Generic spam plug-in
Gray, Richard
richard.gray at DNS.CO.UK
Tue Jun 7 09:34:44 IST 2005
> -----Original Message-----
> From: MailScanner mailing list
> [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Julian Field
> Sent: 06 June 2005 21:06
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: Generic spam plug-in
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Current thoughts are a function call (with timeout wrapper).
> It gets passed the smtp client ip, the sender and the list of
> recipients, and a ref to an array of lines holding the entire
> message. The function simply returns a number which is added
> to the spam score along with the SpamAssassin score. You can
> replace SpamAssassin completely by just using the generic
> wrapper and setting "Use SpamAssassin = no". If the timeout
> happens, the score contribution is just 0.
>
> I should also provide some sample code which calls an
> external program to produce the result score. My code will
> probably just output
>
> smtp client ip address (IPv4 or IPv6)
> sender address
> recipient address
> next recipient address...
> blank line
> message contents
>
> It will expect one line of input which will either be the
> return code from the program or the contents of the 1 line of
> output it produces which should be a number. I'll provide
> samples for both, up to you which you use.
>
> MailScanner.conf controls should be
> Use Custom Spam Detector = yes/no
> Custom Spam Detector Function = <name-of-function-call-here>
>
> That should be all you need.
> What do you think?
>
It becomes difficult to judge between the efficiency of various spam
filters if all that comes out at the end is a single score. The default
scores provided on SA rules are created using a learning algorithm to
choose the most effective weights, and as such would arguably need to be
re-calculated if you were going to add another score to it. If you
develop as described above you will arguably have produced a
SpamAssassin plugin rather than a MailScanner plugin. (the kind of
plugin that would be really useful too :) )
I would imagine in mailscanner the architecture would be similar to the
RBL checks, where one could have a separate ruleset for responses to
messsages flagged by this external agent.
Richard
---------------------------------------------------
This email from dns has been validated by dnsMSS Managed Email Security and is free from all known viruses.
For further information contact email-integrity at dns.co.uk
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list