...
In general, no. While SpamAssassin is very good at picking out a large proportion of spam, it's impossible for a computer to do this job perfectly. Legimate mail incorrectly marked as spam is known as False Positives FalsePositives or FPs (see AvoidingFpsForAdmins and AvoidingFpsForSenders). You should only delete mail if you (and your users/customers) would find it acceptable to lose mail that are FPs. A much better idea is to filter possible spam into a separate folder that can be checked less frequently than the normal mailbox.
...
Don't say we didn't warn you
SpamAssassin itself will not delete any emails. It's only a filter which reads email in, and passes that same email out, modified in some way. If you want to delete emails, or redirect emails, you need to do it in whatever program calls SpamAssassin.
The following procmail script will store delete mail with a score of 15 or higher in a different folder. By moving the #
(comment) mark up one line, it will save all mail with a score of 15 or higher in a separate folder rather than deleting. The general implementation then, is that mail with a score of less than 5 goes into the inbox, a client side rule triggering on "X-Spam-Status: YES" will cause mail scoring between 5 and 15 to go into a Junk Mail folder where it can regularly be checked, and mail of 15 or higher will be stored on the server or dropped on the floor.
...
How can I configure procmail to bounce messages flagged as spam?
...
Don't do this. Most spam forge the From line. If you bounce to it, you'll likely just be contributing to the \[http://catb.org/~esr/jargon/html/J/joe-job.html Joe Job\] of some innocent soul. If you want to bounce messages (so that senders know it didn't reach you), you need to do it at the MTA level as described above.it at the MTA level as described above.
Qmail
If you're using qmail (see IntegratedInMta), you can set up SpamAssassin through Qmail-Scanner, which has a patched version able to delete spam at a given threshold. Alternatively, you can configure the patched version of Qmail-Scanner to reject spam at a given threshold during the smtp session. Rejecting spam is a better approach than silently deleting or bouncing it because the sender (assuming its a real person) will know the message wasn't delivered and the sending mail server will have to handle the bounce which prevents back scatter from being sent by your mail server. Here's the patched version and the original.
If you don't want the full Qmail-Scanner you can try Mailparser by Eric Bambach. Originally a very lightweight C program but now (9/14/2007) re-implemented in perl it will drop any message that has X-Spam-Flag: YES in the header.
Rename /var/qmail/bin/qmail-queue to qmail-queue.orig and add it to the delivery queue after SpamAssassin.
Example /var/qmail/bin/qmail-queue file
No Format |
---|
#!/bin/bash
/usr/bin/spamc | /var/qmail/bin/mailparser | /var/qmail/bin/qmail-queue.orig
|
Challenge-response and Email passwords
If you're willing to make senders jump through hoops to reach you, you can begin rejecting all mails except for ones known to be legitimate. Some believe this solution is worse than the disease.
...
- \[http://www.templetons.com/brad/spam/challengeresponse.html Principles\] of a Challenge-Response system by Brad Templetonunmigrated-wiki-markup
- \[http://tmda.net/challengeresponse.html TMDA\] is the best known Challenge-Response systemunmigrated-wiki-markup
- \[http://www.dwheeler.com/essays/spam-email-password.html Email passwords\] by David Wheeler are another implementation
Contributors
- DanKohn
- David Wheeler