Discussion:
Sympa Anti-Spam
Garith Dugmore
2011-03-17 13:46:14 UTC
Permalink
Hello fellow Sympa users,

I'm trying to find more information on the anti-spam functionality of Sympa.

It mentions here -> http://www.sympa.org/manual/antispam that:
In version 6.1 a spam_status scenario is introduce not toe define what to do with a spam message but to qualify message as spam, ham or unsure. This scenario is selected by the sympa.conf (or robot.conf) parameter spam_status. This scenario can be used to test multiple message headers with regexp etc. It return 'ham', 'spam', 'unsure' or 'undefine'. Then this is the status of the message while processing it. In scenario this property can tested as [msg→spam_status] variable. Testing this variable in usefull mainly in send scenario.

I've tried setting spam_status with different options in sympa.conf but I don't seem to get any degree of success. I currently have installed:
ii sympa 6.1.1~dfsg-2 Modern mailing list manager

What I'd like at the end of the day is for sympa to either moderate or block emails with "X-Spam-Status: Yes" in their headers.

Any quick pointers on how to do this?
Thanks for a great piece of software,
--
Garith Dugmore
Senior System Administrator
South African Astronomical Observatory
and Southern African Large Telescope
John Roberts
2011-03-17 13:51:09 UTC
Permalink
Hello Garith,

I ended up creating a new send scenario file called send.public_nospam,
that contains:

title.gettext public list - no spam

match([header->X-Spam-Status],/Yes/) smtp -> reject,quiet
true() smtp,dkim,md5,smime -> do_it

Originally I had the action set to editorkey,quiet so I could moderate
the spam and allow good ones through, but after months of no good
messages, I changed it to reject,quiet.

Cheers, John Roberts
Post by Garith Dugmore
Hello fellow Sympa users,
I'm trying to find more information on the anti-spam functionality of Sympa.
In version 6.1 a spam_status scenario is introduce not toe define what to do with a spam message but to qualify message as spam, ham or unsure. This scenario is selected by the sympa.conf (or robot.conf) parameter spam_status. This scenario can be used to test multiple message headers with regexp etc. It return 'ham', 'spam', 'unsure' or 'undefine'. Then this is the status of the message while processing it. In scenario this property can tested as [msg→spam_status] variable. Testing this variable in usefull mainly in send scenario.
ii sympa 6.1.1~dfsg-2 Modern mailing list manager
What I'd like at the end of the day is for sympa to either moderate or block emails with "X-Spam-Status: Yes" in their headers.
Any quick pointers on how to do this?
Thanks for a great piece of software,
Dan Pritts
2011-03-18 02:13:36 UTC
Permalink
You need to create a scenario file for spam_status.your_spam_header_here, and then in sympa.conf set the spam_status config line to match your_spam_header_here.

Careful on your regular expression. If you are using spamassassin (possibly others), it uses the word baYES in the x-spam-status header. So everything matches "yes". You see what I did below. I submitted a bug on this, David said he would change the default spam_status config file to have a warning about this.

Here is what I have:

/etc/***@lists1% ls -l scenari/spam_status.x-spam-status
-r--r--r-- 1 root root 344 Aug 31 2010 scenari/spam_status.x-spam-status

/etc/***@lists1% cat scenari/spam_status.x-spam-status
title.gettext test x-spam-status header

match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> spam
true() smtp,dkim,md5,smime -> ham

/etc/***@lists1% grep spam_status *
sympa.conf:spam_status x-spam-status
Post by Garith Dugmore
Hello fellow Sympa users,
I'm trying to find more information on the anti-spam functionality of Sympa.
In version 6.1 a spam_status scenario is introduce not toe define what to do with a spam message but to qualify message as spam, ham or unsure. This scenario is selected by the sympa.conf (or robot.conf) parameter spam_status. This scenario can be used to test multiple message headers with regexp etc. It return 'ham', 'spam', 'unsure' or 'undefine'. Then this is the status of the message while processing it. In scenario this property can tested as [msg→spam_status] variable. Testing this variable in usefull mainly in send scenario.
ii sympa 6.1.1~dfsg-2 Modern mailing list manager
What I'd like at the end of the day is for sympa to either moderate or block emails with "X-Spam-Status: Yes" in their headers.
Any quick pointers on how to do this?
Thanks for a great piece of software,
--
Garith Dugmore
Senior System Administrator
South African Astronomical Observatory
and Southern African Large Telescope
Dan Pritts, Sr. Systems Engineer
Internet2
office: +1-734-352-4953 | mobile: +1-734-834-7224
Garith Dugmore
2011-03-28 09:38:57 UTC
Permalink
Hello,

I've tried what was recommended below but I still seem to be missing something.

What I have currently:

-----------------------------------------------------
# cat /etc/sympa/sympa.conf | grep spam
spam_status x-spam-status
-----------------------------------------------------

-----------------------------------------------------
# cat /etc/sympa/scenari/spam_status.x-spam-status
title.gettext test x-spam-status header

match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> spam
true() smtp,dkim,md5,smime -> ham
-----------------------------------------------------

After a restart of sympa I see the following in the logs while in debug mode:

-----------------------------------------------------
Mar 28 11:27:12 list sympa[26299]: debug Scenario::request_action() List::request_action spam_status,smtp,list.XXXX.XX.XX
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::new()
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::_parse_scenario() (spam_status, x-spam-status, list.XXXX.XX.XX)
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::new()
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::verify() (match([header->X-Spam-Status],/yes,/))
Mar 28 11:27:12 list sympa[26299]: debug3 Scenario::request_action() rule match([header->X-Spam-Status],/yes,/),smtp,spam accepted
Mar 28 11:27:12 list sympa[26299]: debug2 List::new() List::new(it, list.XXXX.XX.XX, )
Mar 28 11:27:12 list sympa[26299]: debug2 List::load() List::load(it, list.XXXX.XX.XX, )
-----------------------------------------------------

I also see below these entries that it sends the email to all the subscribers. I'd like all spam to be moderated for now. I've tried using "editorkey,quiet" but I get the same result.

To test I've used telnet on port 25 and ran something like:

-----------------------------------------------------
# telnet XXXXXX 25
Trying XXXXXXX...
Connected to XXXXXXXX.
Escape character is '^]'.
220 XXXXXXXX ESMTP Postfix
helo there
250 XXXXXXXX
mail from:<***@XXXXXXXX>
250 2.1.0 Ok
rcpt to:<***@XXXXXXXX>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
X-Spam-Status: Yes, test
Subject: Test - ignore
From:<***@XXXXXXXX>
To:<***@XXXXXXXX>
test

.
250 2.0.0 Ok: queued as 47F371120CD8
quit
221 2.0.0 Bye
-----------------------------------------------------

Any pointers will be greatly appreciated.

Cheers,

----- Original Message -----
Sent: Friday, 18 March, 2011 4:13:36 AM
Subject: Re: [sympa-users] Sympa Anti-Spam
You need to create a scenario file for
spam_status.your_spam_header_here, and then in sympa.conf set the
spam_status config line to match your_spam_header_here.
Careful on your regular expression. If you are using spamassassin
(possibly others), it uses the word baYES in the x-spam-status header.
So everything matches "yes". You see what I did below. I submitted a
bug on this, David said he would change the default spam_status config
file to have a warning about this.
-r--r--r-- 1 root root 344 Aug 31 2010
scenari/spam_status.x-spam-status
title.gettext test x-spam-status header
match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> spam
true() smtp,dkim,md5,smime -> ham
sympa.conf:spam_status x-spam-status
Post by Garith Dugmore
Hello fellow Sympa users,
I'm trying to find more information on the anti-spam functionality of Sympa.
In version 6.1 a spam_status scenario is introduce not toe define
what to do with a spam message but to qualify message as spam, ham
or unsure. This scenario is selected by the sympa.conf (or
robot.conf) parameter spam_status. This scenario can be used to test
multiple message headers with regexp etc. It return 'ham', 'spam',
'unsure' or 'undefine'. Then this is the status of the message while
processing it. In scenario this property can tested as
[msg→spam_status] variable. Testing this variable in usefull mainly
in send scenario.
I've tried setting spam_status with different options in sympa.conf
but I don't seem to get any degree of success. I currently have
ii sympa 6.1.1~dfsg-2 Modern mailing list manager
What I'd like at the end of the day is for sympa to either moderate
or block emails with "X-Spam-Status: Yes" in their headers.
Any quick pointers on how to do this?
Thanks for a great piece of software,
--
Garith Dugmore
Senior System Administrator
South African Astronomical Observatory
and Southern African Large Telescope
Dan Pritts, Sr. Systems Engineer
Internet2
office: +1-734-352-4953 | mobile: +1-734-834-7224
--
Garith Dugmore
Senior System Administrator
South African Astronomical Observatory
and Southern African Large Telescope
Dan Pritts
2011-03-28 19:46:54 UTC
Permalink
I just went back & reviewed the manual & my notes. This wasn't obvious to me when I first set it up, either, but it's right there in the manual.

I just modified the manual to make this more obvious, i would appreciate it if you reviewed it. it's a wiki, you can sign up for an account and modify the wiki.

http://www.sympa.org/manual/antispam

antispam_feature/spam_status just tells sympa how to determine whether a message is believed to be spam or not, but not what to do with spam messages.

IF a message is moderated for some other reason, then sympa treats spam messages specially.

if the send scenario for a list would let the message through to the list, the fact that it is tagged as spam does not change that.

So, to get your desired result, you have to do something with the send scenario too. If you want to have every spam-tagged message be moderated as spam, you can modify your send scenarios to have something like:

match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> moderate,quiet

There might be a way to check the sympa spam status in the scenario, that would be better. anyone know?
Post by Garith Dugmore
Hello,
I've tried what was recommended below but I still seem to be missing something.
-----------------------------------------------------
# cat /etc/sympa/sympa.conf | grep spam
spam_status x-spam-status
-----------------------------------------------------
-----------------------------------------------------
# cat /etc/sympa/scenari/spam_status.x-spam-status
title.gettext test x-spam-status header
match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> spam
true() smtp,dkim,md5,smime -> ham
-----------------------------------------------------
-----------------------------------------------------
Mar 28 11:27:12 list sympa[26299]: debug Scenario::request_action() List::request_action spam_status,smtp,list.XXXX.XX.XX
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::new()
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::_parse_scenario() (spam_status, x-spam-status, list.XXXX.XX.XX)
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::new()
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::verify() (match([header->X-Spam-Status],/yes,/))
Mar 28 11:27:12 list sympa[26299]: debug3 Scenario::request_action() rule match([header->X-Spam-Status],/yes,/),smtp,spam accepted
Mar 28 11:27:12 list sympa[26299]: debug2 List::new() List::new(it, list.XXXX.XX.XX, )
Mar 28 11:27:12 list sympa[26299]: debug2 List::load() List::load(it, list.XXXX.XX.XX, )
-----------------------------------------------------
I also see below these entries that it sends the email to all the subscribers. I'd like all spam to be moderated for now. I've tried using "editorkey,quiet" but I get the same result.
-----------------------------------------------------
# telnet XXXXXX 25
Trying XXXXXXX...
Connected to XXXXXXXX.
Escape character is '^]'.
220 XXXXXXXX ESMTP Postfix
helo there
250 XXXXXXXX
250 2.1.0 Ok
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
X-Spam-Status: Yes, test
Subject: Test - ignore
test
.
250 2.0.0 Ok: queued as 47F371120CD8
quit
221 2.0.0 Bye
-----------------------------------------------------
Any pointers will be greatly appreciated.
Cheers,
----- Original Message -----
Sent: Friday, 18 March, 2011 4:13:36 AM
Subject: Re: [sympa-users] Sympa Anti-Spam
You need to create a scenario file for
spam_status.your_spam_header_here, and then in sympa.conf set the
spam_status config line to match your_spam_header_here.
Careful on your regular expression. If you are using spamassassin
(possibly others), it uses the word baYES in the x-spam-status header.
So everything matches "yes". You see what I did below. I submitted a
bug on this, David said he would change the default spam_status config
file to have a warning about this.
-r--r--r-- 1 root root 344 Aug 31 2010
scenari/spam_status.x-spam-status
title.gettext test x-spam-status header
match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> spam
true() smtp,dkim,md5,smime -> ham
sympa.conf:spam_status x-spam-status
Post by Garith Dugmore
Hello fellow Sympa users,
I'm trying to find more information on the anti-spam functionality of Sympa.
In version 6.1 a spam_status scenario is introduce not toe define
what to do with a spam message but to qualify message as spam, ham
or unsure. This scenario is selected by the sympa.conf (or
robot.conf) parameter spam_status. This scenario can be used to test
multiple message headers with regexp etc. It return 'ham', 'spam',
'unsure' or 'undefine'. Then this is the status of the message while
processing it. In scenario this property can tested as
[msg→spam_status] variable. Testing this variable in usefull mainly
in send scenario.
I've tried setting spam_status with different options in sympa.conf
but I don't seem to get any degree of success. I currently have
ii sympa 6.1.1~dfsg-2 Modern mailing list manager
What I'd like at the end of the day is for sympa to either moderate
or block emails with "X-Spam-Status: Yes" in their headers.
Any quick pointers on how to do this?
Thanks for a great piece of software,
--
Garith Dugmore
Senior System Administrator
South African Astronomical Observatory
and Southern African Large Telescope
Dan Pritts, Sr. Systems Engineer
Internet2
office: +1-734-352-4953 | mobile: +1-734-834-7224
--
Garith Dugmore
Senior System Administrator
South African Astronomical Observatory
and Southern African Large Telescope
danno
--
Dan Pritts, Sr. Systems Engineer
Internet2
office: +1-734-352-4953 | mobile: +1-734-834-7224
Serge Aumont
2011-03-29 04:10:04 UTC
Permalink
Post by Garith Dugmore
Hello,
I've tried what was recommended below but I still seem to be missing something.
-----------------------------------------------------
# cat /etc/sympa/sympa.conf | grep spam
spam_status x-spam-status
-----------------------------------------------------
-----------------------------------------------------
# cat /etc/sympa/scenari/spam_status.x-spam-status
title.gettext test x-spam-status header
match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> spam
true() smtp,dkim,md5,smime -> ham
-----------------------------------------------------
-----------------------------------------------------
Mar 28 11:27:12 list sympa[26299]: debug Scenario::request_action() List::request_action spam_status,smtp,list.XXXX.XX.XX
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::new()
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::_parse_scenario() (spam_status, x-spam-status, list.XXXX.XX.XX)
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::new()
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::verify() (match([header->X-Spam-Status],/yes,/))
Mar 28 11:27:12 list sympa[26299]: debug3 Scenario::request_action() rule match([header->X-Spam-Status],/yes,/),smtp,spam accepted
This mean that the spam_status scenario is good it result of setting
msg→spam_status to 'spam'. So now you need to introduce a rule in the
send scenario used for your list that test this var

equal([msg->spam_status],'spam') smtp,md5,dkim,smime -> editotkey,quiet

Of course you may replace this by the following rule in send scenario :

match([header->X-Spam-Status],/yes,/) smtp,md5,dkim,smime -> editorkey,quiet


I thinkn this rule is missing.
Serge
Garith Dugmore
2011-03-29 08:11:26 UTC
Permalink
Hi All,

I've tried 2 different methods. Method 1 is successful and Method 2 not:

Method 1:
=========

--------------------------------------------
# cat /etc/sympa/sympa.conf | grep spam
#spam_status x-spam-status
--------------------------------------------
Note: "spam status" is commented out

--------------------------------------------
# cat /etc/sympa/scenari/send.public
title.gettext public list

match([header->X-Spam-Status],/yes,/) smtp -> editorkey,quiet
true() smtp,dkim,md5,smime -> do_it
--------------------------------------------

Method 2:
=========

--------------------------------------------
# cat /etc/sympa/sympa.conf | grep spam
spam_status x-spam-status
--------------------------------------------

--------------------------------------------
# cat /etc/sympa/scenari/spam_status.x-spam-status
title.gettext test x-spam-status header

match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> spam
true() smtp,dkim,md5,smime -> ham
--------------------------------------------

--------------------------------------------
#cat /etc/sympa/scenari/send.public
title.gettext public list

equal([msg->spam_status],'spam') smtp,md5,dkim,smime -> editorkey,quiet
true() smtp,dkim,md5,smime -> do_it
--------------------------------------------

Serge, did I miss something in Method 2?

----- Original Message -----
Sent: Tuesday, 29 March, 2011 6:10:04 AM
Subject: Re: [sympa-users] Sympa Anti-Spam
Post by Garith Dugmore
Hello,
I've tried what was recommended below but I still seem to be missing something.
-----------------------------------------------------
# cat /etc/sympa/sympa.conf | grep spam
spam_status x-spam-status
-----------------------------------------------------
-----------------------------------------------------
# cat /etc/sympa/scenari/spam_status.x-spam-status
title.gettext test x-spam-status header
match([header->X-Spam-Status],/yes,/) smtp,dkim,smime,md5 -> spam
true() smtp,dkim,md5,smime -> ham
-----------------------------------------------------
-----------------------------------------------------
Mar 28 11:27:12 list sympa[26299]: debug Scenario::request_action()
List::request_action spam_status,smtp,list.XXXX.XX.XX
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::new()
Mar 28 11:27:12 list sympa[26299]: debug2
Scenario::_parse_scenario() (spam_status, x-spam-status,
list.XXXX.XX.XX)
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::new()
Mar 28 11:27:12 list sympa[26299]: debug2 Scenario::verify()
(match([header->X-Spam-Status],/yes,/))
Mar 28 11:27:12 list sympa[26299]: debug3 Scenario::request_action()
rule match([header->X-Spam-Status],/yes,/),smtp,spam accepted
This mean that the spam_status scenario is good it result of setting
msg→spam_status to 'spam'. So now you need to introduce a rule in the
send scenario used for your list that test this var
equal([msg->spam_status],'spam') smtp,md5,dkim,smime ->
editotkey,quiet
match([header->X-Spam-Status],/yes,/) smtp,md5,dkim,smime ->
editorkey,quiet
I thinkn this rule is missing.
Serge
--
Garith Dugmore
Senior System Administrator
South African Astronomical Observatory
and Southern African Large Telescope

SAAO Telephone: +27 21 447 0025
Direct Line: +27 21 460 6296
Ext: 4004
SAAO Website: http://www.saao.ac.za
SALT Website: http://www.salt.ac.za
Jabber: gar_I_th-***@public.gmane.org
MSN: garithd-***@public.gmane.org
Skype: garith5512
Loading...