From: Sean Preston (no email)
Date: Thu Aug 01 2002 - 03:39:35 EDT
Hi
> I understand that the present question was not about having
> Postfix automatically label mail as suspicious.
That's correct. I was enquiring to see if there was a way of basically
holding a message in the queue. Similar to the command "exim -Mf <id>"
This could be used in a number of applications but was just of interest.
The one way I figured out was to stop postfix and then use a shell
script using find, fgrep and mv to move messages out into a temporary
directory and then later reinject them when I wanted them to be back in.
Thanks
Sean
> Rafi Sadowsky:
> > ## On 2002-07-30 10:04 -0400 Wietse Venema typed:
> >
> > WV>
> > WV> This is currently unimplemented. With Postfix, it could
> be done by
> > WV> setting some queue file permission bit (the "sticky"
> bit comes to
> > WV> mind :-) Considering that this is the first request in
> four years,
> > WV> not a high priority.
> > WV>
> > WV> Wietse
> >
> > It's at least the third request(Bill Kennedy & me is 2 requests)
> > - at the time you didn't seem to think that "quarantine"
> was a useful
> > feature (which was reasonable at that point in time)
> >
> > --
> > Thanks
> > Rafi
> >
> > ## On 1998-10-02 15:19 -0500 Bill Kennedy typed:
> > BK>
> > BK> Date: Fri, 2 Oct 1998 15:19:59 -0500 (CDT)
> > BK> From: Bill Kennedy <>
> > BK> To:
> > BK> Subject: Re: [VMAILER]allow manual handling of reject
> mail (i.e.
> > BK> SPAM ) ?
> > BK>
> > BK> Rafi Sadowsky wrote:
> > BK> >Hi Wietse
> > BK> >have you considered allowing adding an option for
> accepting "bad"
> > BK> >mail ( 3'rd party relay , RBL & such ) so that the
> entire mail is
> > BK> >accepted & stored/forwarded to the postmaster for
> manual handling
> > BK> >while this may seem excessive for large sites
> > BK>
> > BK> Not at all if you have a way to make it selective. I call it
> > BK> "quarantine". It's invaluable for confidence building and for
> > BK> debugging. It's also a huge help where a spam and
> false positive
> > BK> might both trap on the same rule. I have a client who
> uses it at a
> > BK> 30,000+/day site. He obviously doesn't quarantine
> everything, but
> > BK> I suggest a scenario something like the below.
> > BK>
> > BK> >I see two main uses for it
> > BK> >1) debugging spam deny lists - so that you can take a
> day ( or a
> > BK> >few ) to check if your rules are really blocking what you want
> > BK> >2) catching SPAM samples & 3'rd party test messages
> > BK> >in order to
> > BK> > a) build better rules to catch them
> > BK> > b) you can catch the spammers *real* account and
> complain to their ISP
> > BK> > when you catch their tests msgs for 3'rd party
> relay ( I do
> > BK> >this with Netscape mail + a filter for 3'rd party
> relay and am
> > BK> >contemplating an auto abuse complaint generator
> triggered from
> > BK> >procmail )
> > BK>
> > BK> In the infancy of spam busting at a site the admin is
> frequently
> > BK> (and with considerable justification) as worried about false
> > BK> positives as they are spam. I recommend bringing up
> the new tools
> > BK> with everything going to quarantine and then adjusting the
> > BK> ruleset. I use two characters to reverse the mindset
> (my approach
> > BK> is totally incompatible with a dbm ruleset). If the
> mindset is to
> > BK> quarantine everything, prefix the rule with a ! to
> reject. If the
> > BK> mindset is to reject, prefix with a ? to quarantine.
> Eventually
> > BK> the admin has the rules worked out such that they can
> switch from
> > BK> the quarantine to reject mindset and simply remove the !'s they
> > BK> used before and add some ?'s for the ones they want to
> examine by
> > BK> hand. My implementation makes this a lot easier than VMailer
> > BK> because my dequeuer looks for QUARANTINE on the first
> line of the
> > BK> receipt, but something similar could clue cleanup/qmgr
> to simply
> > BK> log and relocate the receipt to an inspection area. In
> my case,
> > BK> if the quarantine is legit, simply edit off the first line and
> > BK> drop it back into the queue and it will deliver. I'm not
> > BK> suggesting using the same approach, but the result can be
> > BK> immensely useful.
> > BK>
> > BK> >for debugging/transition/backup/etc.. 9 yes of course
> it raises
> > BK> >privacy issues - but root on a mail gateway can always
> > BK> >snatch/copy mail .. )
> > BK>
> > BK> I'm a privacy freak. I *HATE* looking at mail that
> isn't mine.
> > BK> I've had to get over that just a little to defeat the
> spammers.
> > BK> It isn't pretty, I don't like it, but the email world
> has gotten
> > BK> uglier.
> > BK> --
> > BK> Bill Kennedy | Beware of a fire and
> forget weapon that forgets
> > BK> | who fired it.
> > BK>
> >
> >
> > -
> > To unsubscribe, send mail to with
> content (not
> > subject): unsubscribe postfix-users
> >
> >
>
> -
> To unsubscribe, send mail to with
> content (not subject): unsubscribe postfix-users
>
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|