Mailing List Archive

> do you know if there is a way to have a blacklist, either for user or
> eventually for an entire server, that could be feeded via some scripts ?

Yes create your own dns blacklist

> A sort of auto_learn but only for addresses ( to or from ) ?

No such thing as only for... You have to implement multiple things and try to catch the default crap at an early stage by something that does not consume much resources.
I have have my from= and/or to= dnsbl at the end of all checks

Currently I am marking spam at server level and individual users can white list messages marked as spam. So next time when a marked message arrives, it is unmarked again.
But this is not done via dnsbl but with a local user whitelist db with sieve.

On 2024-04-12 at 02:14:59 UTC-0400 (Fri, 12 Apr 2024 08:14:59 +0200)
Pierluigi Frullani <pierluigi.frullani@gmail.com>
is rumored to have said:

> Hello all,
> do you know if there is a way to have a blacklist, either for user
> or
> eventually for an entire server, that could be feeded via some scripts
> ?

If you enable the AWL (or TxRep, if you are adventurous) Plugin, it
provides an automated welcome/blocklist mechanism where the past base
score of messages are used to adjust the score of later messages from
the same sender and network block tuple. Its power can be adjusted and
its usage is described in the documentation.

The same database is used for the blocklist and welcomelist options of
the spamassassin command-line script, which is documented in the
'spamassassin-run' man page. There is also a useful script named sa-awl
with a fine man page.

> A sort of auto_learn but only for addresses ( to or from ) ?

Correct: auto_learn and the sa-learn commandline script feed whole
messages to a complex naive Bayesian analysis that feeds the Bayes DB.
The 'auto_learn' config, the *list options for spamassassin, and sa-awl
all operate on the AWL DB using a very simple algorithm.

Unlike the Bayes subsystem, the AWL subsystem has no minimum data
threshold. If you feed one message to 'spamassassin -W' then the next
message from the same sender+network combination will have its score
adjusted according to your auto_welcomelist_factor setting, as
documented in 'perldoc Mail::SpamAssassin::Plugin::AWL' along with all
the other details of AWL.


> I'll trying to explain: I maintain a couple of mail servers that have
> a
> very very limited e-mails volumes, at least in output, so the bayes
> it's
> almost not usefull as it takes ages to be feeded for the HAM part.
> At the moment I'm taking addresses from the spam directory and feeding
> to
> local.cf but it's a slow ( and painfull ) process so if there is a
> better
> way it would be fantastic.

I guess this is the short version of an answer...

If you have AWL enabled and configured so that everyone uses the same
AWL DB, you could do this if you have a directory full of fresh spam
whose senders you want to shun:

cd $spamdirectory
spamassassin --add-to-blocklist *

And if you have a bunch of mail you value in a directory, use "-W"
instead.




--
Bill Cole
bill@scconsult.com or billcole@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire

Thanks Bill, I will give this a look !

Pierluigi

Il giorno ven 12 apr 2024 alle ore 23:00 Bill Cole <
sausers-20150205@billmail.scconsult.com> ha scritto:

> On 2024-04-12 at 02:14:59 UTC-0400 (Fri, 12 Apr 2024 08:14:59 +0200)
> Pierluigi Frullani <pierluigi.frullani@gmail.com>
> is rumored to have said:
>
> > Hello all,
> > do you know if there is a way to have a blacklist, either for user
> > or
> > eventually for an entire server, that could be feeded via some scripts
> > ?
>
> If you enable the AWL (or TxRep, if you are adventurous) Plugin, it
> provides an automated welcome/blocklist mechanism where the past base
> score of messages are used to adjust the score of later messages from
> the same sender and network block tuple. Its power can be adjusted and
> its usage is described in the documentation.
>
> The same database is used for the blocklist and welcomelist options of
> the spamassassin command-line script, which is documented in the
> 'spamassassin-run' man page. There is also a useful script named sa-awl
> with a fine man page.
>
> > A sort of auto_learn but only for addresses ( to or from ) ?
>
> Correct: auto_learn and the sa-learn commandline script feed whole
> messages to a complex naive Bayesian analysis that feeds the Bayes DB.
> The 'auto_learn' config, the *list options for spamassassin, and sa-awl
> all operate on the AWL DB using a very simple algorithm.
>
> Unlike the Bayes subsystem, the AWL subsystem has no minimum data
> threshold. If you feed one message to 'spamassassin -W' then the next
> message from the same sender+network combination will have its score
> adjusted according to your auto_welcomelist_factor setting, as
> documented in 'perldoc Mail::SpamAssassin::Plugin::AWL' along with all
> the other details of AWL.
>
>
> > I'll trying to explain: I maintain a couple of mail servers that have
> > a
> > very very limited e-mails volumes, at least in output, so the bayes
> > it's
> > almost not usefull as it takes ages to be feeded for the HAM part.
> > At the moment I'm taking addresses from the spam directory and feeding
> > to
> > local.cf but it's a slow ( and painfull ) process so if there is a
> > better
> > way it would be fantastic.
>
> I guess this is the short version of an answer...
>
> If you have AWL enabled and configured so that everyone uses the same
> AWL DB, you could do this if you have a directory full of fresh spam
> whose senders you want to shun:
>
> cd $spamdirectory
> spamassassin --add-to-blocklist *
>
> And if you have a bunch of mail you value in a directory, use "-W"
> instead.
>
>
>
>
> --
> Bill Cole
> bill@scconsult.com or billcole@apache.org
> (AKA @grumpybozo and many *@billmail.scconsult.com addresses)
> Not Currently Available For Hire
>