[SOLVED] Score system understanding

F

facyber

New Member
Sep 9, 2020
23
5
3
Hello community,

Currently we are in process on moving our current setup to the Proxmox Mail Gateway, and so far everything seems to be good. On this forum I found quite a number of good threads for improving spam filtering and security (like that PMG Harden thread/github repository). I also saw that filtering based on email body is not officially supported by the PMG, but it works with custom Spamassassin rules (at least first tests worked well).

Now in order to do fine tunning and finalize some task, I have questions regard PMG score system for the mails that are making some confusion for me. Did I understood correctly that Spamassassin score is not the same as PMG score system, that you can configure in web interface? When I check the logs of the mails and I see SA Score 1/5, that is not the same as Spam Level 1 in PMG Web UI?

The thing is that in the current setup we have the following methodology:
  • Mails with the SA score 0-6 are not treated as a spam.
  • Mails with the SA score 6 - 10 are treated as a spam and they are delivered but with the changed subject informing the client it is a spam.
  • Mails with the SA score higher than 10 are not delivered.

How can I apply our score system to the PMG? I've read the admin guide but can't find anything specific for how is it scoring system working. By default setup I see that mails with score 3 are marked as spam and put in quarantine. Is there some formula to calculate this?

I hope I explained well issue I have, and in case not, feel free to ask additional questions and I will provide as much information as I can.

Cheers!
 
facyber said:
Did I understood correctly that Spamassassin score is not the same as PMG score system, that you can configure in web interface? When I check the logs of the mails and I see SA Score 1/5, that is not the same as Spam Level 1 in PMG Web UI?
Click to expand...
PMG's Spam Level is exactly the SpamAssassin score of a mail.

facyber said:
The thing is that in the current setup we have the following methodology:
  • Mails with the SA score 0-6 are not treated as a spam.
  • Mails with the SA score 6 - 10 are treated as a spam and they are delivered but with the changed subject informing the client it is a spam.
  • Mails with the SA score higher than 10 are not delivered.
Click to expand...
create 2 rules with fitting priority:
* rule 1: What Object: Spam level 6, Action Object: Modify Spam Subject (direction In (or In & Out depending on your setup))
* rule 2: What Object: Spam level 10, Action Object Block

disable other rules which have a Spam level What Object

test the setup

I hope this helps!
 
Hi Stoiko,

Thanks for explanation, I am glad then that PMG's SL is same as SA, that helps a lot. :)

One more question regard the second part of your answer. If I create rule What Object: Spam level 6, wouldn't that block only level 6 spam? Or will it block anything with 6 or higher, and then I use rule 2 as you explained to stop the rule 1 and do another action based on spam level?

Cheers!
 
facyber said:
If I create rule What Object: Spam level 6, wouldn't that block only level 6 spam? Or will it block anything with 6 or higher
Click to expand...
it will match anything with level 6 or higher.

facyber said:
and then I use rule 2 as you explained to stop the rule 1 and do another action based on spam level?
Click to expand...
the second rule won't stop the first rule - the first rule simply changes the subject of all mails with a spam score of 6 or higher - if it is higher than 10 it subject still gets modified, but the second rule will ensure that it gets blocked.

In other words - a mail is processed by the rule-system until it matches one of the 3 final actions: Accept, Block, Quarantine (the default being accept if no rule triggers one of those 3 actions)

I hope this explains it.
 
  • Like
Reactions: facyber
So last question(s) is/are, if I want to set to send all non-spam mails for use (0-6 level) to some BCC mail, along with the previous mentioned rules I would have something like this?

rule 1: What Object:Spam level 0, Action: bcc to example@mail.com
rule 2: What Object: Spam level 6, Action Object: Modify Spam Subject
rule 3: What Object: Spam level 10, Action Object Block


How will my rule know that on level 6+ it should send bcc mail, as I understood, What Object:Spam level 0 means 0 and above levels, so that include level 6,7 and 10 and so on.
 
I believe I found ruling system that works, and I noticed mistakes in my last comment. So these are the rules set by priority from highest to lowest:

* Block spam level 10 (What objects: Spam Level 10)
* Quarantine spam level 6 (What objects: Spam Level 6)
* BCC and send to original recipient (Action: BCC to mail, What Objects: Spam level 0)

I have tested this rule set and it seems it does what we need. Will perform a couple of more tests tomorrow, and if everything works as expected, I will mark this therad as solved.

Cheers and thanks for the help!
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom