Enabling bounces

Julian Field MailScanner at ecs.soton.ac.uk
Thu May 24 17:31:39 IST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Kai Schaetzl wrote:
> Julian Field wrote on Thu, 24 May 2007 16:06:03 +0100:
>
>   
>> Because it is necessary. If you want to bounce spam, you have to jump 
>> through some hoops.
>>     
>
> I'm not questioning the hoops, I'm wondering if I really understand it right that 
> *two* rulesets are necessary.
>   
Yes.
> For a given message, spam actions has to evaluate to 
>   
>> a result including "bounce", and enable spam bounce has to evaluate to 
>> "yes". The ruleset is necessary because I say it is :-)
>>     
>
> But I don't see how *two* rulesets are supposed to work or are necessary.
> I think it's not clear what my confusion is about:
>
> spam.actions.rules:
> From:   IP  bounce
> FromOrTo:   default     store notify header "X-Spam-Status: Yes"
>
> *and*
>
> bounce.rules;
> From:   IP  yes
> From: default no
>
> is that really what I have to do if I wanted to bounce?
>   
Yes.
>   
>> MailScanner doesn't use the From: address in the headers at all, it only 
>> uses the envelope sender address.
>>     
>
> That's why I wanted to boost spamminess of the messages with Spamassassin which 
> would then enable MailScanner to bounce the messages by detecting them as spam 
> (for sure), but with high scoring spam excluded it's very unreliable as most 
> messages would score high probably even without boosting them up.
>   
A little Custom Function could set '$message->{ishigh} = 0;' if the IP 
address matches, to stop it being treated as high-scoring spam, so you 
could then bounce it.
> I think I could also just forward all messages to a specific address, as the 
> forward action is available for spam and non-spam. But the problem still is the 
> detection. Can I create a rule that detects messages from <> *and* IP? I know 
> that I can "and" rules, but can I detect an empty sender?
>   
I seem to remember you can set the address to /^$/ and it will treat 
that as an empty address. That is a regular expression that will match 
an empty address.
So you can say
From: /^$/ and From: IP yes
in a ruleset and that should do what you want.

>   
>>> Any ideas how I can do it with MailScanner (as obviously what I had in mind 
>>> won't work).
>>>   
>>>       
>> You could do it with a Custom Function tied to "Enable Spam Bounce" 
>> probably. I would need to think a bit about exactly what you would want 
>> to do. You want to spot spam coming from postmaster at hisdomain (in the 
>> From: header) and switch off its $message->{ishigh} flag so it gets 
>> treated as normal scoring spam, at which point you can bounce it. It's 
>> just a problem of working out which config option to attach the Custom 
>> Function to.
>>     
>
> Frankly, it's then probably easier to compile milter-regex as I think it can use 
> header parts as well. I hoped I could do it somehow with MailScanner as I just 
> need the blockage for this one thing.
>
> Kai
>
>   

Jules

- -- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk



-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.1 (Build 1012)
Charset: ISO-8859-1

wj8DBQFGVb4PEfZZRxQVtlQRAmW5AJ41Z6ZH9M5aMJDlZ7ghkYTYGQEBJQCg6oiO
uad6qK3lhlnpiF+7dfXE7MQ=
=eg63
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk

More information about the MailScanner mailing list