Mark email as spam

[learjet3204]

so when a spam email does get through to you inbox. How do you go tell the gateway it was spam so it learns? I can find the messages in the tracker but there is nothing there to tell it SPAM or NOT SPAM. thanks

 

[heutger]

Copy the full message source to the PMG, use sa-learn --spam filename to learn spam or sa-learn --ham filename to learn ham. Once you reached 200 spams and 200 hams (hams is easier as some are autolearned, just check, if no spam is learned as ham automatically), bayes filter will start to work and add scores for ham and spam. Otherwise try e.g. multirbl.valli.org to check, if any blacklists are hit, you should consider to add to the DNSBL setting or to your SpamAssassin custom config for additional tagging.

Maybe look at my advancing thread for additional enhancements.

 

[learjet3204]

when you say copy it to PMG... where am I supposed to place it? I am running the zen.spamhaus.org for DNSBL. I did up my WHAT object to level 2.

 

[heutger]

It's your choice, you should only store the file anywhere on the filesystem and then perform a sa-learn, after that, you can delete the file again. So I would use /tmp or the roots or any other users home directory and delete it then.

zen.spamhaus.org is fine, but there are much more lists, you should consider. My set is:

zen.spamhaus.org*2 bl.spamcop.net*2 psbl.surriel.com*2 spamrbl.imp.ch*2 noptr.spamrats.com*2 escalations.dnsbl.sorbs.net*2 bl.score.senderscore.com*2 bl.spameatingmonkey.net*2 rbl.realtimeblacklist.com*2 dnsbl.dronebl.org*2 ix.dnsbl.manitu.net b.barracudacentral.org truncate.gbudb.net bl.blocklist.de sip.xxx.xxx sip24.xxx.xxx

The xxx.xxx are commercial lists, you get the FQDN on purchase from invaluement.

2 is a hard score, I use 5 and milter-reject at 7

For details you can read my advancing thread.