Spam Control at CCRMA

From CCRMA Wiki
Revision as of 16:45, 29 September 2008 by Carrlane (Talk | contribs)

Jump to: navigation, search

Welcome to CCRMA's Spam fighter homepage. Having a 'Spam Free' inbox is a requires vigilence on everyone's part. In the text below, we'll describe what you can do to minimize your Spam.

Spam control programs

All incoming email to CCRMA is filtered through two programs. Spam is handled by Spamassassin and virus detection is handled through ClamAV. All emails are piped automatically through these two programs before they reach your Inbox. Spamassassin uses many tests to assign a score to all emails. If the score is high enough, the email is rejected to the sender and you will never see it. If an email passes that first hurdle it is delivered to your mailbox through a program called procmail. Your account already contains a procmail configuration file (.procmailrc, located in the highest level of your CCRMA home directory) that discards emails with a Spamassassin score of 5 or more. The rules that Spamassassin uses to rate email messages are updated regularly.

You can further tune what it does by following the instructions below.

The Default .procmailrc

The .procmailrc file is located in the top level of your home directory and is a 'hidden' file (because of the dot in the file name). You can check if it is there by typing at the terminal command line:

~> ls -a | grep procmail

You can view the file by typing (from the top level of your home directory):

~> less .procmailrc

If you are a new user and still have not modified this file you should see this:

# CCRMA default procmail email filter v1.20
# directory where mailboxes are located, this is the default 
# used by pine and other email clients

### optional: run spamassassin a second time if you have a custom
#             configuration in ~/.spamassassin/user_conf (by default
#             all incoming email is processed by spamassassin)
#| spamc

### score >= 5 is considered spam and discarded
* ^X-Spam-Level: \*\*\*\*\*

### optional: redirect false bounce messages to MAILDIR/bounces
#             if activated this should take care of backscatter spam
#* ^X-Spam-Status:.*ANY_BOUNCE_MESSAGE.*

### optional: forward your email and keep a local copy
#:0 c
#! <your_account>@<somewhere_else>

### optional: forward your email
#! <your_account>@<somewhere_else>

This file is key in your Spam control effort. True, it's a bit technical, but taking a moment to understand what is happening here will not only keep unwanted emails from appearing in your Inbox, but will allow you to further configure Spamassassin if you wish, and to set email forwarding to another email account.

.procmailrc Breakdown (looking at each section)

Each section of this file serves an important purpose. Note that any line that begins with a '#' is 'commented out' and will not be read by the procmail system. If the line has '###', it means that these are text comments and not code, and should be left alone, and not removed. Further, almost every line in the default .procmailrc file is already commented out, meaning that only two parts are operational by default:


Sets the default mail directory in your home directory. This is the same directory that we recommend for IMAP:


Spam Score Threshold

Sets your local threshold for spam messages that are to be discarded (or more accurately: sent to /dev/null, aka. permanently deleted). Remember, that Spamassassin has already rejected messages which are most certainly Spam ( >= score 10), but this setting allows you to delete messages of a lower score. The default is 5 (or '\*\*\*\*\*' which stands for 5 stars). You can raise or lower the threshold by editing this section of .procmailrc:

### score >= 5 is considered spam and discarded
* ^X-Spam-Level: \*\*\*\*\*
This configuration permits
to compare portions of each email header received against this rule containing \*\*\*\*\*. See a short explaination of email headers below [Spam_Control_at_CCRMA#Email_Headers_and_Spamassassin].

SpamAssassin Per User Configuration

Configuring SpamAssassin on a per user basis requires some advanced knowledge (Writing your own rules), which will be the focus of another wiki page some day. But essentially, if you feel like you want to study the SpamAssassin rules and weight them differently, emphisizing some over others you can do it by uncommenting:

### optional: run spamassassin a second time if you have a custom
#             configuration in ~/.spamassassin/user_conf (by default
#             all incoming email is processed by spamassassin)
| spamc

This enables a second instance of SpamAssassin called spamc to process your incoming messages again, based on your modified weights set out in ~/.spamassassin/user_conf, where ~/ means your home directory.



To forward email to another account, you have two choices forwarding (keep a local copy) and forward (do not keep a local copy). CCRMA recommends that unless you have a good reason to do so, should choose to forward (do not keep a local copy). In order to enable forwarding, just uncomment (by removing the #) either option like you see below, but not both.

Forward Keeping a Local CCRMA Copy

### optional: forward your email and keep a local copy
:0 c
! <your_account>@<somewhere_else>

Forward Without Keeping a Local CCRMA Copy

### optional: forward your email
! <your_account>@<somewhere_else>

Email Headers and Spamassassin

SpamAssassin will run each email through its filter (filter rules are updated frequently to reflect new spam 'threats'). SpamAssassin adds several lines to your email header's. When viewing your email in your email client, you normally only see an abbreviated header which shows the 'From:', 'To:', 'Date:' and 'Subject:' lines, but you can select elect to see the full headers as well. The lines added by SpamAssassin to your (normally hidden) email header include:


For now, let's look at X-Spam-Level since it is on this line, that you will create filter's in your email client. If you take a look at the header you'll see one line that looks like this:

X-Spam-Level: *****

X-Spam-Level display's Spam Level using the asterisk. Here, or example, for 'Spam Level 5' with 5 asterisks.

The idea then, is to establish email filter's, filtering on the asterisk, in your email client which, directing these messages into more manageable folder's or to delete the message automatically (wise for Spam Level 5 or above, where the risk of false positives is very low).

For new accounts we now add this to your .procmailrc file which automatically deletes email messages with an X-Spam-Level greater than 5:

# score >= 5 is considered spam
* ^X-Spam-Level: \*\*\*\*\*

A good idea is to filter any messages with Spam Level between 3-5 to an email folder so you can check it periodically. That, too, can be done with .procmailrc by adding this:

# divert emails tagged with 3 or more stars to a directory
* ^X-Spam-Level: \*\*\*

Since any email with a rating of >=5 asterisks has been deleted, then any message with 3 or 4 asterisks will be routed to a directory called ~/mail/spam3 in your home directory. This directory should also be viewable by your email client so you can check it periodically.

Email Forwarding