Using the Spam Filter

Built into the Csoft.net e-mail system is the latest production release of SpamAssassin, which is to our knowledge the most advanced spam filter available. Our local delivery agent (mailprocd), embeds SpamAssassin such that the filter runs privately (under each user's own UID), and persistently (as a dedicated server process).

Configuring Spam Filtering (via the Web Interface)
When you create a new e-mail address in the Mail / Mail Addresses section of the Control Panel, you can request that e-mails considered to be spam should be delivered to the "Spam" folder of a target mailbox, by selecting either "Deliver to Inbox (or Spam)", or "Deliver to IMAP Folder (or Spam)". The server will automatically move messages considered spam to the "Spam" folder of the mailbox.

Note: It is recommended that IMAP clients be configured to purge old messages periodically from the Spam folder, because the server will, by default, keep messages in the Spam folder indefinitely.
Configuring Spam Filtering (via Command Line)
Using the Shell Interface, one can manipulate delivery instructions with the mail rule add and mail rule del commands. For convenience, macros can also be defined with the &macro syntax. The following example creates a macro named &joemacro, and two equivalent e-mail addresses (joe@example.com and joseph@example.com):
  csoftadm> mail rule add &joemacro spam>=15 /dev/null
  csoftadm> mail rule add &joemacro spam>=5 joe/Spam
  csoftadm> mail rule add &joemacro spam<=5 joe
  csoftadm> mail rule add &joemacro "from=office@example.com" joe/Office
  csoftadm> mail rule add &joemacro "subject=Invoice.*" joe/Invoices

  csoftadm> mail alias add joe@example.com &joemacro
  csoftadm> mail alias add joseph@example.com &joemacro
Possible Condition Types
More advanced classification and delivery instructions can also be configured. To edit the delivery instructions associated with an e-mail address from the Control Panel, click on the address in the Mail / Mail Addresses table. The server will execute every instruction with a condition that evaluates to true. Possible conditions include:
any Always True
spam Always True, but add X-Spam-Status header and move potentially harmful contents to separate attachments.
spam>=5 True if SpamAssassin score is ≥ 5.0 (probably spam).
spam<=5 True if SpamAssassin score is ≤ 5.0 (probably not spam).
sender=user@example.com True if From: address matches given expression
subject=pattern True if Subject: line matches given expression
size<=number True if message size is ≤ bytes
size>=number True if message size is ≥ bytes
Alternate method: Classification with external program
For more complex e-mail processing, filtering and classification tasks, the server can be configured to use an external program. The standard procmail(1) and maildrop(1) are both available on all servers. Setting the conditional field to spam when configuring an address can be useful when using an external filter. The message will be scanned (and a "X-Spam-Status" header will be inserted), before being fed to the external program:
  csoftadm> mail rule add joe@example.com spam |procmail

If your command includes spaces, arguments or environment variables, make sure to use quotes:

  csoftadm> mail rule add joe@example.com spam "|procmail $HOME/.alt-procmailrc"
Configuring SpamAssassin

SpamAssassin provides numerous configuration parameters. These parameters are documented in detail under Mail::SpamAssassin::Conf(3), and are controlled from the ~/.spamassassin/user_prefs. Here is a sample user_prefs file. We recommend setting at least ok_locales and ok_languages:

  # Expect messages in French, English
  ok_locales en fr
  ok_languages en fr

To add e-mail addresses to the whitelist, use the whitelist_auth directive:

  whitelist_auth joe@example.com
  whitelist_auth *@corp.example.com
  whitelist_auth *@*.example.com

If a sender is using a third-party DKIM signature, the domain tied to the signature may be specified as a second argument:

  whitelist_auth jane@example.com	gmail.com

Use blacklist_from to blacklist addresses or domains:

  # Blacklist addresses
  blacklist_from spammer@example.com
  blacklist_from *@spammer.com

The score directive may be used to change the default score associated with a test (use with caution):

  score UNWANTED_LANGUAGE_BODY 3.5

When you are done editing user_prefs, make sure to copy it to the /mail/$USER/.spamassassin/ directory. This will make the change propagate immediately to the mail server (/mail/ is the active mail server's network filesystem).

  $ mkdir /mail/$USER/.spamassassin
  $ cp ~/.spamassassin/user_prefs /mail/$USER/.spamassassin
Links

Csoft.net
© 2024 CubeSoft Communications
All Rights Reserved.