[Mimedefang] Anti-spam breakthrough from Roaring Penguin

Richard Laager rlaager at wiktel.com
Fri Apr 7 12:13:24 EDT 2017

On 04/07/2017 08:59 AM, Dianne Skoll wrote:
> The part about reaching into Dovecot
> to move the message is slightly worrying; it implies that the scanning
> process has significant privileges.

It could be limited. For the simplest example, assume the same
machine... The defang user could have a sudo rule that allows it to call
one particular script as the vmail/dovecot user. That script would take
arguments of the account (email address) and a Message-ID. It would move
the message with that ID from Junk (and only Junk) to Inbox. In this
way, defang wouldn't have arbitrary access to IMAP mailboxes.

> An enhancement would be to automatically train messages in Junk as spam
> if they've been there for at least 5 days.

We were doing something like that for a while. When a message was
expired (deleted) from Junk, we would train it as spam. In our case,
that was 14 days.

We were doing global (not per-user) Bayesian filtering, so it was a mess
accuracy-wise and we quit Bayesian filtering entirely.


More information about the MIMEDefang mailing list