Hi,
I'm looking for thoughts on ways that dbmail could interact with anti-spam software?
I'm scanning users' mail with SpamAssassin which adds an 'X-Spam-Flag: Yes' header to spam prior to delivering to dbmail. I want our pop3 users not to have to download the mail which has been marked as spam, but to retain it so they can review it in the web interface I'm writing. (Anybody else out there use neowebscript? Didn't think so...)
My plan is to adjust dbmail-smtp to scan the header for the X-Spam-Flag, and if found, store the message in a 'Spam' mailbox. Then I'll alter dbmail-pop3d not to include mail from the Spam mailbox.
I'll also adjust dbmail-maintenance so that it sends a summary of the spam mailbox.
Since I'm not likely to actually write any of this until next week, I may as well do it properly, so I'd like to know how other people would like it to work.
I was thinking the best generic method is to add a section to dbmail.conf as follows:
[SPAM]
SPAM_HEADER=X-Spam-Flag # the header to scan for
SPAM_YES=Yes # header value with indicates spam
SPAM_SEND_SUMMARY=yes # whether to generate a daily summary
This makes a couple of assumptions:
1) The scanner adds a header with a fixed value to indicate spam. I don't know anything about other anti-spam filters, maybe they do not all do this? I'm thinking some might just add a score or something. If this is the case we could probably allow for operators like '>5.0'.
2) It strikes me that if an account has 2 aliases, dbmail has no way of knowing which address is the default address for that account. It's not a major problem since you can just select the first one, and I can't think of a situation where you would *really* need it, but it would be nice to know to address the daily report to 'mr.j.smith@...' instead of 'porn.be.here@...'.
3) It's okay to call a mailbox 'Spam'. I have never used IMAP, and know very little about it's operation. Is it acceptable to use a mailbox name which a user may have set up themselves? If not, is there any other way of separating spam from valid mail, other than adding an additional flag to the database schema?
The other thought I had, is that use could be made of the config table to personalise this per user, but I'm not sure that's what it's intended for.
As I said, I've no experience with IMAP, so can someone tell me the best way to seperate spam out from other mail with IMAP?
And any/all other thoughts and advice are welcomed.
Oh, and has anybody already done this so I don't have to..? :)
-fr.
--
Feargal Reilly,
Codeshifter,
Chrysalink Systems.
I'm looking for thoughts on ways that dbmail could interact with anti-spam software?
I'm scanning users' mail with SpamAssassin which adds an 'X-Spam-Flag: Yes' header to spam prior to delivering to dbmail. I want our pop3 users not to have to download the mail which has been marked as spam, but to retain it so they can review it in the web interface I'm writing. (Anybody else out there use neowebscript? Didn't think so...)
My plan is to adjust dbmail-smtp to scan the header for the X-Spam-Flag, and if found, store the message in a 'Spam' mailbox. Then I'll alter dbmail-pop3d not to include mail from the Spam mailbox.
I'll also adjust dbmail-maintenance so that it sends a summary of the spam mailbox.
Since I'm not likely to actually write any of this until next week, I may as well do it properly, so I'd like to know how other people would like it to work.
I was thinking the best generic method is to add a section to dbmail.conf as follows:
[SPAM]
SPAM_HEADER=X-Spam-Flag # the header to scan for
SPAM_YES=Yes # header value with indicates spam
SPAM_SEND_SUMMARY=yes # whether to generate a daily summary
This makes a couple of assumptions:
1) The scanner adds a header with a fixed value to indicate spam. I don't know anything about other anti-spam filters, maybe they do not all do this? I'm thinking some might just add a score or something. If this is the case we could probably allow for operators like '>5.0'.
2) It strikes me that if an account has 2 aliases, dbmail has no way of knowing which address is the default address for that account. It's not a major problem since you can just select the first one, and I can't think of a situation where you would *really* need it, but it would be nice to know to address the daily report to 'mr.j.smith@...' instead of 'porn.be.here@...'.
3) It's okay to call a mailbox 'Spam'. I have never used IMAP, and know very little about it's operation. Is it acceptable to use a mailbox name which a user may have set up themselves? If not, is there any other way of separating spam from valid mail, other than adding an additional flag to the database schema?
The other thought I had, is that use could be made of the config table to personalise this per user, but I'm not sure that's what it's intended for.
As I said, I've no experience with IMAP, so can someone tell me the best way to seperate spam out from other mail with IMAP?
And any/all other thoughts and advice are welcomed.
Oh, and has anybody already done this so I don't have to..? :)
-fr.
--
Feargal Reilly,
Codeshifter,
Chrysalink Systems.