[Mimedefang] return smtp reject to remote server but continue todeliver locally?
Chris F
mimedefang at haydon.net
Mon Nov 10 11:58:28 EST 2003
Kenneth Porter said:
> --On Friday, November 07, 2003 12:57 PM -0500 "David F. Skoll"
> <dfs at roaringpenguin.com> wrote:
>
>> Another option is to append ./INPUTMSG to a mailbox file (be sure to add
>> the
>> "From " line and escape any From's in the message.)
>
> Since the only objective is to keep Bayes up to date, just run INPUTMSG
> through sa-learn. Why keep it around? However, this will dump any false
> positives into the DB, which may not be what you want. It's probably best
> to
> quarantine low scores in a spam trap and auto-learn and discard only the
> egregious stuff.
>
> In my experience setting the "egregious threshold" to 10 takes care of
> almost
> 2/3 of spam, making it much easier to manually check the remainder while
> virtually eliminating false positives in the discarded mail.
Well, the whole problem with rejecting of course is that the message gets
rejected and I don't get a copy delivered. I want to keep and review
everything to eliminate false learning.
Both messages had good ideas but there are some flaws and a possible
hole/oversight using Bayes with mimedefang.
With what little time I had over the weekend to think about this I took a
very brief look at the mimedefang code. It seems that mimedefang only
passes INPUTMSG to spamassassin... there's a problem with this. The
headers from the envelope that sendmail adds on delivery won't be present
at this point.
Since I'm learning with these headers present (from my mbox files) there's
a small disconnect between what I learn against and what spamassassin has
an opportunity to check against.
The envelope headers might be very important in my case. All email
addressed to my domain goes into one mbox file. Over time some of the
addresses have become 'corrupted' as spammers have somehow managed to get
hold of them.
I'm leaning towards the concatenation method described and modifying
mimedefang to have spamassassin check against a message that has the
envelope info added.
Anyone have any thoughts on this positive or negative?
More information about the MIMEDefang
mailing list