1

Topic: Estending spam filters based on email addresses used by a specific IP

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2
- Deployed with iRedMail Easy or the downloadable installer? Download
- Linux/BSD distribution name and version: FreeBSD
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi,
i am looking at a way to eliminate some additional spam.
In my particular situation I have a number of email addresses that are no longer receiving any useful email but that have been harvested by spammers over the years. I would like to trigger something when an email is received by one of these addresses and automatically tag as spam anything that comes from the same IP address for, let's say, the following 24hrs.
I think this is possible, maybe with a bit of custom code, I might be bale to write some of the code myself, but I need a bit of help understanding how to hook it up to iredmail.
BTW, i would rather silently discarding all messages, rather than blacklist the IP, they would simply change IP based on the spammers behavior i have observed. But I'm happy to ear arguments for doing it the other way, if anyone has experience about it.
Thank you.

2

Re: Estending spam filters based on email addresses used by a specific IP

Just one of the possibilities:

How about forward all emails received by these accounts to a central account, e.g. spam@yourdomain.com, then run "sa-learn" with a cron job to learn them as spam and remove them after learnt.

Notes:

- It would be better to store SpamAssassin bayes data in SQL in this case:
https://docs.iredmail.org/store.spamass … n.sql.html

- You may want to disable spam/virus scanning (with iRedAdmin-Pro) for these accounts (and spam@) since no one will check those emails in MUA or webmail, this should save some system resources. You should make sure their emails will not be forwarded to any other mailbox used by someone, including the sieve redirect.

----

Buy me a cup of coffee ($5) to support iRedMail:

buy me a cup of coffee