[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1896
  • Last Modified:

Spamassassin rule to trap sender and receiver having the same address

I'm running Spamassassin on my pop server and frequently receive emails containing myself as the sender and the receiver.

Any rule that can be written that would trap this?
0
oceansupport
Asked:
oceansupport
  • 3
  • 2
1 Solution
 
grbladesCommented:
You could use something like :-

header __LOCAL_FROM_01  From =~ /address1\@example\.com/i
header __LOCAL_TO_01  To =~ /address1\@example\.com/i
meta LOCAL_FROMTO_01  (__LOCAL_FROM_01 && __LOCAL_TO_01)
score  LOCAL_FROMTO_01 2.0
describe LOCAL_FROMTO_01 Mail sent from and to the same address

It creates two header rules to match your email address in the from and to field. Then a meta rule matches if both the header checks match and a score is applied. You can copy and paste the code however many times you want. You just need to increment the '01' suffic to the rule names and change the email addresses.
0
 
oceansupportAuthor Commented:
Can do a universal rule without hard coding every address?  I have 40 users.

Thanks
0
 
grbladesCommented:
Unfortunetly not using standard rules as it does not have any string comparison functionality. The only thing you could do is write your own custom plugin using perl but that is a lot more complex.

What mail server software are you using?
You could configure it to refuse all email from your email addresses. Any users sending mail should either be sending from a trusted IP address or use SMTP authentication anyway.
0
 
oceansupportAuthor Commented:
not sure that would work...the server is hosted by Verio.  I'll get in touch with them to see if this is possible.  If I send myself a note (I know the CEO does this)...then my own message will be blocked, no?

thanks for the advice.
0
 
grbladesCommented:
If you send yourself a note then it should be blocked however there are a couple of cases where it might not depending on the configuration :-

1) Your companies IP addresses may be listed as trusted networks in the spamassassin configuration and this may stop the message being flagged as a spam.

2) If you use SMTP AUTH (password required to send mail) then this config may bypass the spam checked.

Oviously if you have your own internal mail server then if you sent it via it then it would not go through the verio server at all.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now