Spamfilter Policy Yes/No choices explained

Discussion in 'General' started by Nap, Jan 29, 2015.

  1. Nap

    Nap Member

    I'm reading the ISPConfig manual and the amavisd-new documentation bits and pieces page, and I'm a bit confused about the meanings of the ISPConfig Options.

    A) Policy Option List
    1. If Bypass Virus Checks is Yes, but Virus Lover is No, what happens? (Same for Bypass Banned Checks & Banned Files Lover and Bypass header checks & Bad header lover)
    2. Is the email subject line changed? (Like it does when SPAM thresholds are exceeded.)
    3. Do the above settings override or affect the behaviour of the on the Tag-Level settings? (Since a virus is not exactly spam.)
    4. If SPAM Lover is Yes, does that mean the Spam Subject Tags are not added (if the score would require them and SPAM modifies subject is Yes)?
    B) With regards to Quarantining.
    1. Does the Forward spam to email function require the email's score to cross the SPAM tag(2) level thresholds? Or is it triggered when an email attracts any kind of SPAM header?
    2. The other forwarders are binary Yes/No I assume.

    Any clarificaitons would be welcome.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    When you bypass checks, then the other options for these checks have no meaning as the check is not performed at all. If spam lover is yes, then I assume that the subject will not get tagged, but I havent tested that.

    Regarding quarantine, as far as I know, the tag2 level (as thats the level that splits mail in ham and spam) will matter here.
    Nap likes this.
  3. Nap

    Nap Member

    Thanks Till.

    I setup the quarantine addresses, and I'm getting the mails. However, the SpamFilter Policy I set for the quarantine account isn't being applied to the mail its receiving (I want to see the _score_ in the subject so I don't have to open the mail headers dialoge).
    Is this because the forwarding doesn't go through the normal channel?
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    If you want to apply the spamfilter to a mail forawrd / transport, add the email address that shell get this policy under mail > spamfilter > User / Domain.
  5. Nap

    Nap Member

    I checked, and the fields are already filled out. I even tried to create a new rule:
    Server: fqdn
    Priority: 10
    Policy: Quarantine_Only
    Email (Pattern): [email protected]
    Name: Scan Mail Forwarded into Quarantine
    Local: Yes​
    But when I saved it I got an SQL error "Duplicate Entry '[email protected]' for key 'email'

    It looks like the forwarded mail is either bypassing SpamAssassin (This kind of makes sense because otherwise there would be a double up on the SPAM headers), or the subject is changed after the mail is forwarded.

    The process seems to be something like
    Check => (If Spam: Add Headers) => (If Spam: Forward) => (If Spam: Alter Subject) => Deliver​
    rather than
    Check => (If Spam: Add Headers) => (If Spam: Alter Subject) => (If Spam: Forward) => Deliver​
    (The Delivery stage is simplified)

    It would be nice to see the score because I think its possible to decide if the real reason was due to a misconfigured server at the sender's end.
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    set debug log level to 5 in amisd to see in detail in mail.log what it is doing.
  7. Nap

    Nap Member

    I've done that and have posted an example of one email being processed on my server.
    I'm afraid the log is to complex for me to fully understand what's going on. :(

    The SPAM check is occuring when the quarantine account receives the forwarded mail, but the subject isn't being modified.
    (I can see spam_subject_tag=>"???SPAM???(_SCORE_)", spam_subject_tag2=>"***SPAM***(_SCORE_)" mentioned when the original recipient is being processed, but not when the quarantine account is processed.)

Share This Page