Re: [Exim] Selective spam filtering

Top Page
Delete this message
Reply to this message
Author: Nigel Wade
Date:  
CC: Exim users list
Subject: Re: [Exim] Selective spam filtering
Alan J. Flavell wrote:
> On Thu, 12 Feb 2004, Tony Finch wrote:
>
>
>>> http://www.exim.org/pipermail/exim-users/Week-of-Mon-20031006/061151.html
>>
>>MBM told me about this trick on Monday evening in the context of dealing
>>with different policies between postmaster and other recipients. I like
>>it :-)
>>
>>One question I have for you (since you've actually deployed it) is how
>>you deal with aliases.
>
>
> I can't speak for Chris's version, but in our department mailer the
> operative clause for the spam-loving users (as opposed to postmaster
> and abuse addresses, which are handled separately by means of a
> local_parts clause) is just
>
>    recipients = +suckers

>
> where the "main configuration" part has defined:
>
> addresslist suckers = ...
>
> with a list of actual addresses (could be an external file or db of
> course).
>
> The rest follows from that: if I'm not mistaken, this means that a
> user could have one alias that allowed spam through and another that
> didn't, although we haven't studied that requirement in detail.
>
>
>>More tricky is the case when a recipient address resolves to more than
>>one person and they have different settings. Do you implement a separate
>>spam threshold for each alias,
>
>
> Well, the whole mechanism (as far as users are concerned) is what I've
> already shown, so it does whatever it does, and seems to meet the
> users' demands. Within the scope of our requirement, we haven't had
> to tackle multiple-recipient aliases yet - other than with the
> postmaster and abuse addresses, which send everything[1] to the
> specified shortlist of minders.
>
> cheers
>
> [1]There's a tiny local blacklist for those idiots who spammed the


I'm just setting up our first Exim server, so how to handle SpamAssassin at
the user level is something I'm still in the process of setting up -
although I think I now have a workable solution.

What I am currently testing is the following. At smtp_data time all mail is
pushed through SA by exiscan, but no headers are added at this stage only
acl variables set. In the system filter any SA headers in the incoming mail
are stripped and then a new set of headers are added. I do this to avoid
duplicate SA headers as our mail is scanned (poorly) by the campus mail
hubs. To allow for individual user preferences a router checks for the
existence of the recipients' user_prefs file and if it exists SA headers are
stripped and SA is run again for that user. The downside of this is that
users who have their own SA preferences have their mail scanned twice.

I am looking into the possibility of checking at acl_rcpt time for the
recipient's user_prefs file and only running the smtp_data SA check if it
doesn't exist. I'm still thinking about how to handle multiple recipients
and aliases...

--
Nigel Wade, System Administrator, Space Plasma Physics Group,
             University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw@???
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555