FreeBSD/Spamassassin - Automatically Deleting Detected SPAM Older Than 15 Days

BillFinkNC
BillFinkNC used Ask the Experts™
on
I currently use FreeBSD (7.x) for my MTA and Spamassassin for checking EMail for detecting incoming spam. (Has been working for literally YEARS VERY well - I highly recommend the combination of software/OS of such high caliber.)

My current setup merely sends the detected emails (as spam) to folders depending on their Spamassassin Score(s) - One folder "Probably-Spam" and another "Certainly-Spam", of course "good" email gets delivered directly to the end-user's "inbox."

What I'd like to do is continue to use that system/setup for my end-users, but I'd like to have the Email(s) in the spam-folders deleted after they are say, 15 days old. (Some users never clear their spam folders.

WithOUT deleting ALL the mail in those Spam Folders, how would I be able to select JUST Emails 15 days (or older) from those SPAM mail-folders for my end-users on an automatic basis? (i.e. using a cron.)

I've been working with FreeBSD for quite some time, have some GOOD scripting background, but something like this might be just a little lower-level programming. So go easy on me, please?
 
Any help? (Hope this wasn't too confusing?)
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
What kind of mail server?   Are these IMAP folders that you are filtering the mail into?

It's easy enough to delete files past a certain age from specific folders using the 'find' command.  But if you are using Cyrus IMAP, for instance, there are better tools provided -- such as ipurge or the 'expire' attribute.  (See http://wiki.kolab.org/index.php/Automatically_purge_old_emails for some hints/examples.)

Author

Commented:
I'm using Sendmail as the MTA and you're correct, they are indeed IMAP folders. (FreeBSD's IMAPD)

Thanks ... (I'm away from my office right now) but will try either/one of these solutions and get back to this later today to give you the credit. ... You've given me great options to try - I'll let you know which works for my end-users.

Author

Commented:
I carefully re-read your input - I'm not using Cyrus IMAP (but I'll look into it if it takes care of this issue for me) so I went searching for "expire old IMAP" or "purge old IMAP" .. and am really not finding anything. I'm using he IMAP daemon that comes with FreeBSD.

RE: Merely deleting the (mail) files based by date ... that'd be nice too - but I don't want to delete ALL of the messages in the end-users "Spam" folders (files)  - just the ones that are older than 15 days.

My intention is to let the end-users keep-on getting their messages as always, keeping the ones marked as SPAM and stored in the file "Probably-Spam" - but only let them keep them on my mail-server for 15 days. There are still  rare cases where a (legitimate)  Email will be detected as SPAM - which is why I let them keep a "Probably-Spam" folder for their review to MAKE sure.

But If they don't check or purge messages in that folder for 15 days - I wish to have it automatically deleted.

I'm confident you're not suprised that some people just let those SPAM messages pile-up FOREVER if I didn't/don't remind them to purget it once in awhile.

So my scenario is I will simply inform them; "if you don't check your SPAM folder for messages that might be legit after 15 days, they're going to be deleted."

What got me into this in the first place is Spamassassin V 3.2.5 had/has a bug.  After January 1st, 2010  it was scoring messages with a high value (for determining SPAM) something to the effect the reviewed mail was "dated too far into the future" (something like that) so there were legitimage Emails being marked as SPAM because of that.

I've since updated Spamassassin to V3.3.0 and all works fine, now. (Hope that clarified any of my mis-communication.)

Thanks For Your Time.

Bill
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

Commented:
I heard about that spamassassin bug -- funny, but not very convenient for users.

Your plan is good, but since IMAP is managing the mail folders, it may not be prudent to just delete the old files -- if your imap daemon has a purge script or configuration setting, it would be preferable to use that.  This is to make sure that any corresponding cache or index files are also updated.

I think the first thing to do is determine which version of imap you are running.  A number of different imap servers are available via FreeBSD ports (courier-imap, dovecot, uw-imap, cyrus-imap).  As I mentioned, cyrus-imap comes with ipurge; it appears that dovecot comes with an expire_plugin; I suspect the other ones have their own methods.  I don't think FreeBSD comes with any one of them pre-installed, but I haven't played with FreeBSD 7 yet.

Perhaps 'pkg_info -a |grep imap' may tell?

Or perhaps 'man imapd' will yield some indication of which flavor of imap daemon it is?  I don't think 'telnet localhost 143' (or 'telnet localhost 993' for ssl) will yield a helpful banner message in all cases.


And just for reference, here's a 'find' command that will delete all files created more than 15 days ago from the given directory:
  find /path/to/directory -type f -ctime +15 -delete

Author

Commented:
While researching all this (on your advice) did I run across the package "Cyrus-IMAPD" in the ports collection. Your recommendation to use 'ipurge' will satisfy my need ( I hope) and I really appreciate your time with this. (Not such an over-whelming reponse these days at EE...?)

For a bit of humor, I also checked the man-pages for the current IMAP daemon I'm running and take a look at this: (See below) Tells me quite a bit which daemon I'm running, eh??? Even ran a search for "Version" or "version" while viewing the man-pages...nope. Lastly 'imapd -V' didn't display anything, either.

In all fairness, I have to admit - I was almost certain it's the Berkley Flavor of UW's daemon.  (University Of Washington's) Which in my 13 or so years with FreeBSD, has been always been (in MY experience) incredibly the most reliable (and very safe) software.

Again, thanks for pointing me in the (a) direction for my problem.

Bill


IMAPD(8)                                                              IMAPD(8)
NAME
       IMAPd - Internet Message Access Protocol server
SYNOPSIS
       /usr/local/libexec/imapd
DESCRIPTION
       imapd  is a server which supports the IMAP4rev1 remote mail access pro-
       tocol as documented in RFC-3501.  imapd  is  invoked  by  the  internet
       server  (see  inetd(8)),  normally  for requests to connect to the IMAP
       port as indicated by the /etc/services file  (see  services(5)).   Nor-
       mally, this is port 143 for plaintext IMAP and 993 for SSL IMAP.

Author

Commented:

Unix for Internet servers - STILL the most secure, reliable, and best you're going to get.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial