Rspamd and aliases

[jigster]

If a domain has email forwarders, it seems that any spam detected by rspamd (and spamassassin) for those forwarders is being moved to the spam folder of the account's admin user. This is fine for forwarders pointing to external addresses, but when the alias points to an email address in the same account/domain, we would like the spam to be placed in the spam folder of the destination address in the same domain.

I've looked at the rules in /usr/local/directadmin/data/templates/filter_userspamfolder (after reading https://docs.directadmin.com/change...t-to-save-to-spambox-if-account-doesn-t-exist), but not sure how these rules could be modified/extended to check if the forwarder destination is local and if so, send the spam there (to the spam folder), not the admin's? Any ideas anyone? Thanks

 

[jigster]

Decided to move this to https://forum.directadmin.com/threads/email-forwarders-and-spam-filtering.81895/ as not specific to rspamd!

 

[zEitEr]

rSpamd checks incoming emails at the very first arrive and apply actions per settings. Probably another result (per your needs) can be get by using Sieve rules. Once can adjust sieve rules using RoundCube webinterface, when using RoundCube for creating Sieve rules, they are applicable to a specific email account only. This is what came to mind only now, and I never tested it.

If you give it a try the sieve rules should be created under account's admin user.

 

[jigster]

Yeah that might work. We have a lot of email users who don't have access to the DA admin user so I'll need to automate any solution so it works when an email forwarder is set up. I guess I'd need a post-email-alias hook of some kind. I'll look into this idea, thanks.

 

[jigster]

I'm struggling with a sensible sieve rule: I believe sieve's 'fileinto' can only be used to move emails to a folder within the same account. And a 'redirect' to the forwarder destination would result in the email being rescanned by Rspamd, which seems like a waste of resources because the emails would have to be processed twice by Rspamd. But currently seems like the only option. Any other ideas?

Then I can use the DirectAdmin hook forwarder_(create|delete)_(pre|post).sh to automate the creation/deletion of the sieve rules.

 

[zEitEr]

Any other ideas?

In theory when you process an email with Sieve you might add a custom header to such an email. Then you might check in Exim whether or not the header exists, and skip the second scan with rspamd if the header exists. And again, these are only my thoughts, and I did not test them in practice.

 

[jigster]

In theory when you process an email with Sieve you might add a custom header to such an email. Then you might check in Exim whether or not the header exists, and skip the second scan with rspamd if the header exists. And again, these are only my thoughts, and I did not test them in practice.

Thanks, I did consider that as an option, along with using a pipe to a script, but it all seemed a bit complex for such a simple task! And a header that bypasses spam filtering might be vulnerable to abuse. Thanks for your help as always @zEitEr

 

[zEitEr]

Alternatively you might disable spam scanning of incoming emails to forwarders. This is the default behaviour of SpamAssassin. rSpamd scans all emails.

If none of these options work for you, then you might consider requesting the new option from Directadmin developers.

 

[jigster]

Disabling spam scanning of incoming emails to local-destination-forwarders (but do scan 'real' email addresses and also external-destination forwarders) sounds like the perfect solution. Any idea how to implement that? Strange that spamassassin doesn't scan incoming emails to forwarders but rspamd does. I thought DA had both set up more or less the same way.