Comments on: SpamAssassin Bayes training in a single-user procmail setup http://www.dankohn.com/archives/321 Freedom of the press belongs to those who own one. - A.J. Liebling Mon, 09 Nov 2009 22:40:02 +0000 http://wordpress.org/?v=2.9 hourly 1 By: The Anarcat http://www.dankohn.com/archives/321/comment-page-1#comment-37 The Anarcat Thu, 27 Nov 2003 15:42:02 +0000 http://dankohn.flydash.com/archives/321#comment-37 Even better... I hated the idea of offering on a silver platter the learning addresses to spammers, so I made the learning pipe also send me the email after. If someone misuses the thing, I can notice and take action (either take the address private or simply off). An "X-Learned-As" header is also added to notified me spamassassin has learned from the email. Also note that "EXTENSION" does not exist by default in procmail. Often, the extension is passed as the first argument ($1), so I had to add "EXTENSION=$1" to my procmailrc to make this work: # +ham|spam is a learning adress: ham is *good*, spam is *bad* :0 * EXTENSION ?? ham|spam * < 256000 { :0cw: spamassassin.spamlock | sa-learn --$EXTENSION :0fw | formail -a"X-Learned-As: $EXTENSION" } # after here, mail is delivered as usual Usually, the result is that mail that I forward to my +ham adress comes back as confirmed "ham" and mail sent to +spam ends up in the rat's hole "junk" folder. :) If I received something as "ham" and it is not, I can always feed it back to the +spam adress and spamassassin will forget that it is ham. Even better… I hated the idea of offering on a silver platter the learning addresses to spammers, so I made the learning pipe also send me the email after. If someone misuses the thing, I can notice and take action (either take the address private or simply off).

An “X-Learned-As” header is also added to notified me spamassassin has learned from the email. Also note that “EXTENSION” does not exist by default in procmail. Often, the extension is passed as the first argument ($1), so I had to add “EXTENSION=$1″ to my procmailrc to make this work:

# +ham|spam is a learning adress: ham is *good*, spam is *bad*
:0
* EXTENSION ?? ham|spam
* < 256000
{
:0cw: spamassassin.spamlock
| sa-learn –$EXTENSION

:0fw
| formail -a”X-Learned-As: $EXTENSION”
}
# after here, mail is delivered as usual

Usually, the result is that mail that I forward to my +ham adress comes back as confirmed “ham” and mail sent to +spam ends up in the rat’s hole “junk” folder. :) If I received something as “ham” and it is not, I can always feed it back to the +spam adress and spamassassin will forget that it is ham.

]]> By: Another alternative http://www.dankohn.com/archives/321/comment-page-1#comment-36 Another alternative Fri, 24 Oct 2003 17:43:05 +0000 http://dankohn.flydash.com/archives/321#comment-36 If you know how to configure your SMTP server to handle them, an even better alternative might be to use address extensions so that you can handle multiple users on the same server. eg Assuming you've set the environment variable EXTENSION based on the extension, you can do: :0 * EXTENSION ?? ham|spam * < 256000 | sa-learn --$EXTENSION That way you can send to eg craig+ham@example.com or craig+spam@example.com and have the thing auto-learn for that user. user2+spam@example.com will learn for user2 Also worth noting that you probably want a check how the mail is getting to those addresses -- probably in your SMTP server you want to verify the MAIL FROM so that spammers can't just send mail to your ham address! If you know how to configure your SMTP server to handle them, an even better alternative might be to use address extensions so that you can handle multiple users on the same server. eg Assuming you’ve set the environment variable EXTENSION based on the extension, you can do:

:0
* EXTENSION ?? ham|spam
* < 256000
| sa-learn –$EXTENSION

That way you can send to eg craig+ham@example.com or craig+spam@example.com and have the thing auto-learn for that user. user2+spam@example.com will learn for user2

Also worth noting that you probably want a check how the mail is getting to those addresses — probably in your SMTP server you want to verify the MAIL FROM so that spammers can’t just send mail to your ham address!

]]> By: Dan Kohn http://www.dankohn.com/archives/321/comment-page-1#comment-35 Dan Kohn Sun, 19 Oct 2003 19:41:02 +0000 http://dankohn.flydash.com/archives/321#comment-35 An even better strategy may be to move the offending false negative spam into a Public Folder, then access it as an IMAP folder. This preserves the full headers, which can significantly improve the Bayes training. Here's a Perl script to do just that: <a href="http://marc.theaimsgroup.com/?l=spamassassin-talk&m=104806917615490&w=2" rel="nofollow">http://marc.theaimsgroup.com/?l=spamassassin-talk&m=104806917615490&w=2</a> An even better strategy may be to move the offending false negative spam into a Public Folder, then access it as an IMAP folder. This preserves the full headers, which can significantly improve the Bayes training. Here’s a Perl script to do just that:

http://marc.theaimsgroup.com/?l=spamassassin-talk&m=104806917615490&w=2

]]>