Page 1 of 1

Spam Trap

Posted: 27 Jul 2017 11:15
by efa-user
I have a number of addreses and even whole domains where i do not ever expect to receive any valid mails, would it be possible to add the ability to nominiate these as 'spam traps' whereby all mail received is fed into SA using 'sa-learn --spam' either before or after the normal scanning takes place?

ie something like what is described in the section titled "SA-Lean script coupled with Spam Trap" on this page:

https://freedif.org/improve-spamassassi ... spam-trap/

Thanks

Re: Spam Trap

Posted: 12 Sep 2018 15:04
by BruceLeeRoy
I was searching for a similar feature. there are several email accounts that were closed over 10 years ago on my mail server that are still getting hammered. I have blacklisted them in EFA to cut down on backscatter and excessive traffic to and from the mail server. I occasionally go through the logs and mark them as spam in sa-learn. It would be nice to automate this process or even setup spam traps on domains that I manage. Thinking spammers might realize spam traps exist on my domains might also cut down on spam they send to my domains?

Re: Spam Trap

Posted: 14 Sep 2018 11:53
by BruceLeeRoy
Actually I just found that you can run a filter for your spam trap then click "Message Operations" where you can flag the whole page of results to learn as spam.

Re: Spam Trap

Posted: 08 Oct 2019 11:08
by benscha
Hi Guys

i have scripted a small solution that will be started by a cron job.

you need a file with your spamtrap addresses (one per line) and read this in the script.

Code: Select all

#Read a File with some Spamtrap Addresses and extracts information from maillog

while read sender
do
grep $sender /var/log/maillog >>/tmp/autolearn_spam_raw
done < /scripts/spamtrap_addresses #File with your Spamtrap Adresses


 
#gets the message ID from the last output
 
grep ': Message' /tmp/autolearn_spam_raw | awk '{print $7 >"/tmp/autolearn_spam"; }'

#set date for spam path
d=`date +%Y%m%d`


#sa-learn the specific mails
while read mail
do
sa-learn --spam /var/spool/MailScanner/quarantine/$d/spam/$mail --progress
done < /tmp/autolearn_spam



rm -rf /tmp/autolearn_spam
rm -rf /tmp/autolearn_spam_raw
enjoy it...

Re: Spam Trap

Posted: 15 Oct 2019 18:39
by shawniverson
Awesome 8-)

Re: Spam Trap

Posted: 15 Mar 2023 06:39
by gpeter73
Does not work on my system.
The File "/tmp/autolearn_spam" wasn't created.

Code: Select all

grep ': Message' /tmp/autolearn_spam_raw | awk '{print $7 >"/tmp/autolearn_spam"; }'
I use CentOs 8

benscha wrote: 08 Oct 2019 11:08 Hi Guys

i have scripted a small solution that will be started by a cron job.

you need a file with your spamtrap addresses (one per line) and read this in the script.

Code: Select all

#Read a File with some Spamtrap Addresses and extracts information from maillog

while read sender
do
grep $sender /var/log/maillog >>/tmp/autolearn_spam_raw
done < /scripts/spamtrap_addresses #File with your Spamtrap Adresses


 
#gets the message ID from the last output
 
grep ': Message' /tmp/autolearn_spam_raw | awk '{print $7 >"/tmp/autolearn_spam"; }'

#set date for spam path
d=`date +%Y%m%d`


#sa-learn the specific mails
while read mail
do
sa-learn --spam /var/spool/MailScanner/quarantine/$d/spam/$mail --progress
done < /tmp/autolearn_spam



rm -rf /tmp/autolearn_spam
rm -rf /tmp/autolearn_spam_raw
enjoy it...

Re: Spam Trap

Posted: 20 Jul 2023 16:03
by freyuh
This should work:

Code: Select all

#Read a File with some Spamtrap Addresses and extracts information from maillog
while read sender
do
grep $sender /var/log/maillog | grep postfix/cleanup >>/tmp/autolearn_spam_raw
done < /scripts/spamtrap_addresses #File with your Spamtrap Adresses


#gets the message ID from the last output
cat /tmp/autolearn_spam_raw | awk '{print $6; }' | sed s/:// >/tmp/autolearn_spam

#set date for spam path
d=`date +%Y%m%d`


#sa-learn the specific mails
while read mail
do
if [ -f "/var/spool/MailScanner/quarantine/$d/nonspam/$mail" ]; then
  sa-learn --spam /var/spool/MailScanner/quarantine/$d/nonspam/$mail --progress
fi
done < /tmp/autolearn_spam



rm -rf /tmp/autolearn_spam
rm -rf /tmp/autolearn_spam_raw