| » About NACS |
Sunday October 12th, 2008 » Fall Quarter, Week 3 |
|
|
| » About NACS |
Sunday October 12th, 2008 » Fall Quarter, Week 3 |
|
|
|
Summary: Procmail allows you to filter out messages on the server. Below you will find recipes to filter out spam using SpamAssassin's and Mailscanner information.
The UCI mail system now scans incoming email for potential spam and viruses. We use SpamAssassin to scan individual email and award a point value based on the amount of potential spam. The point value is included within the X-header added to the email.
Viruses are detected using Mailscanner software and Sophos/SAVI. If a virus is detected, it is stripped from the email, a warning message is inserted into the text, and an X-Header added to the headers. Information on the virus scanning process as well as examples of warning messages can be found here.
You can create a Procmail recipe to examine the X-headers in order to filter spam and virus-infected emails. SpamAssassin is configured to mark any email at 5 or more points as spam.
Since Outlook Express and UCI Webmail users cannot filter on X-headers, you can use Procmail and these recipes to filter out these emails on the server.
Procmail recipes for spam and virus-infected emails
Recipe #1: Filtering spam and virus-infected emails to another folder.
The following recipe will filter these emails into a folder called, "spam".
It is highly recommended you start out with this recipe as SpamAssassin may tag something as spam that you want, and some emails with viruses may contain legitimate correspondence as well (for instance, if an attachment was discovered to have a macro-virus).
You may also "mix and match" by sending the SpamAssassin marked emails to a spam folder and the infected emails to /dev/null (which automatically deletes them).
# BEGIN-------copy here-------copy here-------BEGIN #
:0 H:
* ^(X-UCIRVINE-SpamCheck:)
spam:0 H:
* ^(X-UCIRVINE-MailScanner: Found to be infected)
spam
#END-------copy here-------copy here-------END#
Recipe #2: Automatically delete spam
The following recipe will delete these emails before they get to your inbox.
Use this method with caution. This method will keep your inbox limit at manageable levels, but you will not know what is being marked as spam and all emails found to be infected will be deleted. You may also "mix and match" by sending the SpamAssassin marked emails to a spam folder and the infected emails to /dev/null (which automatically deletes them).
# BEGIN-------copy here-------copy here-------BEGIN #
:0 H:
* ^(X-UCIRVINE-SpamCheck: SpamAssassin)
/dev/null
:0 H:
* ^(X-UCIRVINE-MailScanner: Found to be infected)
/dev/null
#END-------copy here-------copy here-------END#
SpamAssassin marks what it thinks is spam based on its rule set. The virus scanning software uses known virus signatures and is significantly less likely to mistake a message as a virus and it is unlikely that you would have to make exceptions. You may find that some mail you do want is being marked as spam, however. If you filter it to another folder, you won't lose these messages.
If SpamAssassin marks something as spam that you do want, you can create a new recipe to filter these messages out before SpamAssassin works. For example, a common problem are e-vites being marked as spam. Below you will find recipes to mark specific types of messages to not be marked as spam.
E-vite example
The following recipe will put e-vites into your inbox. This recipe needs
to precede that of the SpamAssassin recipe so that it will work. Make sure you
put in your own UCInetID:
# BEGIN-------copy here-------copy here-------BEGIN #
:0:
* ^Received:.*evtmx
/var/mail/UCINetID
#END-------copy here-------copy here-------END#
Note: The recipe works by checking to see if the message is coming from the e-vite servers. It will then put it into your mail folder before it runs the SpamAssassin recipe.
