Steven A. Reisman wrote:
> On Wed, Feb 16, 2005 at 02:24:16AM +0800, Bill Hacker wrote:
>
>>>if "$h_X-Spam-Level:" contains "********************"
>>>then
>>> logfile /var/spool/spam/from-spam.txt
>>> logwrite "$sender_address"
>>>endif
>
>
>
>>Too fatigued to try just now, but .....
>
>
>
>>I am interested in time-stamping entries so as to remove those over an
>>hour old, rather than all entries every hour regardless of age.
>
>
> How about:
>
> if "$h_X-Spam-Level:" contains "********************"
> then
> logfile /var/spool/spam/from-spam.txt
> logwrite "$sender_address: $tod_epoch"
> endif
>
>
> Then using an lsearch lookup you can compare current time with logged
> time.
>
> Hmmm... how hard would it be to add dbmwrite capability.
>
>
> Steve
>
Presume that's a 'post Spam Assassin scoring' re-injection.
..... there are a number of proven ways..
Not sure if the wheel is being re-invented here, or just a 'nuther set
of tires fitted, but should be a goal to keep it a bit lighter-weight
than some of the greylisting alternatives...
The real payoff is down the line - where it can reduce what SA etc. need
to see.
If SA (or other) output is then fed-back to strengthen the up-front
reduction, so much the better.
Bill
