You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Thomas Harold <th...@nybeta.com> on 2009/12/16 15:25:04 UTC
Re: Sieve mailing list rules (was Spam from compromised web mails)
On 12/15/2009 9:54 AM, Benny Pedersen wrote:
> On tir 15 dec 2009 15:44:50 CET, Jeff Koch wrote
>
>> in has a tag. A tag of two characters would allow users to quickly
>> identify the email as coming from the SA mailing list and decide
>> whether the email is worth opening.
>
> in the header:
>
> List-Id: <users.spamassassin.apache.org>
>
> in sieve filter:
>
I use a bit simpler syntax.
require ["body","fileinto","include"];
if allof(
header :contains "List-ID" "<users.spamassassin.apache.org>"
) {
fileinto "Mail.SpamAssassin";
stop;
}
I think only "fileinto" is required for the above, but you might need
other options in the require line. I have half a dozen requires in my
sieve file.
If I think that someone will forge the List-ID line, I add additional
checks like:
if allof(
header :contains "Precedence" "bulk",
header :contains "Maling-List" "@spamassassin.apache.org",
header :contains "List-ID" "<users.spamassassin.apache.org>"
) {
fileinto "Mail.SpamAssassin";
stop;
}
I generally check on the "Sender" and "List-ID" headers as those are
added by most mailing list software. Server-side Sieve filtering into
individual IMAP folders is the only way (IMO) to stay sane and track a
few dozen mailing lists.
(Sieve is a wonderful thing...)