scan forwarder email alias.. ( its begin to be a big problem for us.. )

[DirectAdmin Support]

Hello,

To save you the trouble, I did just a test from one external box... to a forwarder on a DA box with spamassassin enabled. It forwarded to another email address on a non DA box. I checked the email after it ended it's journey on the 3 boxes and the spam headers from the middle box were present, so spamassassin is in fact checking the messages.

I also happen to have another similar setup, with the "delete high-scoring spam" option enabled, which is deleting the spams before forwarding it out.. so that's also working.

If there is an issue, it's either the spam isn't "spam" enough for spam assassin, or not scoring high enough for the high-scoring filter (or whatever option you've set)

John

 

[nobaloney]

John, Would you please check the flow of my exim.conf file to be certain that the SpamAssassin filter is called properly if email is forwarded?

It's possible I've made an error in the latest SpamBlocker exim.conf 3.1-beta file.

Please check at my download page, here.

Thanks very much.

Jeff

 

[nobaloney]

I think it should be added by default.

However, what would happen if the server didn't have SpamAssassin installed. The guide on DA's site at the URL http://help.directadmin.com/item.php?id=36 explains how to install SpamAssassin, but it's not installed by default. So, if the user does not have SpamAssassin installed, will adding this code into the exim.conf file cause any issues for those users?

The patch is to the SpamCheck director; if SpamAssassin isn't called isn't installed then the section will remain commented out and won't be called.

I think I should add it as a default.

John, what do you think?

Jeff

 

[duke28]

its fixed with this exim.conf

thx

but for my problem for spam forward to hotmail..

is it possible to modify skin in the email alias forward section to create forwarder just for local domain ONLY.. not to an external email..

i want force it..
its going to be better for us..

sorry for my english again..

 

[DirectAdmin Support]

Hello,

Yes, you can use the all_pre.sh to limit what is created.
I won't go into detail on the specific syntax you'd need, but basically, you'd have to check the values they enter.. and compare the domains used and make sure the domains exist in /etc/virtual/domains to define them as local or not.

Here are several all_pre.sh samples you can use as a guide:
http://help.directadmin.com/?query=all_pre.sh

This one is probably the closest idea of what you might be looking for:
http://help.directadmin.com/item.php?id=163

John

 

[DirectAdmin Support]

Jeff:
Regarding your exim.conf ... I looks pretty much the same in respect to the flow of directors. I'm guessing you've only really changed the ACL's which shouldn't be a factor with this... I didn't test it out though.

Regarding having the spamcheck uncommented by default... you'd have to ensure that spamd is up and running if it's uncommented. The spam.sh has some user input (y/n type questions), and doesn't work every time for all systems which is why we don't run it by default during the install.

John

 

[nobaloney]

I'll leave it off by default in my version as well.

Thanks for the info.

Jeff

 

[donkeyKICK]

I've read this thread and seem to have confused myself. If an email comes into a forwarder is it scanned for spam (and clamAV)?

I just did a clean install, using custombuild, and noticed that with the catch-all email boxes aren't being created for catch-all emails that were spam. So that seems to be already done (before I remeber having to insert the code at the beginning of the thread, so it seems that I no longer need to do that). So, I guess what I am asking is:

Are forwarders scanned for spam and viruses?
Is the code at the beginning of this thread still needed in the latest version of spamblocker 3.1 beta?
Do I still need to insert the code for the catch-all to not create boxes?

 

[PBilodeau]

http://help.directadmin.com/item.php?id=156

Then I'm not sure what you need. The link that I sent you tells you exactly what to do to enable SpamAssassin to scan forwarders.

Note that scanning a message is in absolutely no way related to where a message ends up. Only the filters in /etc/virtual/domain.com/filter determines where a message goes, based on the message headers, so check that as well.

The condition you've got there shows that there is no checks at all for the message type, so if normal messages are working but forwarders are not, then it's not because of spamassassin.

I was having a problem with a client saying the messages send to a forwarder didn't get spam-scanned. I used the guide at id=156 to enable scanning only local addresses and added the forwarders related additional line.

After a lot of verifications in system logs and users mailboxes, I noticed that it now creates a subdirectory /home/account/imap/domain.com/forwarder/Maildir/.INBOX.spam, and drops all spam in it. I have one problem with this: If some tagged mails are not really spam, it's IMPOSSIBLE the user can get to them and move them to their inbox, since they are in the forwarder's Maildir directory, and there is no account for a forwarder.

I have 2 related questions:

1) If I remove the line in exim.conf to scan forwarders, will the spam mail get spam-scanned anyway when it reaches the final recipient (obviously I'm taking about a local user, not external!).

2a) If I continue to scan forwarders email, where can I make a change so that spam mails are sent to the global mailbox (/home/account/Maildir) instead of the forwarder. I assume I could modify /etc/virtual/domain.com/filter, but I would have to do it for every domain, and I believe it may be overwritten by DA somehow.
2b) Can you help me make sure what would I add to the filter script to accomplish this behavior?

Thanks in advance.

 

[donkeyKICK]

What do you want done with the scanned email? Scan and deliver anyway, or just tag the subject?

 

[PBilodeau]

What do you want done with the scanned email? Scan and deliver anyway, or just tag the subject?

Scan and store it somewhere where it can be checked (not under the forwarder's name!), so it can be sent to the final recipien should the mail tagged as spam not be real spam in the end.

 

[technimad]

We are seeing problems related to the ones mentioned in this thread.
We've changed exim.conf according to kb id=156, but messages sent to forwarders to external domains are not checked by spamassassin. Local deliveries and forwarders are working fine.

Our spamassasin section in exim.conf looks like this:

spamcheck_director:
  driver = accept
  condition = "${if and { \
                        {!def:h_X-Spam-Flag:} \
                        {!eq {$received_protocol}{spam-scanned}} \
                        {!eq {$received_protocol}{local}} \
                        {exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
                        {exists{/etc/virtual/${domain}/passwd}} \
                        { \
                        or \
                                { \
                                {!eq{}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/passwd}}}} \
                                {!eq{}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}} \
                                {eq {$local_part}{${lookup{$domain}lsearch{/etc/virtual/domainowners}}}} \
                                } \
                        } \
                } {1}{0}}"

#  condition = "${if and { \
#                       {!def:h_X-Spam-Flag:} \
#                       {!eq {$received_protocol}{spam-scanned}} \
#                       {!eq {$received_protocol}{local}} \
#                       {exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassas$
#               } {1}{0}}"
  retry_use_local_part
  transport = spamcheck
  no_verify

What do we need to change to get messages forwarded to external domains scanned by spamassasin?

 

[divorce certifi]

so is it scan all alias email .. who people make a forward to hotmail ??

YES OR NOT ??

i dont understand why by default its not its.. because its make blacklisted the server on hotmail.. when spam is forward to hotmail...

SERVICES RAPIDENET CANADA
http://www.RapideNet.ca
http://www.ServeurLocation.ca
Services Web Hebergement Canada
Telephone : 1-866-570-2203 ( toll free )
Telephone : 1-450-724-0637 ( international )