Re: [exim] Out of Office and collateral spam

Top Page
Delete this message
Reply to this message
Author: ROGERS Richard
Date:  
To: iane, Patrick von der Hagen
CC: exim-users
Subject: Re: [exim] Out of Office and collateral spam
iane@??? wrote:
> --On 19 December 2007 14:04:43 +0100 Patrick von der Hagen
> <hagen@???> wrote:
>
>>
>> Anyway, if your gateway can detect spam it can mark each message in
>> a way that prevents Exchnge from sending OoO. Here we use exim to
>> mark each message with a spam-value which is used to route messages
>> in an Exchange-Junk-folder and make sure there is a
>> Precedence-Header to avoid OoO.
>>
>
> Even better, if it's suspected spam, reject it. If you get a false
> positive, the sender should get to know about it. Delivering
> real spam into
> mailboxes is pointless, and delivering false positives into
> spam mailboxes
> just ensures that they'll get lost - you might just as well
> thrown them
> away.
>
> Still, you might also look at Exim's "personal" filter condition, and
> emulate that by adding headers before delivery. So, for
> example, if the
> recipient isn't a "To:" recipient, then add the header.


Thanks for these suggestions. I will certainly be looking into adding
"Precedence: bulk" (or junk) headers to suspected spam.

We do indeed reject as much as we dare(!) at SMTP time using various
tests within Exim, which in itself reduces the scale of the problem by
probably upwards of 90%. However, there are always "false negatives" and
those messages that SpamAsassin scores between the "probably spam"
threshold at which we tag and deliver, and the "pretty certainly spam"
threshold at which we reject outright - this last class in particular is
the one I would want to suppress OoO response for. (Can't do much about
the false negatives as, by definition, we can't identify them!)

I'd still be interested in ways of finding out who has OoO set, as it's
tempting to turn the wick up on the spam checking for anyone who is
known to be out (there are various permitted opt-outs here).

Thanks again, and regards

Richard

--
Richard Rogers
IT Development and Innovation Manager
Information Services, Staffordshire University


The information in this email is confidential and is intended solely for the addressee. Access to this email by anyone else is unauthorised.



If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, except for the purpose of delivery to the addressee, is prohibited and may be unlawful. Kindly notify the sender and delete the message and any attachment from your computer.