Can i block words in Amavisd-new?

Hello,

I want to block certain words in emails in Amavis, is it possible?
Also i lowered the score to stop spam to 1.5 but we still receive newsletters and some spam mails.

$bad_header_quarantine_to = undef;

# Spam gets the Subject line prepended with:
#$sa_spam_subject_tag = 'Spam> ';

# We tag all headers (for 'local' domains) with X-Spam info:
$sa_tag_level_deflt = undef;

# This is the system default spam tag level
$sa_tag2_level_deflt = 1.5;

# The default is to not quarantine any spam
$sa_kill_level_deflt = 1.7;

I have Debian Wheezy
Amavisd-New
Spamassassin
Clam-AV
Postfix
etc.
tommyrihuAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
My limited user experience with Spamassassin was to use the regular tests for spam and set them with high scores (to score as spam), use a lower overall score as you have done. and then whitelist those addresses I needed to receive email from using the whitelist_from rule.  

I do my spam filtering differently now but whitelist was my primary form of ensuring I would receive email.

Here is a spamassassin reference to assist you.

https://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html
0
btanExec ConsultantCommented:
The amavis has this below but it doesn't seems to drill into word blocking per se.
e.g. $banned_filename_re: carefully check this list because these patterns tell AMaViS when to bounce an email because it contains data that you do not like to receive in an email
https://workaround.org/ispmail/lenny/amavis-filtering-spam-and-viruses

So maybe can consider instead add rules to detect keywords to SpamAssassin rules, and associate a very low (such as near-zero) score with them. And set $sa_tag_level_deflt at undef which will cause X-Spam-Status header fields to be unconditionally inserted. This header field lists all matching rule names, so your downstream blocker could check for presence of particular rule names in that header field.

Below are basic rule in Spamassassin to block word in email content
http://wiki.zimbra.com/wiki/Improving_Anti-spam_system#Basic_Rules
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tommyrihuAuthor Commented:
Thank you for your help. I´ve also noticed that it sometimes doesn't quarantined the spam when getting score thats high enough, instead of receiving ***spam*** how do i quarantine it?
0
btanExec ConsultantCommented:
From forum stated e.g. Still configure Spam level to required confidence level and have options on your /etc/amavis/conf.d/50-user file:
$sa_tag_level_deflt  = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
$sa_spam_subject_tag = '**Spam**';
If dont want score levels, then as mentioned, can also define quarantine folder e.g. look into "$spam_quarantine_to" which will indicate  where to send quarantined spam email to. As spam emails are just tagged and then passed through they should not be quarantined. So the recommended setting is typically undef.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.