Skip navigation
This discussion is archived

blacklist_from and sa_dsn_cutoff_level

2729 Views 6 Replies Latest reply: Jul 27, 2009 5:09 PM by davidh RSS
David_x Level 4 Level 4 (3,010 points)
Currently Being Moderated
Jul 27, 2009 3:11 AM
Just noticed this...

I have an explicitly blacklisted sender in local.cf which correctly applies a 100 point score to incoming email from that sender. However, they then get a DSN bounce from the server daemon despite the sadsn_cutofflevel = 12.

I'll change to using a recipient access file (and DISCARD action) but the question remains...

Do messages with an explicit blacklist_from command bypass amavisd.conf settings for DSN notices?
  • pterobyte Level 6 Level 6 (10,910 points)
    Currently Being Moderated
    Jul 27, 2009 7:16 AM (in response to David_x)
    Hi David,

    no they should not bypass it. Is finalspamdestiny set to D_DISCARD?

    Alex
    Mac OS X (10.5.7)
  • pterobyte Level 6 Level 6 (10,910 points)
    Currently Being Moderated
    Jul 27, 2009 10:17 AM (in response to David_x)
    David,

    you should set it to D_DISCARD. You really do not want to send spam back to inexistent senders.

    Alex
    Mac OS X (10.5.7)
  • pterobyte Level 6 Level 6 (10,910 points)
    Currently Being Moderated
    Jul 27, 2009 11:36 AM (in response to David_x)
    David,

    if you need some form of quarantine, use a mailbox instead of /var/virusmails.

    This way, mail between kill_level and quarantine_cutoff will go into the quarantine mailbox and not be rejected/bounces. You can share this mailbox if needed.

    If you keep D_REJECT, you will always have bad bounces.

    HTH,
    Alex

    P.S. A good overview of settings can be found here: http://www200.pair.com/mecham/spam/amavisd-settings.html

    Message was edited by: pterobyte
    Mac OS X (10.5.7)
  • davidh Level 4 Level 4 (1,890 points)
    Currently Being Moderated
    Jul 27, 2009 5:09 PM (in response to pterobyte)
    Further, I recommend you use amavisd (as you already are for the $sadsn_cutofflevel settings, etc.)
    for whitelising, since it is amavisd that is calling spamassassin.

    There's plenty of info on/for amavisd and whitelisting.

    That said, what works for some is NOT right for others/everyone, but after long having used proper Postfix anti-spam configuration, I have amavisd.conf set to
    $satag_leveldeflt = -999; # add spam info headers if at, or above that level
    $satag2_leveldeflt = 2.1; # add 'spam detected' headers at that level
    $sakill_leveldeflt = 5.5; # triggers spam evasive actions (e.g. blocks mail)
    $sadsn_cutofflevel = 7;

    and have not once in the past several years had any word of false rejection(s) or any lost/mishandled incoming messages.
    There have been other problems at the external emailer(s)' mailserver, and they have used
    - for example - a gmail account to complain to my mail users, only to have it turn out to be botched DNS or mailserver settings at their end (Symantec AV's mailserver... offering, completely mangling mail-headers before sending it out, as just one example. It may have been misconfigured).

    But what matters far more than wrangling amavisd and/or spamassassin in regards to otherwise legitimate mail traffic, is proper configuration of postfix. Run, don't walk to see Pterobyte's Front-Line defense tutorial at http://osx.topicdesk.com/

    If you use it, I recommend making a contribution (and I have no official affiliation with Pterobyte or that site).

    Next stop I strongly recommend reading up at the Postfix site,
    and http://www.postfix-book.com/

    Point being, handle spam vs. legitimate mail earlier via Postfix, rather than wasting server resources.
    It's not hard to adjust Postfix (via custom rules) to accommodate for problems for some users (at their end), although one should not have to
    Mac OS X (10.5.5), ACMT, ACTC (10.2) ACSA (10.4)

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.