Managing spam

Hi All

I am using rt 3.2.3 on my https RT server and I am using rt-mailgate
on my mailserver separate from RT server. Every email first come into
my mailserver, processed through spamassassin (qmail+qmail-scanner+spamd+clamd…)
and dropped if detected as spam. Else piped into rt-mailgate and hence
pushed to the right queue. However, there are some spams that slipped
through the crack. I have a spam queue for users to drop those tickets
into that queue.

Now I like to setup a process, that can run through cron, to go the spam
queue can pickup the tickets including full leaders and process through
my spam learner–sitting in my mailserver–and then delete them from the
spam queue.

The hardest part here for me is to be able to grab the tickets with full
headers through a cronjob.

I was wondering if anyone can help me with some tips on “how to collect
a ticket from a queue with full header as a cronjob”.

Thanks for any tips/suggestion/guide

Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
"…there are two kinds of people: those who work and those who take the credit…try
to be in the first group;…less competition there." - Indira Gandhi

Asif Iqbal wrote:

I am using rt 3.2.3 on my https RT server and I am using rt-mailgate
on my mailserver separate from RT server. Every email first come into
my mailserver, processed through spamassassin (qmail+qmail-scanner+spamd+clamd…)
and dropped if detected as spam. Else piped into rt-mailgate and hence
pushed to the right queue. However, there are some spams that slipped
through the crack. I have a spam queue for users to drop those tickets
into that queue.

Myself, I’m using Postfix, amavisd (which runs spamassassin and clamav),
and Cyrus IMAP as the final repository. I decided to not send spam into
RT (where it’s detected as spam, anyway). Because I didn’t want to
risk losing legitimate e-mail, I configured + addressing for all my
users and RT queues. So, e-mail to real users that is spam goes to
user+spam@domain.ca. What I did to keep RT from getting spammed was to
set up aliases in /etc/aliases for each queue like

support: /usr/bin/rt-mailgate blah blah
support+spam: adminuser+spam

So, spam that is detected as spam gets delivered to adminuser’s spam
folder on the IMAP server, and a human can decide if it’s a user who
doesn’t know how to use the caps lock key, or if it’s really spam and
can get nuked. You could set up salearn to read the adminuser’s spam
for spam messages.

Now I like to setup a process, that can run through cron, to go the spam
queue can pickup the tickets including full leaders and process through
my spam learner–sitting in my mailserver–and then delete them from the
spam queue.

The hardest part here for me is to be able to grab the tickets with full
headers through a cronjob.

I was wondering if anyone can help me with some tips on “how to collect
a ticket from a queue with full header as a cronjob”.

Can’t help you there… most of my linux skills have been learned
through hard knock U + Google!

Best of Luck!

/Mike