SPAM Delivery and Filtering Rules

Hi,

We are going live this evening and I'm taking care of some final details before migrating users to the new Virtualmin Pro server.

We have a (very) few users who are very sensitive to lost mail and are therefore performing the spam filtering in their mail clients.

On the old platform, Spamassassin marks the messages as spam (including the Subject), but delivers the messages to the normal inbox as opposed to dropping them into the spam folder. Then the user's mail client filters on the Subject and puts the messages into whatever folder they want.

How would I duplicate this behavior in Virtualmin?

In ISPConfig 2, there was an option called Spam Strategy (accept or discard).

Thanks in advance,

G

Status: 
Active

Comments

Howdy -- you can configure the default options for new domains by going into System Settings -> Virtualmin Configuration -> Spam Filtering Options. It sounds like you may want to set "Default delivery for spam" to "Deliver Normally".

To review the settings for existing Virtual Servers, you can look at Server Configuration -> Spam and Virus Delivery.

Hi there,

Yes, this is the precise issue I'm working on.

However, I need a way for this setting to be done on a user-by-user basis...preferably by the user within Usermin.

Curiously, if I create a new test user, I can log into Usermin -> Email Filters and it reports no "mail filters defined". I can then "add a new mail filter" to deliver spam into the Inbox. While not fully tested, this looks like exactly what I want to do. And testuser can delete that filter if he wants to in order to revert the behavior back to normal delivery into the 'spam' folder.

Now, I have existing users (myself, for example) who see four filters defined when they go to Usermin -> Email Filters. These filters can not be deleted or edited by the user. If they could be, there would be no problem.

Always                               Perform spam classification
Spam score is at least 10            Throw away
Email is spam                        Save in folder spam
Always                               Deliver to your Inbox

To give you the rest of the info you need, I used these commands at the command line:

/usr/libexec/webmin/virtual-server/modify-spam.pl --all-domains --spam-delete-level 10 /usr/libexec/webmin/virtual-server/modify-spam.pl --all-domains --spamclear-days 7

Was that a mistake?

Is there a better way do do these things?

Thanks in advanve,

G

So there are two levels of filters in Virtualmin - those setup by the admin (in the virtualmin UI on port 10000, or via the command line), and those managed by the user (via Usermin on port 20000, or in his .procmailrc file).

The admin-level filters are processed first, and cannot be edited by the user. Only if they don't result in delivery will the user's filters be run.

Thanks for the quick reply.

I assume you are talking about procmail filters?

Assuming I caused this problem by using the modify-spam.pl command, how would I go about fixing this issue? (the issue being that I would like users to be able to override the default spam handling settings)

I would like to set these settings as defaults, or for all users who don't specify their own filters:

  • spam in .junk folders should be deleted after some number of days
  • spam that is 'spammier' than 10-12 should be rejected outright
  • virus-infected mail rejected outright/deleted
  • spam filtering enabled
  • virus filtering enabled

How would I go about fixing things for all existing users? (only one user has their own .procmailrc at this time)

Thanks,

G

Unfortunately there is no way to let users override the default spam destination, due to the order in which procmail filters are processed.

If the domain-level rules deliver a mail to the spam folder, none of the users filters will be run. Only if the domain-level rules let the message through will users have control over whether spam is sent to a special folder, deleted, or delivered normally.

Ok, I think I understand your comment #5. Thanks for that.

Can you please elaborate?

Can you please re-read comment #4 (actually all my comments) and tell me how to get there from here? I'm guessing I messed things up using the modify-spam.pl command without understanding the consequenses.

If I create a new user, and log into Usermin as that user, there are no pre-existing filters defined (visible), so I can create a rule:

  • Email classified as spam
  • Save in folder Inbox

which I assume would do what I want to do. Am I wrong?

If this will do what I want, how do I 'fix' all of the existing users so that they too can create this filter?

Or put another way perhaps, how do I get rid of the per-domain filtering rules that existing users see, but can't delete? Where are all of these filtering rules?

I have a stock /etc/procmailrc:

[root@www ~]# cat /etc/procmailrc LOGFILE=/var/log/procmail.log TRAP=/etc/webmin/virtual-server/procmail-logger.pl :0wi VIRTUALMIN=|/etc/webmin/virtual-server/lookup-domain.pl $LOGNAME :0 * ?/usr/bin/test "$VIRTUALMIN" != "" { INCLUDERC=/etc/webmin/virtual-server/procmail/$VIRTUALMIN } DEFAULT=$HOME/Maildir/ ORGMAIL=$HOME/Maildir/ DROPPRIVS=yes

I did a diff on my own domain's procmail file compared to a brand new domain and they are the same:

[root@www ~]# diff /etc/webmin/virtual-server/procmail/128776738811849 /etc/webmin/virtual-server/procmail/128544404729095

Thanks again,

G

So if you want to turn off all spam delivery that happens before users' rules are processed, you can use the commands :

virtualmin modify-spam.pl --all-domains --spam-no-delete-level --spam-deliver

Then users will be able to create their own rules to deliver to a separate folder or whatever they want ..

Cool.

So, what does this command do?

Which files does it modify? I'm trying to understand the filtering logic so that I don't ask stupid questions...

Can I set a "spam classified over 12" deletion rule globally?

Can I set a "spam older than 10 days" deletion rule globally?

Thanks,

G

It modifies the files under /etc/webmin/virtual-server/procmail .

There are separate rules for each domain, so you can configure each one separately (either via that command, or in the Virtualmin UI), or you can update all domains at once (using the --all-domains flag).

Is there a Virtualmin Support rule where you are only allowed to answer one question per comment?

This is soon going to be the longest string of incomplete answers I've ever seen. I guess I'll just start copying and pasting from my previous list of questions and resend them until I get an answer:

I'm trying to understand the filtering logic so that I don't ask stupid questions...

What is the filter logic/progression?

Can I set a "spam classified over 12" deletion rule globally?

Can I set a "spam older than 10 days" deletion rule globally?

You know, I don't want to spend any more time sending these stupid messages than you want to spend answering them. We're almost done here. Can I just get a complete answer, please?

I'm sorry for being stupid, but this is getting ridiculous.

Thanks in advance,

G

Sorry, didn't realized there were multiple questions in there..

What is the filter logic/progression?

  1. Mail aliases for the user are processed
  2. Domain-level spam filtering rules are processes - these are in /etc/webmin/virtual-server/procmail/XXX , where XXX is the domain's unique numeric ID
  3. User-level rules are processes - there are in .procmailrc in the user's home directory, and are editable in Usermin

If any filter matches, those below it are not processed.

Can I set a "spam classified over 12" deletion rule globally?

Yes, with the command virtualmin modify-spam --all-domains --spam-delete-level 12

Can I set a "spam older than 10 days" deletion rule globally?

Yes, with the command virtualmin modify-spam --all-domains --spamclear-days 10

Thanks for that.

I've done a bunch more testing without the results I'm looking for.

OK, so is this the bottom line: There is no practical way to do client-side filtering with Virtualmin on a user-by-user basis. (i.e Outlook rule to put spam in a local Junk Messages folder based on X-Spam headers)? Yes, I understand I can do this for entire domains, just not individual users.

And is this also true: There is no way using Virtualmin/Usermin for end-users to override administratively-set spam filtering defaults?

Would it be possible or practical to implement defaults by using /etc/skel/.procmailrc? That would allow users to override the defaults, wouldn't it?

Thanks,

G

p.s. Sorry for wasting your time. I guess I'm done doing so for now. Thanks again.

If you want to do client-side filtering, I would recommend having all spam just delivered to the user's inbox. You can enable this globally with :

virtualmin modify-spam.pl --all-domains --spam-no-delete-level --spam-deliver

Mail will still have the X-Spam headers, so you can filter on them in outlook.

Having default filters in /etc/skel/.procmailrc is a good idea ..

is it possible to SA-autolearn messages that have been put into the spam folder manually with outlook?

I've done that in the past by means of a cronjob with sa-learn.