Page MenuHomeMiraheze

Explore setting up proper spamfilter
Closed, ResolvedPublic

Description

We’re getting spammed, constantly, and even security@ was spammed (T2604). We’ll need some frontline spamfilter to filter the stuff before it’s forwarded or sent to inbox.

Event Timeline

revi triaged this task as High priority.Jan 11 2018, 06:12
revi created this task.

Many many spam filtering software out there. SpamAssassin maybe?

Though I purposefully never set up a spam filter because there wasn’t a need when people didn’t post full unfiltered emails. Operations spam is a given - any filter has the chance of false positives especially when untrained.

Ah, iirc revi also mentioned SpamAssasin.

Well, there has been a lot of spam lately (with csr@, staff@ and as mentioned above, even security@).

(Even with the spamfilter, I would still probably do a weekly check to make sure there aren't any false positives)

There are plenty of tutorials out there for setting up spamassassin with postfix (spamd). We could just have it add spam score headers until we get the settings right.

We might consider looking at anti spam software. SpamAssassin looks relatively well known in terms of such software. As such I understand that ops staff have the final say but I +1 the suggestion

T2516 (declined) mentions one solution.

That solution is not relevant to a mail server.

As for John's comment, I have asked all CVT members to only post filtered emails, and I have also deprecated csr@ completely (which was already planned before)

So, it seems like we should probably get https://wiki.apache.org/spamassassin/StartUsing.

Though I'm not sure how, after install I would only make it add "spam headers" rather than directly start filtering the spam, so I will have to see that first.

You'd make the required score ridiculously high AFAIK.

Inject the header (not filtering them), wait for spamz, compare the ham and spam’s SA score, and set the score to ham<score<spam.

All the recent spam followed a syntax like:

Dear Editor,

My name is (name) and I write for (a company). I was doing research on
(something) and just finished reading your wonderful post:
(mz link)

In that article, I noticed that you cited a solid post that I’ve read in
the past: (wikipedia)

I just finished writing a guide that is even more detailed, updated and
comprehensive on (spam). It is more than 7,000 words and packed with practical
tips and advice. You can find it here:
(spammy link)

If you like the guide we’d be humbled if you cited us in your article. Of
course, we will also share your article with our newsletter subscribers and
followers across our social platforms.

Either way, keep up the great work!

Warmly,
Name

P.O. Box. You may unsubscribe
(link) to stop
receiving our emails.

Can we blacklist emails that follow this syntax?

If no one intends to do this, it shouldn’t be high priority anymore.

I would, but as I said I do not feel comfortable with doing this by myself, so since I can't, there is no point in keeping myself assigned

John lowered the priority of this task from High to Normal.Mar 17 2018, 12:12

Might as well add to my assign list to deal with at some point.

John changed the task status from Open to Stalled.Apr 12 2018, 22:26

SpamAssassin has requirements which in Jessie require a version of perl which is only available in stretch. Therefore this is blocked on T1996 apparently. Rather odd having that requirement line?