After downloading a mail through IMAP, before parsing I want to check if its spam!

[Shankar <va...@gmail.com>]

Introduction:
I have a ticket system in PHP. People report tickets over email. A mail
parser connects to the mailbox using IMAP, downloads the email and parses it
to create a ticket which can be viewed/updated over the web interface.

My requirement:
I want my application to check if the downloaded email is a spam before it
creates a ticket out of the mail. Basically I want a way to pass the email
as a string to the spamassassin perl script which then tells me if its a
spam! How to achieve this with SpamAssassin?

My application is hosted on Linux (RHEL 5.3 64bit) and plan to use the
latest version of SpamAssassin.
It would be great if you can just list out the steps. Thanks.


-- 
Regards,
Varun Shankar

Re: After downloading a mail through IMAP, before parsing I want to check if its spam!

[Bowie Bailey <Bo...@BUC.com>]

On 4/22/2011 10:34 AM, Shankar wrote:
> Introduction:
> I have a ticket system in PHP. People report tickets over email. A
> mail parser connects to the mailbox using IMAP, downloads the email
> and parses it to create a ticket which can be viewed/updated over the
> web interface.
>
> My requirement:
> I want my application to check if the downloaded email is a spam
> before it creates a ticket out of the mail. Basically I want a way to
> pass the email as a string to the spamassassin perl script which then
> tells me if its a spam! How to achieve this with SpamAssassin?

Why not implement SpamAssassin at the front end before the mail is
delivered to the IMAP mailbox?  If you tell us what mailserver you are
using, we can give you instructions for setting it up.

-- 
Bowie

Re: After downloading a mail through IMAP, before parsing I want to check if its spam!

[Michael Scheidell <mi...@secnap.com>]

On 4/22/11 10:34 AM, Shankar wrote:
> Introduction:
> I have a ticket system in PHP. People report tickets over email. A 
> mail parser connects to the mailbox using IMAP, downloads the email 
> and parses it to create a ticket which can be viewed/updated over the 
> web interface.
>
> My requirement:
> I want my application to check if the downloaded email is a spam 
> before it creates a ticket out of the mail. Basically I want a way to 
> pass the email as a string to the spamassassin perl script which then 
> tells me if its a spam! How to achieve this with SpamAssassin?
>
option #1:   implement capta to stop it at the border.

option #2 (and as a backup to #1)

can't be done.

use fetchmail via imap and pass it to spamc?

how would you decide where the email originated?  last external ip to 
doublecheck rbl's?

take the ip address (or proxy by?) address and add as a fake received 
header?
would not match any reasonable rbl.. in fact, your legit users would be 
in dialup, pbl lists.

implement capta and maybe a honeypot rbl list for webspam.

-- 
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
 >*| *SECNAP Network Security Corporation

    * Best Intrusion Prevention Product, Networks Product Guide
    * Certified SNORT Integrator
    * Hot Company Award, World Executive Alliance
    * Best in Email Security, 2010 Network Products Guide
    * King of Spam Filters, SC Magazine

______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________  

Re: After downloading a mail through IMAP, before parsing I want to check if its spam!

[Shankar <va...@gmail.com>]

The MTA is not controlled by me. The mails are received at a Google Apps
email address. Hence I don't have the option to implement SpamAssassin at
the front end( before the mail is delivered to the mailbox)

On Fri, Apr 22, 2011 at 8:46 PM, Martin Gregorie <ma...@gregorie.org>wrote:

> On Fri, 2011-04-22 at 20:04 +0530, Shankar wrote:
> > Introduction:
> > I have a ticket system in PHP. People report tickets over email. A mail
> > parser connects to the mailbox using IMAP, downloads the email and parses
> it
> > to create a ticket which can be viewed/updated over the web interface.
> >
> Who controls the IMAP mailbox and the MTA that puts incoming messages
> into it?
>
> If its you or you are in a position to run your own MTA, your best bet
> is to let it pass incoming mail to Spamassassin and put the scored mail
> in the mailbox. This way your application can check for spam by looking
> at the X-Spam-Status header and you also have the opportunity of using
> the MTA's SMTP-time checks to apply blacklists etc and reject spam
> without needing to process it further.
>
> Configure the MTA to use spamc/spamd rather than calling the
> spamassassin script because its faster: where spamassassin goes through
> startup/shutdown for every message it scans, spamd only does so once,
> when the system is booted.
>
> Martin
>
>
>
>


-- 
Regards,
Varun Shankar

Re: After downloading a mail through IMAP, before parsing I want to check if its spam!

[Martin Gregorie <ma...@gregorie.org>]

On Fri, 2011-04-22 at 20:04 +0530, Shankar wrote:
> Introduction:
> I have a ticket system in PHP. People report tickets over email. A mail
> parser connects to the mailbox using IMAP, downloads the email and parses it
> to create a ticket which can be viewed/updated over the web interface.
>
Who controls the IMAP mailbox and the MTA that puts incoming messages
into it?

If its you or you are in a position to run your own MTA, your best bet
is to let it pass incoming mail to Spamassassin and put the scored mail
in the mailbox. This way your application can check for spam by looking
at the X-Spam-Status header and you also have the opportunity of using
the MTA's SMTP-time checks to apply blacklists etc and reject spam
without needing to process it further.

Configure the MTA to use spamc/spamd rather than calling the
spamassassin script because its faster: where spamassassin goes through
startup/shutdown for every message it scans, spamd only does so once,
when the system is booted.

Martin