1

Topic: Per mailbox spam threshold settings

Hi, I'm running the latest iredmail and pro web control panel on Debian 6.

Can anyone tell me how to set the spam threshold on a per mailbox level?

I'm trying to test it out on my own mailbox before I decide what is a sensible threshold for the system as a whole, as it stands, it's letting a lot of spam though!

Thanks.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Per mailbox spam threshold settings

Please use sieve rule, you can set it in Roundcube webmail: Settings -> Filters.

3

Re: Per mailbox spam threshold settings

Hi.

will sieve rules you set here carry through to all mail processed, even if they never use round cube and collect mail via imap?

Do you have a sample sieve rule that will set the spam threshold?

Thanks.

4

Re: Per mailbox spam threshold settings

HI, ok, I've seen the current rule for moving spam to the junk folder but what I want to do is change the threshold at which the server considers a message to be spam, I want to do this on a per user basis for testing and then on a server wide basis (where per user settings do no exist)

I still can't see how to do this, the filters in the webmail client are great but it's to clear how you set the threshold?

Chris

5

Re: Per mailbox spam threshold settings

chrispyfur wrote:

I still can't see how to do this, the filters in the webmail client are great but it's to clear how you set the threshold?

The sieve filter is server-side, configurable in webmail client by mail user.

6

Re: Per mailbox spam threshold settings

ZhangHuangbin wrote:
chrispyfur wrote:

I still can't see how to do this, the filters in the webmail client are great but it's to clear how you set the threshold?

The sieve filter is server-side, configurable in webmail client by mail user.

Thanks for the reply.

Could you explain how I set the spam threshold though?

As in at what level a message is considered to be spam? A lot of spam gets through you see.

Do I need to specify some kind of x-header then specify an integer for the threshold level?

Also in what file in the sweet configuration is the global version of this spam threshold, ie the one that gets processed offers is no user set threshold?

Thanks!

7

Re: Per mailbox spam threshold settings

Spam threshold is configured in Amavisd parameters (/etc/amaivs/conf.d/):

sa_tag_level_deflt
sa_tag2_level_deflt
sa_kill_level_deflt

8

Re: Per mailbox spam threshold settings

Thanks. I think it might need turning up on our server!

So, now I can set the threshold for spam
Globally, is there a way to set the spam threshold for an individual user on the system
?

Thanks.

9

Re: Per mailbox spam threshold settings

Hi. I'm still not getting span headers added to my messages going through the server, despite the threshold for headers being set to -100

I get:

X-Virus-Scanned: Debian amavisd-new

headers but nothing from spamassassin at all.

Any ideas where else there could be a configuration problem?

without spam headers, I can't use filters to set per user thresholds.

Chris.

10

Re: Per mailbox spam threshold settings

chrispyfur wrote:

X-Virus-Scanned: Debian amavisd-new

Then Amavisd is working.
Could you please show me whole /etc/amavis/conf.d/50-user? Remove password in it before posting.

11 (edited by chrispyfur 2012-08-28 19:13:59)

Re: Per mailbox spam threshold settings

Thanks for your continued efforts, sorry I'm not so fast to reply!

use strict;

#
# Place your configuration directives here.  They will override those in
# earlier files.
#
# See /usr/share/doc/amavisd-new/ for documentation and examples of
# the directives you can use in this file
#


#------------ Do not modify anything below this line -------------
#{1}


chomp($mydomain = "mailhost.xxxxxx.net");
@local_domains_maps = ['mailhost.xxxxxx.net', 'xxxxx.com'];
@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
                  10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );

# listen on multiple TCP ports. 9998 is used for releasing quarantined mails.
$inet_socket_port = [10024, 9998,];

# Enable virus check.
@bypass_virus_checks_maps = (
   \%bypass_virus_checks,
   \@bypass_virus_checks_acl,
   $bypass_virus_checks_re,
   );

# Enable spam check.
@bypass_spam_checks_maps = (
    \%bypass_spam_checks,
    \@bypass_spam_checks_acl,
    $bypass_spam_checks_re,
    );

$virus_admin = "root\@$mydomain"; # due to D_DISCARD default
$mailfrom_notify_admin = "root\@$mydomain";
$mailfrom_notify_recip = "root\@$mydomain";
$mailfrom_notify_spamadmin = "root\@$mydomain";

# Mail notify.
$mailfrom_notify_admin     = "root\@$mydomain";  # notifications sender
$mailfrom_notify_recip     = "root\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "root\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

# Disable defang banned mail.
$defang_banned = 0;  # MIME-wrap passed mail containing banned name

$policy_bank{'MYNETS'} = {   # mail originating from @mynetworks
  originating => 1,  # is true in MYNETS by default, but let's make it explicit
  os_fingerprint_method => undef,  # don't query p0f for internal clients
  allow_disclaimers => 1,  # enables disclaimer insertion if available
};

$policy_bank{'ORIGINATING'} = {  # mail supposedly originating from our users
  originating => 1,  # declare that mail was submitted by our smtp client
  allow_disclaimers => 1,  # enables disclaimer insertion if available
  # notify administrator of locally originating malware
  virus_admin_maps => ["root\@$mydomain"],
  spam_admin_maps  => ["root\@xxxxxxxx.net"],
  warnbadhsender   => 0,
  #warnvirussender  => 1,
  #warnspamsender   => 1,
  # forward to a smtpd service providing DKIM signing service
  #forward_method => 'smtp:[127.0.0.1]:10027',
  # force MTA conversion to 7-bit (e.g. before DKIM signing)
  smtpd_discard_ehlo_keywords => ['8BITMIME'],
  bypass_banned_checks_maps => [1],  # allow sending any file names and types
  terminate_dsn_on_notify_success => 0,  # don't remove NOTIFY=SUCCESS option
};

# SpamAssassin debugging. Default if off(0).
# Note: '$log_level' variable above is required for SA debug.
$log_level = 0;              # verbosity 0..5, -d
$sa_debug = 0;

# Set hostname.
$myhostname = "xxxxxxxxx";

# Set listen IP/PORT.
$notify_method  = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';

# Set default action.
# Available actions: D_PASS, D_BOUNCE, D_REJECT, D_DISCARD.
$final_virus_destiny      = D_DISCARD;
$final_banned_destiny     = D_PASS;
$final_spam_destiny       = D_DISCARD;
$final_bad_header_destiny = D_PASS;

@av_scanners = (

    #### http://www.clamav.net/
    ['ClamAV-clamd',
    \&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd.socket"],
    qr/\bOK$/, qr/\bFOUND$/,
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);

@av_scanners_backup = (

    ### http://www.clamav.net/   - backs up clamd or Mail::ClamAV
    ['ClamAV-clamscan', 'clamscan',
    "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);

# This policy will perform virus checks only.
#$interface_policy{'10026'} = 'VIRUSONLY';
#$policy_bank{'VIRUSONLY'} = { # mail from the pickup daemon
#    bypass_spam_checks_maps   => [1],  # don't spam-check this mail
#    bypass_banned_checks_maps => [1],  # don't banned-check this mail
#    bypass_header_checks_maps => [1],  # don't header-check this mail
#};

# Allow SASL authenticated users to bypass scanning. Typically SASL
# users already submit messages to the submission port (587) or the
# smtps port (465):
#$interface_policy{'10026'} = 'SASLBYPASS';
#$policy_bank{'SASLBYPASS'} = {  # mail from submission and smtps ports
#    bypass_spam_checks_maps   => [1],  # don't spam-check this mail
#    bypass_banned_checks_maps => [1],  # don't banned-check this mail
#    bypass_header_checks_maps => [1],  # don't header-check this mail
#};

# Apply to mails which coming from internal networks or authenticated
# roaming users.
# mail supposedly originating from our users
$policy_bank{'MYUSERS'} = {
    # declare that mail was submitted by our smtp client
    originating => 1,

    # enables disclaimer insertion if available
    allow_disclaimers => 1,

    # notify administrator of locally originating malware
    virus_admin_maps => ["root\@$mydomain"],
    spam_admin_maps  => ["root\@$mydomain"],
    warnbadhsender   => 0,

    # forward to a smtpd service providing DKIM signing service
    #forward_method => 'smtp:[127.0.0.1]:10027',

    # force MTA conversion to 7-bit (e.g. before DKIM signing)
    smtpd_discard_ehlo_keywords => ['8BITMIME'],

    # don't remove NOTIFY=SUCCESS option
    terminate_dsn_on_notify_success => 0,

    # don't perform spam/virus/header check.
    #bypass_spam_checks_maps => [1],
    #bypass_virus_checks_maps => [1],
    #bypass_header_checks_maps => [1],

    # allow sending any file names and types
    bypass_banned_checks_maps => [1],
};

# regular incoming mail, originating from anywhere (usually from outside)
#$policy_bank{'EXT'} = {
#  # just use global settings, no special overrides
#};

#
# Port used to release quarantined mails.
#
$interface_policy{'9998'} = 'AM.PDP-INET';
$policy_bank{'AM.PDP-INET'} = {
    protocol => 'AM.PDP',       # select Amavis policy delegation protocol
    inet_acl => [qw( 127.0.0.1 [::1] )],    # restrict access to these IP addresses
    auth_required_release => 1,    # 0 - don't require secret_id for amavisd-release
    #log_level => 4,
    #always_bcc_by_ccat => {CC_CLEAN, 'admin@example.com'},
};

#########################
# Quarantine mails.
#

# Don't quarantine mails with bad header.
$bad_header_quarantine_method = undef;

# Quarantine SPAM.
$spam_quarantine_to = 'spam-quarantine';

# Quarantine method. How to store mail body.
#   - 'local:spam-%i-%m', store mail on local file system.
#   - 'sql:', store mail body in MySQL.
$spam_quarantine_method = 'sql:';

#########################
# Quarantine VIRUS mails.
#
# Quarantine VIRUS into local file system. Default is 'virus-quarantine'.
$virus_quarantine_to     = 'virus-quarantine';

# Quarantine method. How to store VIRUS mail body. Default is 'local:virus-%m'.
# VIRUS is quarantined into local file system by default.
$virus_quarantine_method = 'sql:';

# Modify email subject, add '$sa_spam_subject_tag'.
#   0:  disable
#   1:  enable
$sa_spam_modifies_subj = 1;

# remove existing headers
#$remove_existing_x_scanned_headers= 0;
#$remove_existing_spam_headers = 0;

# Leave empty (undef) to add no header.
# Modify /usr/sbin/amavisd or /usr/sbin/amavisd-new file to add customize header in:
#
#   sub add_forwarding_header_edits_per_recip
#
#$X_HEADER_TAG = 'X-Virus-Scanned';
#$X_HEADER_LINE = "by amavisd at $myhostname";

# Notify virus sender?
#$warnvirussender = 0;

# Notify spam sender?
#$warnspamsender = 0;

# Notify sender of banned files?
$warnbannedsender = 0;

# Notify sender of syntactically invalid header containing non-ASCII characters?
$warnbadhsender = 0;

# Notify virus (or banned files) RECIPIENT?
#  (not very useful, but some policies demand it)
$warnvirusrecip = 0;
$warnbannedrecip = 0;

# Notify also non-local virus/banned recipients if $warn*recip is true?
#  (including those not matching local_domains*)
$warn_offsite = 0;

#$notify_sender_templ      = read_text('/var/amavis/notify_sender.txt');
#$notify_virus_sender_templ= read_text('/var/amavis/notify_virus_sender.txt');
#$notify_virus_admin_templ = read_text('/var/amavis/notify_virus_admin.txt');
#$notify_virus_recips_templ= read_text('/var/amavis/notify_virus_recips.txt');
#$notify_spam_sender_templ = read_text('/var/amavis/notify_spam_sender.txt');
#$notify_spam_admin_templ  = read_text('/var/amavis/notify_spam_admin.txt');
# Hope to fix 'nested MAIL command' issue on high load server.
$smtp_connection_cache_enable = 0;

# The default set of header fields to be signed can be controlled
# by setting %signed_header_fields elements to true (to sign) or
# to false (not to sign). Keys must be in lowercase, e.g.:
# 0 -> off
# 1 -> on
$signed_header_fields{'received'} = 0;
$signed_header_fields{'to'} = 1;

# Make sure it sings all inbound mails, avoid error log like this:
# 'dkim: not signing inbound mail'.
$originating = 1;

# Add dkim_key here.
dkim_key("xxxxxx.com", "dkim", "/var/lib/dkim/xxxxxxx.com.pem");

# Note that signing mail for subdomains with a key of a parent
# domain is treated by recipients as a third-party key, which
# may 'hold less merit' in their eyes. If one has a choice,
# it is better to publish a key for each domain (e.g. host1.a.cn)
# if mail is really coming from it. Sharing a pem file
# for multiple domains may be acceptable, so you don't need
# to generate a different key for each subdomain, but you
# do need to publish it in each subdomain. It is probably
# easier to avoid sending addresses like host1.a.cn and
# always use a parent domain (a.cn) in 'From:', thus
# avoiding the issue altogether.
#dkim_key("host1.xxxx.com", "dkim", "/var/lib/dkim/xxxx.com.pem");
#dkim_key("host3.xxxx.com", "dkim", "/var/lib/dkim/xxxx.com.pem");

# Add new dkim_key for other domain.
#dkim_key('Your_New_Domain_Name', 'dkim', 'Your_New_Pem_File');

@dkim_signature_options_bysender_maps = ( {
    # ------------------------------------
    # For domain: sugarcubeit.com.
    # ------------------------------------
    # 'd' defaults to a domain of an author/sender address,
    # 's' defaults to whatever selector is offered by a matching key

    #'postmaster@xxxxx.com'    => { d => "xxxxxx.com", a => 'rsa-sha256', ttl =>  7*24*3600 },
    #"spam-reporter@xxxxx.com"    => { d => "xxxxx.com", a => 'rsa-sha256', ttl =>  7*24*3600 },

    # explicit 'd' forces a third-party signature on foreign (hosted) domains
    "xxxxx.com"  => { d => "xxxxx.com", a => 'rsa-sha256', ttl => 10*24*3600 },
    #"host1.xxxx.com"  => { d => "host1.xxxxxx.com", a => 'rsa-sha256', ttl => 10*24*3600 },
    #"host2.xxxx.com"  => { d => "host2.xxxxx.com", a => 'rsa-sha256', ttl => 10*24*3600 },
    # ---- End domain: xxxxxx.com ----

    # catchall defaults
    '.' => { a => 'rsa-sha256', c => 'relaxed/simple', ttl => 30*24*3600 },
} );
$enable_dkim_verification = 1;  # enable DKIM signatures verification
$enable_dkim_signing = 1;    # load DKIM signing code, keys defined by dkim_key
# ------------ Disclaimer Setting ---------------
# Uncomment this line to enable singing disclaimer in outgoing mails.
#$defang_maps_by_ccat{+CC_CATCHALL} = [ 'disclaimer' ];

# Program used to signing disclaimer in outgoing mails.
$altermime = '/usr/bin/altermime';

# Disclaimer in plain text formart.
@altermime_args_disclaimer = qw(--disclaimer=/etc/postfix/disclaimer/_OPTION_.txt --disclaimer-html=/etc/postfix/disclaimer/_OPTION_.txt --force-for-bad-html);

@disclaimer_options_bysender_maps = ({
    # Per-domain disclaimer setting: /etc/postfix/disclaimer/host1.iredmail.org.txt
    #'host1.iredmail.org' => 'host1.iredmail.org',

    # Sub-domain disclaimer setting: /etc/postfix/disclaimer/iredmail.org.txt
    #'.iredmail.org'      => 'iredmail.org',

    # Per-user disclaimer setting: /etc/postfix/disclaimer/boss.iredmail.org.txt
    #'boss@iredmail.org'  => 'boss.iredmail.org',

    # Catch-all disclaimer setting: /etc/postfix/disclaimer/default.txt
    '.' => 'default',
},);
# ------------ End Disclaimer Setting ---------------
$sql_allow_8bit_address = 1;
$timestamp_fmt_mysql = 1;
@storage_sql_dsn = (
    ['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'XXXXXX'],
);
# Uncomment below two lines to lookup virtual mail domains from MySQL database.
#@lookup_sql_dsn =  (
#    ['DBI:mysql:database=vmail;host=127.0.0.1;port=3306', 'vmail', 'XXXXXX'],
#);
# For Amavisd-new-2.7.0 and later versions. Placeholder '%d' is available in Amavisd-2.7.0+.
#$sql_select_policy = "SELECT domain FROM domain WHERE domain='%d'";

# For Amavisd-new-2.6.x.
# WARNING: IN() may cause MySQL lookup performance issue.
#$sql_select_policy = "SELECT domain FROM domain WHERE CONCAT('@', domain) IN (%k)";

1;  # insure a defined return

12

Re: Per mailbox spam threshold settings

Hi, just wondering if you've any ideas here?

I'm just trying to get spam headers into messages so I can allow users to set thresholds.

Chris.

13

Re: Per mailbox spam threshold settings

PS, here is a sample message that's been through the server, as you can see, amavis is working...


To: general@xxxxx.xxxx
Reply-To: general@xxxxx.xxxx
Return-Path: <chris@xxxxx.xxxx>
Delivered-To: chris@xxxxx.xxxx
Received: from localhost (localhost [127.0.0.1]) by mailhost.xxxxx.xxxx(Postfix) with ESMTP id C1E6C7B467 for <chris@chrispyfur.net>; Thu, 20 Sep 2012 10:57:07 +0100 (BST)
Received: from mailhost.xxxxx.xxxx ([127.0.0.1]) by localhost (mailhost.xxxxx.xxxx [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m+thKdM1RR3a for <chris@xxxxx.xxxx>; Thu, 20 Sep 2012 10:57:06 +0100 (BST)
Received: from [192.168.2.3] (unknown [88.97.49.95]) by mailhost.xxxxx.xxxx (Postfix) with ESMTPSA id 07D427B403 for <general@xxxxx.xxxx>; Thu, 20 Sep 2012 10:57:04 +0100 (BST)
X-Virus-Scanned: Debian amavisd-new at mailhost.xxxxx.xxxx
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 6.0 \(1486\))
In-Reply-To: <DUB402-EAS15581633B694AB7517A607D8F9A0@phx.gbl>
Content-Transfer-Encoding: 7bit
Message-Id: <DBDFD98D-FAF5-4F05-810B-F1BCF8388C93@chrispyfur.net>
References: <DUB402-EAS15581633B694AB7517A607D8F9A0@phx.gbl>
X-Mailer: Apple Mail (2.1486)
Re: Siri

14

Re: Per mailbox spam threshold settings

Is there anyone out there that can help me here?