Discussion:
tuning the interface between amavis and a list manager
(too old to reply)
Miles Fidelman
2016-03-23 19:00:09 UTC
Permalink
Hi Folks,

I'm running postfix, amavis-d, and spamassassin in conjunction with a
list manager (sympa). I keep the detection threshold relatively high in
order to avoid false positives on business related mail (also handled on
the server) - but I'm wondering if there's an easy way to set a
different threshold for rejecting mail to lists.

Can anybody suggest an easy place and mechanism for intercepting mail
destined for the server and rejecting based on the spamassassin score?

Thanks Very Much,

Miles Fidelman
--
In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra
Cedric Knight
2016-03-25 14:01:14 UTC
Permalink
Post by Miles Fidelman
I'm running postfix, amavis-d, and spamassassin in conjunction with a
list manager (sympa). I keep the detection threshold relatively high in
order to avoid false positives on business related mail (also handled on
the server) - but I'm wondering if there's an easy way to set a
different threshold for rejecting mail to lists.
Can anybody suggest an easy place and mechanism for intercepting mail
destined for the server and rejecting based on the spamassassin score?
I see you had a reply on ***@spamassassin.apache.org. A lower
rejection threshold probably is a common requirement if you have
unmoderated lists and want to avoid spam ever getting through, or
moderated ones where the moderators just get tired of moderating spam.

IMHO the amavisd-new way of doing this is adding something to the config
like:

@spam_kill_level_maps = (
new_RE(
[qr'-(?:l|list|subscribe|join|request)?\@'i => 3.0],
[qr'\blists\.'i => 3.0],
),
read_hash("/var/amavis/thresholds"),
\$sa_kill_level_deflt);

The last line includes the default 'kill' level that you have at the
moment. The amavis new_RE() expression sets the kill level for local
parts ending -l or using a 'lists' subdomain. With luck your recipient
list addresses follow such a pattern.

/var/amavis/thresholds is an alternative way of doing it, where that
file is a table with individual email addresses or domains on the
left-hand side, and the threshold score to trigger the
final_spam_destiny on the right. The drawback of this is that it
requires amavis configuration to be reloaded when the list of addresses
changes.

A third method, to try to avoid additional config files and not tested,
might be to instead add \%sa_kill_level to the maps, and run something like:
my %sa_kill_level;
map { s/://; $sa_kill_level{lc($_)}=2.5 } ( keys
%{read_hash('/home/sympa/etc/sympa_aliases')} );
But read_hash() probably does too much validation, and you need to write
code to read and parse the file yourself.

For more information, see
https://www.ijs.si/software/amavisd/README.lookups.txt.

HTH

CK

Loading...