Newbie questions...

General eFa discussion
Post Reply
plumbington
Posts: 3
Joined: 05 Mar 2015 21:08

Newbie questions...

Post by plumbington »

Forgive the silly questions, but I seem to be unclear on a few concepts regarding EFA:

- Does EFA require a user account for every incoming email address in the domain protected, or are EFA user accounts uniquely for admin use?
- I see elsewhere in the forums, that it possible to have EFA validate destination email addresses against an LDAP directory before accepting an inbound message; is this a one time import, or is it an ongoing, real-time validation?
- How/where are RBL set (i.e. can we check the sending server's IP against zen.spamhaus.org et al?
- Is there any way to quickly build a working ham/spam database, or is this something that gets built only by users clicking on the "this is spam" link at the bottom of incoming messages?
- Is there any documentation that outlines the flow if inbound message processing (i.e. greylist before/after RBL before/after SPAM check, etc...)

Sorry for the very basic questions, but I couldn't find the answers anywhere.

Thanks in advance for your answers!
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Newbie questions...

Post by shawniverson »

Does EFA require a user account for every incoming email address in the domain protected, or are EFA user accounts uniquely for admin use?
No, EFA does not require a user account for every user. Users that do not have an account cannot manage their own quarantine.
I see elsewhere in the forums, that it possible to have EFA validate destination email addresses against an LDAP directory before accepting an inbound message; is this a one time import, or is it an ongoing, real-time validation?
It is a common misconception that EFA's user database in mysql also does validation. User validation must be done in postfix, and can be accomplished manually or with a cron script.
Is there any way to quickly build a working ham/spam database, or is this something that gets built only by users clicking on the "this is spam" link at the bottom of incoming messages?
That's what the bayesian database is for, and yes, you will need to "train" it either manual or with a corpora of spam/ham using the sa-learn command.
Is there any documentation that outlines the flow if inbound message processing (i.e. greylist before/after RBL before/after SPAM check, etc...)
No, but this is a great idea. I may draw up a flowchart. :D
plumbington
Posts: 3
Joined: 05 Mar 2015 21:08

Re: Newbie questions...

Post by plumbington »

No, EFA does not require a user account for every user. Users that do not have an account cannot manage their own quarantine.
OK, so do I understand correctly that a single admin can control the quarantine for all the users in that domain? How much of a load would this be for the admin?

Would it be possible then to adjust the "spamminess" of mail to only quarantine the very worst spam, even if this means letting some thru?

The upside of not creating accounts for all users is ease of use for them, but what is the downside?
It is a common misconception that EFA's user database in mysql also does validation. User validation must be done in postfix, and can be accomplished manually or with a cron script.
OK. This still seems to be an awkward process. Doesn't postfix have a way to automatically validate inbound recipients using either an separate SMTP connection to the downstream server, or using an LDAP lookup to check the email address before accepting an inbound message? Is this possible with EFA?

Are all of postfix's configs contained in /etc/postfix?
That's what the bayesian database is for, and yes, you will need to "train" it either manual or with a corpora of spam/ham using the sa-learn command.
Can the ham corpus be developed by routing all outbound mail thru EFA and using that as an input to sa-learn? Ideally this would be an ongoing process, improving the ham database with every outbound message.

Do users that don't have an account get the "this is spam" link on their mail?

Other that clicking on the "this is spam" link, how does the spam corpus get built?
No, but this is a great idea. I may draw up a flowchart.
I'm really looking forward to your flowchart as I'm a bit lost as to exactly what app is doing what in EFA. I found this site that describes a MailServer setup using LDAP that has a pretty good diagram to start with. http://acidx.net/wordpress/2014/06/inst ... roundcube/

Thanks in advance for answering these very newbie questions.
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: Newbie questions...

Post by pdwalker »

Have a look at the mailscanner document on page 24 of the MailScanner User Guide and Training Manual at http://www.mailscanner.info/files/MailScanner-Guide.pdf

It contain's a flowchart that should be mostly correct for EFA (since EFA is based on Mailscanner). Also keep in mind that the MTA (postfix) may be doing some other checks before accepting any mail.
plumbington
Posts: 3
Joined: 05 Mar 2015 21:08

Re: Newbie questions...

Post by plumbington »

@pdwalker

This is a big help understanding how mail is passed thru EFA.

Thanks very much.

For reference, here is a link to that image: https://www.dropbox.com/s/ufufj7iasvyxn ... t.png?dl=0
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: Newbie questions...

Post by pdwalker »

Keep in mind that it doesn't show where SQLGrey goes which I believe is part of the MTA process at the very start.
Post Reply