You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

Is it sensible to simply delete all mail that SpamAssassin marks as being spam?

In general, no. While SpamAssassin is very good at picking out a large proportion of spam, it's impossible for a computer to do this job perfectly. You should only delete mail if you (and your users/customers) would find it acceptable to lose mail that might be legitimate. A much better idea is to filter possible spam into a separate folder that can be checked less frequently than the normal mailbox.

But I really really want to do it anyway!

Don't say we didn't warn you (wink)

This page – "So you want to delete all your spam!" http://www.exit0.us/index.php/So%20you%20want%20to%20%27delete%27%20all%20your%20spam%21 tells how to configure procmail + SpamAssassin to delete email that looks like spam.

(EditHint: should we merge these 2 wiki pages, reducing one to merely a pointer to the other ?)

If you do want to delete mail tagged as spam, you really need to consider where you put the borderline. By default, SpamAssassin will call all messages scoring over 5.0 spam. If you set the "delete" threshold at 5.0, there's a real risk that you'll delete legitimate mail that happened to score slightly over 5.0. You should consider setting a deletion threshold at something considerably higher than 5.0 – maybe as high as 10 or 15 points.

It's not too difficult to write a non-spam message that scores 6.0. But it's quite hard to accidentally write a message that scores over 15! On the other hand, spammers seem quite capable of writing messages that score 30 or more points.

You really do need to make sure your users are aware of any policy that will result in messages being deleted without them knowing about them. You might possibly need to be sure that doing this is permissible under the laws that apply in your jurisdiction.

If you're working in an organisation that might get upset if legitimate messages "go missing", you might need to get an auto-delete policy signed off by management, just to ensure you are covered when the mail that clinches a multi-million deal gets auto-deleted because it scored 5.1 when the auto-delete threshold was set at 5.0.

How can I configure procmail to bounce messages flagged as spam?

Don't bounce to the 'From:' addresses. They are almost always forged in spam messages. The innocent people at those addresses don't need thousands of bounce messages. If your own address has been forged by spammers as From-address, you know what I'm talking about.

(EditHint: Are you saying don't bounce at all ? Or is there an envelope-from that's different from the "From:" in the subject line that I *can* bounce to ?)

  • No labels