Generic spam plug-in

[Gray, Richard]

> -----Original Message-----
> From: MailScanner mailing list 
> [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Julian Field
> Sent: 06 June 2005 21:06
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: Generic spam plug-in
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Current thoughts are a function call (with timeout wrapper). 
> It gets passed the smtp client ip, the sender and the list of 
> recipients, and a ref to an array of lines holding the entire 
> message. The function simply returns a number which is added 
> to the spam score along with the SpamAssassin score. You can 
> replace SpamAssassin completely by just using the generic 
> wrapper and setting "Use SpamAssassin = no". If the timeout 
> happens, the score contribution is just 0.
> 
> I should also provide some sample code which calls an 
> external program to produce the result score. My code will 
> probably just output
> 
> smtp client ip address (IPv4 or IPv6)
> sender address
> recipient address
> next recipient address...
> blank line
> message contents
> 
> It will expect one line of input which will either be the 
> return code from the program or the contents of the 1 line of 
> output it produces which should be a number. I'll provide 
> samples for both, up to you which you use.
> 
> MailScanner.conf controls should be
> Use Custom Spam Detector = yes/no
> Custom Spam Detector Function = <name-of-function-call-here>
> 
> That should be all you need.
> What do you think?
> 

It becomes difficult to judge between the efficiency of various spam
filters if all that comes out at the end is a single score. The default
scores provided on SA rules are created using a learning algorithm to
choose the most effective weights, and as such would arguably need to be
re-calculated if you were going to add another score to it. If you
develop as described above you will arguably have produced a
SpamAssassin plugin rather than a MailScanner plugin. (the kind of
plugin that would be really useful too :) )

I would imagine in mailscanner the architecture would be similar to the
RBL checks, where one could have a separate ruleset for responses to
messsages flagged by this external agent.

Richard


---------------------------------------------------
This email from dns has been validated by dnsMSS Managed Email Security and is free from all known viruses.

For further information contact email-integrity at dns.co.uk

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!