Jump to content

SpamCop blocklist and local SpamAssassin configuration


wkrick

Recommended Posts

Posted

According to the SpamCop FAQ...

http://spamcop.net/fom-serve/cache/331.html

How do I set up SpamAssassin to work with SpamCop?

It is recommended the default settings in SpamAssassin be:

skip_rbl_checks 1

required_hits 10

auto_report_threshold 30

rewrite_subject 0

report_header 1

use_terse_report 1

defang_mime 0

spam_level_stars 0

You can set the required_hits at your comfort level.

Spamcop will not have any problems with this, and yet you will still get all of the details you need (as headers) to see why a given message was tagged. You should also be sure you are running spamassassin -F0 or something like that if you are running spamc/spamd, since otherwise the FROM: line will be rewritten.

Does anyone know what version of SpamAssassin these settings are intended for?

Also, I'm not 100% sure what some of the settings do, or why they would be preferred by SpamCop.

Digging around the SpamAssassin Wiki, I'm not finding a lot of these settings.

Posted

According to the SpamCop FAQ...

http://spamcop.net/fom-serve/cache/331.html

Does anyone know what version of SpamAssassin these settings are intended for?

Also, I'm not 100% sure what some of the settings do, or why they would be preferred by SpamCop.

Digging around the SpamAssassin Wiki, I'm not finding a lot of these settings.

For SpamCop email (each SpamCop email user has individual control over this) ?

SpamAssassin set at 5 (you can put it up or down according to effectiveness. 5 works for most)

All email that scores 5 or more just gets put in your Very Easy Reporting (VER) folder which after you confirm it is spam, has SpamCop contact all competent ISP's sending the spam of a security problem

Check all blocklists (the Countrywide ones don't work in SpamCop email. The others do)

Your personal Whitelist overrides all blacklists/blocklists

If you wish to say allow all email from Australia with an address ending in au, you just put au in your whitelist box.

To specifically whitelist say, petzl[at]ozziieozzieozzie.com.au you need the whole address unless you already have au in your whitelist. Or you can have anyone from that domain whitelisted by just putting in ozziieozzieozzie.com.au

You can reverse the affect by doing this with your personal blacklist (whitelist still overrides this list)

You then should activate your Greylist (stops BOT spam which is 98% of all spam) which only allows competent email servers through. Again your whitelist overrides the Greylisting and all other spam detectors

Posted

For SpamCop email (each SpamCop email user has individual control over this) ?

I think you misunderstood my post. I am not a SpamCop email user. I have my own personal VPS server and I am using the SpamCop blocklist bl.spamcop.net along with SpamAssassin.

The FAQ page I reference in my first post is concerning people in my situation and doesn't apply to people using SpamCop email accounts.

Posted

I think you misunderstood my post. I am not a SpamCop email user. I have my own personal VPS server and I am using the SpamCop blocklist bl.spamcop.net along with SpamAssassin.

The FAQ page I reference in my first post is concerning people in my situation and doesn't apply to people using SpamCop email accounts.

I thought that was maybe the case. 5 seems to be the best figure 4 will catch more spam but the lower the figure the more the "false positives". Whatever blocking you use will generate false positives. You will need a whitelist and a possible "spam folder" to send rejected mail to. Then why bother Gmail can do it competently for you at a cheap price?

Posted
Does anyone know what version of SpamAssassin these settings are intended for?

Also, I'm not 100% sure what some of the settings do, or why they would be preferred by SpamCop.

Those settings are apparently designed to produce more-or-less "standardized" and simple raw email format for the benefit of the SC Reporting system. Are you trying to tweak your system for the purpose of having it report spam to SpamCop, or are you instead looking to tweak it to better block/filter spam, including the use of the SCBL? If the latter, then you can pretty much ignore those settings, as I'm pretty sure they're designed for the former purpose (and, because they lack anything in the way of explanation/documentation/notes, they're not all that helpful in the first place).

For example, the "skip_rbl_checks 1" wouldn't help you in preventing spam from reaching inboxes, as it tells SpamAssassin *not* to check the IP address of the incoming connections agains RBLs. The "rewrite_subject 0" disables the rewriting of Subject lines, as the SpamCop reporting system would prefer to receive the Subjects as originally formulated. The "defang_mime 0" is to keep SA from "defanging" (in which SA would change the Content-type: header of suspected spam to "text/plain"), and from what I've just read in search results, some of those other settings on that page are deprecated, replaced by other commands from more recent versions of SA.

You have a VPS, so perhaps you have access to the WHM/cPanel management system as well? If so, you may have a fairly simple form-based access to tweak the SA settings for your MTA (is your server using Exim?). On a VPS using Exim, you'd have an "Exim Configuration Editor" in the "Service Configuration" portion of your WHM, where you can set the SA options, including choosing whether or not to use any RBLs (which are "off" by default). Actually, for filtering purposes, I prefer to use only "zen.spamhaus.org" and not "bl.spamcop.net," in that I've found that the SCBL produces too many false positives, but YMMV.

Send me a PM if you'd like any of my other settings, assuming that your VPS setup resembles mine.

DT

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...