Markus Kadelke wrote:
> Dear all,
>
SNIP
>
> 1. Mails get checked even in a session where the user authenticated itself.
Are you sure they are authenticated against exim, not just on your
webmail? Could you show us logs of the authentication?
> 2. Mails with >30K are being checked.
> 3. In case Mails are over threshold they are beeing checked twice
> (Headers are added twice).
> 4. I keep receiving Mails that are correctly tagged as [*SPAM*] in the
> subject and exceed spam_score_int by far, e.g. with a score of 210. But
> they are not rejected but delivered to my local inbox. Most of the SPAM
> mails are correctly rejected. I have no idea why. Sample header of a
> mail that should have been rejected:
>
I fail to see why you are still using amavisd. If you use amavisd, you
have to accept mails to deliver them to amavis, so mails will not be
rejected but bounced to the probably faked sender, thus creating
collateral spam.
Simple ACL rules should permit you to check for spam and deny it at SMTP
time without the overhead of amavis.
like this for example:
#put Headers
warn
!hosts = +relay_from_hosts
condition = ${if <={$message_size}{256k}{1}{0}}
spam = nobody:true
add_header = X-Spam-Score: $spam_score ($spam_bar)
log_message = Spam-score: $spam_score
#put even more Headers
warn
!hosts = +relay_from_hosts
condition = ${if <={$message_size}{256k}{1}{0}}
spam = nobody:true
add_header = X-Spam-Report: $spam_report
#Deny spam
drop
!hosts = +relay_from_hosts
condition = ${if <={$message_size}{256k}{1}{0}}
message = Message rejected due to spam score:
$spam_score\n$spam_report
log_message = $sender_host_address (for $acl_m3) has spam
score: $spam_score
spam = nobody:true
condition = ${if >{$spam_score_int}{70}{1}{0}}
delay = 60s
