You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

How do I use SpamAssassin with procmail to forward mail and to do mistake-based Bayes training?

This procmail script is designed for people who have their mail forwarded through a server (e.g, example.com) but then read their mail on a non-publicized account on a different server (e.g., privateaddress@example.net). This is quite common for folks who have a vanity domain name but then read their mail through an office Exchange server, home DSL email account, etc. The idea is for procmail on the first server to run each message through SpamAssassin, and then forward the message on to the private address.

The trick for Bayes training is to add some extra procmail rules to specify special processing for false negatives (i.e., spam that SpamAssassin didn't catch). This script uses mistake-based training for false negatives. That is, it assumes that SpamAssassin can correctly autolearn on enough ham and spam to seed the Bayes database. Then, when SpamAssassin incorrectly marks a spam message as not spam, the user can train the database by redirecting the message to be learned as spam. Although a similar redirection scheme could be used to train on false positives (i.e., legimate mail incorrectly seen as spam), it's likely more effective to just ManualWhitelist mail from that legitimate sender.

The following is based on having at least two addresses (publicaddress@example.com and spam@example.com) trigger the same procmail script. In most vanity domain setups, all addresses are processed by the same procmail script. The script needs to be edited to include your real addresses and domain. You also need to confirm the path for spamassassin and sa-learn, which you can find, after logging into the server, by typing which spamassassin.

#Uncomment the following lines and use tail -f procmail.log to debug
#LOGFILE=$HOME/procmail.log
#VERBOSE=yes
#LOGABSTRACT=all

# Feed redirected spam to sa-learn

:0
* ^To:.*spam@example.com
* < 256000

   {
   :0c: spamassassin.spamlock
   | sa-learn --spam

   :0
   spam
   }

# Send all other mail through SpamAssassin

:0fw: spamassassin.lock
* < 256000
| /usr/bin/spamassassin


# Mail that is very likely spam (>15) can be saved on the server
# (not forwarded), or by moving the # down one line, even dropped
# on the floor.  Note that dropping mail on the floor is a *bad*
# idea unless you really, really believe no false positives will
# have a score greater than 15.  If you want all mail forwarded,
# just add #'s in front of each of these lines:

:0
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*
#/dev/null
almost-certainly-spam


# Forward all mail with a score less than 15 to my non-publicized address 
:0
! privateaddress@example.net

On your mail client, you'd then likely want to filter mail with a score of 5 or higher (i.e., where "X-Spam-Level: *****") into a Likely Spam folder. False Positives rarely score higher than 15. The advantage of leaving mail with a score of 15 or higher on the server is that it makes it easier to find false positives in the Likely Spam folder without being overwhelmed by hundreds of obvious spam. You can then ManualWhitelist those false positives.

For the mistake-based training, it's critical to redirect (or bounce) the message, rather than forwarding. Forwarding loses all of the critical header information, which is much of what Bayes trains off of. Here are directions for redirecting from different clients. Note that for all redirections, you'll want to clear away all To: and Cc: entries and then add spam@example.com to the To:, in order to avoid resending the spam to another victim.

  • AOL's integrated email client: Redirecting mail is not available. (Dave Goldsmith)
  • Eudora: Select the message, go to the "Message" menu, choose redirect, fill in the address, and choose send. (Brian Corcoran and Erik Wheeler)
  • Evolution: Select the message. In the "Actions" menu, choose the "Forward" submenu (not "Forward message", the "Forward" submenu). Pick "Redirect", fill in the "To" field, and press "Send". (Johannes Ullrich)
  • OS/X Mail.app: With the email message open or selected, go to Mail's 'Message' menu and select 'Bounce to sender' or 'Redirect'. If you use this frequently, go to the "View" menu, choose "Customize toolbar", and add a button for "Redirect". (Marion Bates)
  • Microsoft Outlook 97: Double-click on the message so it opens in a new window. Click on Tools-Resend This Message. A warning will appear about you not being the original sender of the message. Click Yes. A message window appears. Update the To: field and click on 'Send'. (Dave Goldsmith)
  • Microsoft Outlook 2000 & higher: Double-click on the message so it opens in a new window. Click on Actions->Resend This Message. A warning will appear about you not being the original sender of the message. Click Yes. A message window appears. Update the To: field and click on 'Send'. (Dave Goldsmith)
  • Microsoft Outlook Express: It does not appear to have a redirect option. (Dave Goldsmith and Alex Bates)
  • Netscape Communicator 4.x and 7.x: They don't appear to have a redirect option.
  • Pine: For a single message, highlight the message and press "b" to bounce it. Enter the target address and press enter. For multiple messages, select all the messages you'd like to bounce with either ":" to select them one at a time, or ";" to select multiple messages by message number, subject, body text, etc. Once selected, press "a", then "b" to Apply the Bounce command to all of them. Enter the target email address. Once done, press ";", then "a" to Unselect All selected messages. More can be found at: http://www.itc.virginia.edu/desktop/email/pine/bounce.html
  • Sylpheed: Click on the message, go to the "Message" menu, choose "Redirect", fill in the "To:" address, and press send. Alternately, right click in the message and choose "Redirect" from the popup menu, fill in the "To:" address, and press send. (Dave Goldsmith)

Thanks to William Stearns <wstearns@pobox.com> for this redirection [http://www.stearns.org/doc/spamassassin-setup.current.html<ac:structured-macro ac:name="redirect" ac:schema-version="1" ac:macro-id="420ff471-e88d-45f2-8e6b-cba87470db56"><ac:parameter ac:name=""><ac:link><ri:page ri:content-title="info]." /></ac:link></ac:parameter><ac:parameter ac:name="location"><ac:link><ri:page ri:content-title="info]." /></ac:link></ac:parameter></ac:structured-macro>

Contributors

[http://www.dankohn.com Dan Kohn] dan@dankohn.com

  • No labels