Solved

Can i block words in Amavisd-new?

Posted on 2014-11-26
4
519 Views
Last Modified: 2014-12-03
Hello,

I want to block certain words in emails in Amavis, is it possible?
Also i lowered the score to stop spam to 1.5 but we still receive newsletters and some spam mails.

$bad_header_quarantine_to = undef;

# Spam gets the Subject line prepended with:
#$sa_spam_subject_tag = 'Spam> ';

# We tag all headers (for 'local' domains) with X-Spam info:
$sa_tag_level_deflt = undef;

# This is the system default spam tag level
$sa_tag2_level_deflt = 1.5;

# The default is to not quarantine any spam
$sa_kill_level_deflt = 1.7;

I have Debian Wheezy
Amavisd-New
Spamassassin
Clam-AV
Postfix
etc.
0
Comment
Question by:tommyrihu
  • 2
4 Comments
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 250 total points
ID: 40467793
My limited user experience with Spamassassin was to use the regular tests for spam and set them with high scores (to score as spam), use a lower overall score as you have done. and then whitelist those addresses I needed to receive email from using the whitelist_from rule.  

I do my spam filtering differently now but whitelist was my primary form of ensuring I would receive email.

Here is a spamassassin reference to assist you.

https://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html
0
 
LVL 63

Accepted Solution

by:
btan earned 250 total points
ID: 40468204
The amavis has this below but it doesn't seems to drill into word blocking per se.
e.g. $banned_filename_re: carefully check this list because these patterns tell AMaViS when to bounce an email because it contains data that you do not like to receive in an email
https://workaround.org/ispmail/lenny/amavis-filtering-spam-and-viruses

So maybe can consider instead add rules to detect keywords to SpamAssassin rules, and associate a very low (such as near-zero) score with them. And set $sa_tag_level_deflt at undef which will cause X-Spam-Status header fields to be unconditionally inserted. This header field lists all matching rule names, so your downstream blocker could check for presence of particular rule names in that header field.

Below are basic rule in Spamassassin to block word in email content
http://wiki.zimbra.com/wiki/Improving_Anti-spam_system#Basic_Rules
0
 

Author Closing Comment

by:tommyrihu
ID: 40480195
Thank you for your help. I´ve also noticed that it sometimes doesn't quarantined the spam when getting score thats high enough, instead of receiving ***spam*** how do i quarantine it?
0
 
LVL 63

Expert Comment

by:btan
ID: 40480212
From forum stated e.g. Still configure Spam level to required confidence level and have options on your /etc/amavis/conf.d/50-user file:
$sa_tag_level_deflt  = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
$sa_spam_subject_tag = '**Spam**';
If dont want score levels, then as mentioned, can also define quarantine folder e.g. look into "$spam_quarantine_to" which will indicate  where to send quarantined spam email to. As spam emails are just tagged and then passed through they should not be quarantined. So the recommended setting is typically undef.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question