Seligman's theory of "learned helplessness."
-- Dan Birchall in a.s.r
-----------------------------------------------------------------------
7 days until Benjamin Franklin's 301st Birthday
Re: Re-route spam for all users to a single mailbox?
Posted by JohnKelly <Jo...@yahoo.com>.
John D. Hardin wrote:
>
> On Wed, 10 Jan 2007, JohnKelly wrote:
>
>> When installing SpamAssassin, it gave the option to delete spam,
>
> Spamassassin marks, it does NOT dispose. There's some automatic
> infrastructure beyond spamassassin involved here. Can you give us some
> more details about your MTA and how it delivers messages to use
> mailboxes?
>
>
>> Docs didn't seem to explain how to do this, so I'm not sure of
>> SpamAssassin can do this or procmail (Linux server).
>
> There's a sample spamassassin procmail script at
> http://www.impsec.org/~jhardin/antispam/
>
> If you want to deliver high-scoring spams to a systemwide mailbox
> rather than a per-user folder, you can change the bit where it looks
> at the per-user Keep_All_Spams option, and change it to something like
>
> :0
> ! global_spambox_pseudouser
>
> rather than
>
> :0
> $HOME/mail/SpamAssassin-INBOX
>
> I would not recommend delivering directly to a systemwide mail folder,
> as that has access permission issues. It's simpler to set up a
> pseudo-user that gets nothing but high-scoring spam.
>
> If you want to do it by default rather than by user opt-in, then
> disable the Keep_All_Spams test.
>
>
I'm not sure about the MTA... running sendmail on a FreeBSD server.
Actually I was planning on forwarding to a pseudo-user, by setting up a POP
account for spam@domain.com and then redirecting all spam to that "user".
I'm guessing the above code goes into the procmailrc file -- or is it a
drop-in replacement? FYI my file is below:
## begin spamassassin vinstall (do not remove these comments)
## edits inside this block may be reverted at upgrade. Edit at your own
risk!
TMPLOGFILE=$LOGFILE
TMPLOGABSTRACT=$LOGABSTRACT
TMPVERBOSE=$VERBOSE
DROPPRIVS=yes
LOGFILE=/dev/null
LOGABSTRACT=yes
VERBOSE=no
:0fw
|/usr/local/bin/spamc -U /var/run/spamd.sock
LOGFILE=$TMPLOGFILE
LOGABSTRACT=$TMPLOGABSTRACT
VERBOSE=$TMPVERBOSE
## end spamassassin vinstall (do not remove these comments)
--
View this message in context: http://www.nabble.com/Re-route-spam-for-all-users-to-a-single-mailbox--tf2953672.html#a8263986
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Re-route spam for all users to a single mailbox?
Posted by "John D. Hardin" <jh...@impsec.org>.
On Wed, 10 Jan 2007, JohnKelly wrote:
> When installing SpamAssassin, it gave the option to delete spam,
Spamassassin marks, it does NOT dispose. There's some automatic
infrastructure beyond spamassassin involved here. Can you give us some
more details about your MTA and how it delivers messages to use
mailboxes?
> Docs didn't seem to explain how to do this, so I'm not sure of
> SpamAssassin can do this or procmail (Linux server).
There's a sample spamassassin procmail script at
http://www.impsec.org/~jhardin/antispam/
If you want to deliver high-scoring spams to a systemwide mailbox
rather than a per-user folder, you can change the bit where it looks
at the per-user Keep_All_Spams option, and change it to something like
:0
! global_spambox_pseudouser
rather than
:0
$HOME/mail/SpamAssassin-INBOX
I would not recommend delivering directly to a systemwide mail folder,
as that has access permission issues. It's simpler to set up a
pseudo-user that gets nothing but high-scoring spam.
If you want to do it by default rather than by user opt-in, then
disable the Keep_All_Spams test.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Windows and its users got mentioned at home today, after my wife the
psych major brought up Seligman's theory of "learned helplessness."
-- Dan Birchall in a.s.r
-----------------------------------------------------------------------
7 days until Benjamin Franklin's 301st Birthday