I can't use quarantine word in forum search
too many answers...
i need to know is there possibility to add specific email addresses to quarantine, forever ?
For example for email: all@domain.com -> move to quarantine (always) This would be to prevent spam or newsletters to send to all...
Also, some of users @domain.com are not allowed to send to all@domain.com.
quarantine
Re: quarantine
In short, no its not possible
As a long answer, why not just deny external mails to all@ on your mailserver?
As a long answer, why not just deny external mails to all@ on your mailserver?
Version eFa 4.x now available!
Re: quarantine
Or maybe create a custom spam assassin rule for it to automatically give it a high spam score? That'd get the message into quarantine, assuming you are saving your high spam scoring messages.
Why do you want to save the messages in quarantine?
Why do you want to save the messages in quarantine?
Re: quarantine
I have to tell You a little story...
My company (I work as IT ADMIN) has Symantec Mail Gateway (SMG) and it is great, we have everything that You can imagine but we would like to resign from SMG services because it costs about 8000EUR per year !
IN SMG manager, IT decides if there goes spam o not (for each email address all@), that is also to prevent internal users to use groups. Only "wanted" mail can go to groups, not all of them so Now we can stop unwanted emails (even if they are from inside of company).
I can share with You SMG capabilities, maybe we can together improve EFA
In my opinion EFA works great and it stop 95% of spam but SMG stops 99% and it is more configurable, i understand that EFA is for "free" but maybe we could upgrade EFA more and make 2 versions? For companies - payed (with support, VM's), for personal - for free (source). Did You think about it?
So my quarantine request is real problem that i will have to deal with if we decide to use Efa instead of SMG
My company (I work as IT ADMIN) has Symantec Mail Gateway (SMG) and it is great, we have everything that You can imagine but we would like to resign from SMG services because it costs about 8000EUR per year !
IN SMG manager, IT decides if there goes spam o not (for each email address all@), that is also to prevent internal users to use groups. Only "wanted" mail can go to groups, not all of them so Now we can stop unwanted emails (even if they are from inside of company).
I can share with You SMG capabilities, maybe we can together improve EFA
In my opinion EFA works great and it stop 95% of spam but SMG stops 99% and it is more configurable, i understand that EFA is for "free" but maybe we could upgrade EFA more and make 2 versions? For companies - payed (with support, VM's), for personal - for free (source). Did You think about it?
So my quarantine request is real problem that i will have to deal with if we decide to use Efa instead of SMG
Re: quarantine
Are you trying to selective block/quarantine internal users from sending messages, or stop external users from sending messages?
Re: quarantine
I'm trying to selective block/quarantine internal and external senders
Re: quarantine
It can be done, but not in a nice simple gui way.
Let me have a little think and see if I can come up with a working example.
Let me have a little think and see if I can come up with a working example.
Re: quarantine
Yes, it can be done using MCP.
Read the following threads:
1/ can we block and unblock using subject
2/ Using MCP to block offensive content
3/ if you want to be able to release the messages from quarantine, make sure to do this step.
MCP is essentially a second spamassassin filter that you can also use for blocking mail. MCP = Message Content Protection. Since it is really spamassassin in disguise, you'll need to write spamassassin rules to control what gets blocked.
Following the instructions in link 2/, I enabled the MCP quarantine and added the following rules to /etc/MailScanner/mcp/10_example.cf
(since it is just a test, I only targeted the subject)
Once I'd "service reload MailScanner", sending messages in, or sending messages out with that text in the subject would immediately be quarantined by MCP.
Viewing the quarantine shows the messages trapped, and I could "release" them to send them on their way, or delete them if I so wanted.
Modify your rules to meet your conditions (from/to headers, plus a score), See the link to writing spamassassin rules on how to do that: https://wiki.apache.org/spamassassin/WritingRules. Personally, I just look in /var/lib/spamassassin/3.*/updates_spamassassin_org/ directory at some of the existing rulesets and find one that meets my needs.
Is this ideal, or as nice and simple as SMG? No. However, there was mention of adding a gui interface for modifying the MCP rulesets in this thread.
Hope that helps.
Read the following threads:
1/ can we block and unblock using subject
2/ Using MCP to block offensive content
3/ if you want to be able to release the messages from quarantine, make sure to do this step.
MCP is essentially a second spamassassin filter that you can also use for blocking mail. MCP = Message Content Protection. Since it is really spamassassin in disguise, you'll need to write spamassassin rules to control what gets blocked.
Following the instructions in link 2/, I enabled the MCP quarantine and added the following rules to /etc/MailScanner/mcp/10_example.cf
Code: Select all
header MCP_TEST Subject =~ /MCP-test/i
describe MCP_TEST test banned subject
score MCP_TEST 10.0
Once I'd "service reload MailScanner", sending messages in, or sending messages out with that text in the subject would immediately be quarantined by MCP.
Viewing the quarantine shows the messages trapped, and I could "release" them to send them on their way, or delete them if I so wanted.
Modify your rules to meet your conditions (from/to headers, plus a score), See the link to writing spamassassin rules on how to do that: https://wiki.apache.org/spamassassin/WritingRules. Personally, I just look in /var/lib/spamassassin/3.*/updates_spamassassin_org/ directory at some of the existing rulesets and find one that meets my needs.
Is this ideal, or as nice and simple as SMG? No. However, there was mention of adding a gui interface for modifying the MCP rulesets in this thread.
Hope that helps.
Last edited by pdwalker on 02 Sep 2015 17:00, edited 1 time in total.
Re: quarantine
One more thing:
On my system, I cannot block mail sent from internal users to internal users because internal mail doesn't pass through EFA. I can only block mail between internal and external parties.
If all my clients were reconfigured to send SMTP mail via EFA instead of their mailserver, then I could block internal mail going to internal mail.
On my system, I cannot block mail sent from internal users to internal users because internal mail doesn't pass through EFA. I can only block mail between internal and external parties.
If all my clients were reconfigured to send SMTP mail via EFA instead of their mailserver, then I could block internal mail going to internal mail.
Re: quarantine
Like pdwalker mentioned in your case MCP could work.
For a commercial version there is an easy answer: No.
There is not intend to create an payed version, sure we welcome company's to help other users (even if they want to pay for it) but E.F.A. itself will alway's be free in all way's.
We use money we get from donations to pay for the bandwidth and testing servers and at-least 50% of all donations are shared with the opensource products that make E.F.A. (mailwatch, mailscanner, centos, pyzor etc...)
Sure there is a drawback to this the main one is that large company's require support, my philosophy for that is simple, if you need support or you need additional features then hire an developer to add the feature's you want, that way your feature's will be available for all E.F.A. users and you help out with the project itself making the product better.
For a commercial version there is an easy answer: No.
There is not intend to create an payed version, sure we welcome company's to help other users (even if they want to pay for it) but E.F.A. itself will alway's be free in all way's.
We use money we get from donations to pay for the bandwidth and testing servers and at-least 50% of all donations are shared with the opensource products that make E.F.A. (mailwatch, mailscanner, centos, pyzor etc...)
Sure there is a drawback to this the main one is that large company's require support, my philosophy for that is simple, if you need support or you need additional features then hire an developer to add the feature's you want, that way your feature's will be available for all E.F.A. users and you help out with the project itself making the product better.
Version eFa 4.x now available!