Re: [exim] anti-spam pointers please

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Larry Rosenman at <-
MMNiels Dettenbach at ->
Delete this message
Reply to this message
Author: Rory Campbell-Lange
Date:  
To: Larry Rosenman
CC: exim-users, Exim-users
Subject: Re: [exim] anti-spam pointers please
On 01/04/19, Larry Rosenman (ler@???) wrote:
> On 04/01/2019 2:01 pm, Rory Campbell-Lange via Exim-users wrote:
> > It's some years since I've spent time tweaking my exim setup to receive
> > spam. I've forgotten any skills I might once have had in this area.
> >
> > I've gotten sick of getting 30+ spam emails a day and need to do
> > something about it! I'd be grateful for some pointers to the
> > state-of-the-art setup.
...
> > Pointers much appreciated.
>
> I use the following in my content check ACL:
> 
>   warn  message = X-Spam-Score: $spam_score ($spam_bar)
>         ! authenticated = *
>         spam = smmsp:true
>   warn  message = X-LERCTR-Spam-Score: $spam_score ($spam_bar)
>         ! authenticated = *
>         spam = smmsp:true
>   warn  message = X-Spam-Report: $spam_report
>         ! authenticated = *
>         spam = smmsp:true
>   warn  message = X-LERCTR-Spam-Report: $spam_report
>         ! authenticated = *
>         spam = smmsp:true
>   # Add X-Spam-Flag if spam is over system-wide threshold
>   warn message = X-Spam-Flag: YES
>         ! authenticated = *
>         spam = smmsp:true
>         condition = ${if >={$spam_score_int}{50}{1}{0}}
>   warn message = X-LERCTR-Spam-Flag: YES
>         ! authenticated = *
>         spam = smmsp:true
>         condition = ${if >={$spam_score_int}{50}{1}{0}}

> 
>   #warn  message = DomainKey-Status: $dkim_status
> #       !condition = ${if eq{$dkim_status}{}{1}{0}}
>   # Reject spam messages with score over 7, using an extra condition.
>   deny  message = This message scored $spam_score points. Congratulations!
>         ! authenticated = *
>         spam = smmsp:true
>         condition = ${if >{$spam_score_int}{70}{1}{0}}

>
> With having spamd_address set to 127.0.0.1 783 in the first section.

Hi Larry

Thanks very much for the suggestions.

Glancing at the docs under chapter 35, I guess my local users are
"authenticated" due to our use of cram_md5. I'm giving your rules a go!

I wonder also if my /etc/spamassasin/local.cf is right 

    required_score 3.0
    score RP_MATCHES_RCVD -0.01
    bayes_auto_learn 0
    ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
    endif # Mail::SpamAssassin::Plugin::Shortcircuit


Required score seems quite a bit lower than 70 in Exim.

Thanks again
Rory


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] anti-spam pointers pleaseRe: [exim] anti-spam pointers please->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)