[milters] Archive

Lists Index Date Thread Search

Article: 132
From: April Lorenzen
Date: 2004-10-07 14:15:04 -0400
Subject: Re: HAM and milter-spamc

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support

Hi Tudor,

I wanted to feed my users outbound mail as ham to teach spam assassin also.

We have a dedicated outbound server, which is postfix and offers a BCC
everything option. I set that to ham@myinbound.com. Then set up crons and
scripts to remove certain things from the resulting mailbox, then
periodically run the learning / training command and then deleted the

Things that went wrong:

If for some reason ham@myinbound.com started bouncing mail, my customers
got the bounce notices and thought that their mail didn't get to whoever
they sent it to, and in general was disasterous.

I needed to strip out any emails that had at least 2 spam assassin X
headers, because that was mail that went into our system, then was
forwarded right back out with no human sending it. In other words, a lot
of it might be spam.

The volume was very high. Things occasionally went dramatically wrong,
probably due to timing issues with my scripts. Both the outbound and that
particular inbound gateway were at risk for problems we wouldn't have
without this system, when things went wrong. So I turned it off.

I hope something - anything - in my experience may be useful to you or
others in implementing a hopefully more successful system for ham feeding.
I agree it should be automated and the local users outbound mail is an
excellent source.

- April

> Removal...........: milters-request@milter.info?subject=remove
> More information..: http://www.milter.info/#Support
> --------------------------------------------------------
> Hi,
> Is it any way to use milter-spamc to feed ham to spamassassin from the
> analysis of email messages originating from my internal users ?
> I looked at the documentation and it seems that I can only whitelist my
> internal users but not feed ham to spamassassin.
> I think it is a good idea to minimize the false positives by teaching
> spamassassin what our users usually send (and sometime receive when the
> remote user replies keeping the sender's message).
> Does it make sense ?
> Thanks,
> Tudor

Lists Index Date Thread Search