Re: [webmin-l] Spamassassin / Procmail... ( my plan )

[Jamie C. <jca...@we...>]

   On 05/Mar/2009 06:24 Richard Shebora wrote ..

     On   Wed,  04  Mar  2009  10:00:58  -0800  (PST),  "Jamie  Cameron"
     <jca...@we...> wrote:

     On 03/Mar/2009 23:30 Richard Shebora wrote ..

     On Tue, 03 Mar 2009 21:26:39 -0800 (PST), "Jamie Cameron" wrote:

     On 03/Mar/2009 16:35 Richard Shebora wrote ..

     On Thu, 26 Feb 2009 10:36:04 -0800 (PST), "Jamie Cameron" wrote:

     On 26/Feb/2009 05:00 Richard Shebora wrote ..

     Good Morning,

     I changed the global spam destination by clicking on "Module Config", then
     "Default delivery for spam"

     Saved "Other file or email address" with a value of "$HOME/Maildir/.Junk/"
     and it immediately started sending all spam to "/dev/null" according to
     "procmail.log" with no errors.  I started to realize that all regular mail
     was not arriving.  So I set it back to "Spam Maildir folder".  No mail
     inbound.      I  found  that mail.log showed an error connecting to
     "localhost:6000" which is spamd.  I switched spamassassin to a local
     process and regular mailed that had piled up somewhere started coming in.
     I had looked in the mail queue for it and it wasn't there.  So where would
     it queue up otherwise

     Anyway, I thought I would ask if I have the right folder format for this
     field or if there may be something I missed, or don't realize, about the
     global/ domain spam/procmail setup.  I want to use the folder name "Junk"
     to be consistent with Thunderbird and Roundcube Mail.  I get a lot of
     calls about the fact that the two exist on some setups.

     OS:  Debian Linux 4.0, Linux 2.6.18-6-686 on i686
     Webmin 1.450
     Virtualmin  3.66.gpl GPL
     Theme  6.7
     GPL Virtualmin Install Script

     Hi Richard,
     If you are using Virtualmin, you can set the spam delivery destination on
     a per-domain basis .. in fact, Webmin's "SpamAssassin Mail Filter" module
     shouldn't be used at all. Have a look at :
     http://www.virtualmin.com/documentation/id,spam_and_virus_scanning/
      - Jamie

     Jamie,

     Thanks for the reply.  Just got some time to look at this again and now
     have the spam/junk folder issue resolved.

     I also wanted to enable the "spamtrap/hamtrap" aliases but am not sure of
     the setup.  I have enabled it on a single domain and no new aliases
     appear.  I then enabled it in the server template for new domains, then
     created a test domain and did not see any new aliases created there
     either.  Even though the option did get enabled on creation.

     I googled around and did not find any info that helped.  Where are the
     aliases created?  When forwarding to them, does it matter if the message
     is in-line or attached, if attached can I attach more than one message to
     be processed?  I guess it may be working, but I just don't know how or
     where to "see" it working.

     I thought I would see something in procmail or email aliases for the
     domain.  Sorry if I am asking the obvious, but i just don't see it.

     You might want to check out the docs at :
     http://www.virtualmin.com/documentation/id,spam_and_virus_scanning/#spam_a
     nd_ham_trap_email_aliases

     When you enable  this for a domain, you should see spamtrap@ and hamtrap@
     entries created in the /etc/postfix/virtual file. They are hidden from
     Virtualmin's Edit Mail Aliases page though.
      - Jamie

     That link answered most of my questions.

     I am not a postfix expert so I need to ask...  I would not think that the
     spammers would be able to train my spamassassin to like them through these
     aliases, but I just wanted to be sure I did not need to do something more
     to prevent the possibility.  I read the info you suggested and didn't see
     the answer to this last question.

     There  is  a  small risk of this, if a spammer was to send email to
     [1]ha...@yo...  with a faked from address of someone in your
     domain. But hopefully they won't figure this out :-)
      - Jamie

     OK.  I feel a plan coming on...

     I guess I could create a "dummy.com" domain or "spam.dummy.com" sub-domain
     with spamtrap and hamtrap aliases enabled.  All domains on that box could
     then send mail to the traps and contribute to the spam training.  The
     traps would not be available from outside because it would not be a
     registered  domain.   At first blush this feels like a complete and
     contained way to get the result I need.

     The only question that comes up for me is... Are the trap aliases domain
     specific in the spam training or is the effect system wide?  Is there
     anything else you can think of that would be "bad" about this?  I worry
     most about a client adding the trap aliases to their address book and then
     getting a virus that sends spam using their address book entries.  It
     would kind of snowball from there.

   That wouldn't work, as the spam training is on a per-user basis .. so if you
   were to forward to a false domain like that, Virtualmin wouldn't be able to
   work out which user to do the training for.
    - Jamie


   1. file://localhost/home/webmail/homes/jcameron/.tmp/reply_mail.cgi?new=1&to=hamtrap%40yourdomain%2Ecom