spamass-milter: how to discard spam
SpamAssassin is a great tool for filtering out spam email from the rest, and spam email is a real pain these days.
spamass-milter is a sendmail filter that can be used to connect spamassassin and sendmail together (it is one of many different ways, others include amavis and procmail).
spamass-milter is fine if it is being used on a mail server that sits at the edge of your network, mail identified as spam can be rejected immediately without your server needing to generate bounce messages – the message is immediately rejected and the server that first tried to deliver the message to you has the problem of bouncing the mail instead.
Technically this is the best thing to do – it allows a real sender (marked as spam by mistake) to know that their email has not been received. In reality, however, this tends not to happen (unless you have your reject score set far too low – I use 5.0 as a cut off point and have never seen a non-spam mail score this high [I believe SpamAssassin recommend 15.0])
It is a lot more likely that your rejection of a spam message does one of two things (and I have seen evidence of both):
- The spammer spots the rejected message and tries again with a slightly different message and keeps trying, using the reject messages to hone his skills – this is definitely a bad side effect.
- The mail server that tried to send you a message generates a bounce message and delivers it to an unsuspecting third-party – a lot of spam is sent from real email addresses that do not belong to the spammer. So, in effect, you are then partly responsible for redirecting the spam to someone else. I don’t believe this to be a neighbourly action!
My preferred alternative is to simply discard the message – the source mail server/ spammer believes the mail has been sent successfully and you simply throw the spam message away.
Unfortunately, spamass-milter doesn’t support this option – also, it appears to me that the creators of the filter are reluctant to add such functionality (I’d assume this to be due to it not being technically correct).
Well, I wanted it to work this way – I was deploying spamass-milter in conjunction with scalix and its SMTPFILTER option, so by the time the mail gets to spamass-milter, scalix has already accepted it – so a reject will always generate a bounce message. It’s a one line patch, so fairly trivial (although be warned this method prevents the use of -b and -B as the message is discarded, so it cannot be delivered to anyone)
This patch is based on version 0.3.1 of spamass-milter
Download the source for spamass-milter
unpack it
tar -xzf spamass-milter-0.3.1.tar.gz
configure it
cd spamass-milter-0.3.1
./configure
next, edit the file spamass-milter.cpp, locate the section that looks like this:
if (do_reject)
{
debug(D_MISC, "Rejecting");
smfi_setreply(ctx, "550", "5.7.1", "Blocked by SpamAssassin");
if (flag_bucket)
and add one extra line after the debug message (maybe change the debug message too)
if (do_reject)
{
debug(D_MISC, "not rejecting, discarding");
return SMFIS_DISCARD;
smfi_setreply(ctx, "550", "5.7.1", "Blocked by SpamAssassin");
if (flag_bucket)
Save the changes and compile the program
make
You now have a binary file spamass-milter which, when deployed with the ‘-r’ flag will discard spam mail messages instead of rejecting them.
UPDATE:
Scalix now supports milters directly (using their SMTPMILTER option) so I can now reject spam messages without tying the server up sending bounce messages. Unfortunately it doesn’t work properly with spamass-milter straight out of the box (mail that should be rejected is delivered as normal), I have found that commenting out one line in spamass-milter.cpp will fix this – locate the section mentioned above and comment out the smfi_setreply line:
if (do_reject)
{
debug(D_MISC, "Rejecting");
//smfi_setreply(ctx, "550", "5.7.1", "Blocked by SpamAssassin");
if (flag_bucket)