[Mimedefang] How to configure?

[TLD MimeDefang]

Bazooka Joe wrote:
> How do I - reject mail if it has a score above 5

   My filter's file is /etc/mail/mimedefang-filter.  If yours
is the same, this is the file to edit.

   Your default mimedefang filter should already have a section
set up in it to handle the Spamassassin testing stuff.  look
for the 'if($Features{"SpamAssassin"})' section.  Below this
you'll see a call to spam_assassin_check, which returns several
items, one of them is the $hits.  Below this is where you'll
perform the test for a hit value.

   Something like:

if($hits >= 5.0) {
   #  make a log entry
   md_syslog('notice', "$hits ($score) $names");
   #  reject the message
   action_bounce('SPAM markers found');
   #  and return true
   action_discard();
}

   Though, I wouldn't recommend rejecting messages on 5.0. Maybe 9
or 10 would be a better number.  I'd just quarantine anything over
5, because chances are, you'll find quite a few false positives on
5.

> or virii

   Mime defang is set up to automatically use anti-virus programs
that are supported by it.  For example, I use clamav, and the
defang filter already handles it with the filter_begin function.
Nothing to do there except keep the clam databases updated.

> 2 bypass SA or whitelist if the sender was authenticated via smtp_auth.

   Generally, it's a good idea to maintain the filter even on
known authenticated senders.  Supposing an authenticated user
accidentally emails out an attachment that is infected with
a virus?  You'd sure want the system to catch it.

   Just set your Spamassassin to give whitelisted names a negative
score, and let the system do its job.  I give whitelisted people
a -10 here and that's been fully sufficient to keep their emails
flowing smoothly and without problem.

   Even so, I'm not sure such a thing can be done without doing
duplicate whitelist checking in the filter.

TLD