From: "Patrick Sneyers" <cgpsa-discuss@mail.tffenterprises.com>
Received: from bulckens.com ([91.183.137.138] verified)
  by mail.tffenterprises.com (CommuniGate Pro SMTP 6.1.7)
  with ESMTPS id 19440690 for cgpsa-discuss@mail.tffenterprises.com; Tue, 29 May 2018 08:02:14 -0700
Received-SPF: pass
 receiver=mail.tffenterprises.com; client-ip=91.183.137.138; envelope-from=patrick@bulckens.com
Received: by bulckens.com (CommuniGate Pro PIPE 6.2.4)
  with PIPE id 2705859; Tue, 29 May 2018 17:02:01 +0200
X-ExtScanner: Niversoft's AddFooter filter
Received: from [192.168.252.57] (account trikke@bulckens.com HELO [192.168.252.57])
  by bulckens.com (CommuniGate Pro SMTP 6.2.4)
  with ESMTPSA id 2705856 for cgpsa-discuss@mail.tffenterprises.com; Tue, 29 May 2018 17:01:54 +0200
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
Subject: Re: [CGPSA] Delivering spam to Junk mailbox of each recipient
Date: Tue, 29 May 2018 17:01:54 +0200
References: <list-19440351@mail.tffenterprises.com>
To: CGPSA Discussion List <cgpsa-discuss@mail.tffenterprises.com>
In-Reply-To: <list-19440351@mail.tffenterprises.com>
Message-Id: <B3A32D41-8331-44E2-92AA-F4287119C816@bulckens.com>
X-Mailer: Apple Mail (2.3445.6.18)


>>>>>=20
>>>>> I have a system-wide rule which delivers all recognized spam =
addressed to all domains and recipients to one centralized spam folder =
(of an account created exclusively for this purpose) for temporary =
storage and teaching SpamAssassin=E2=80=99s bayes filter.
>>>>>=20
>>>>> I=E2=80=99m considering changing my strategy to having a per-user =
spam folder instead. I=E2=80=99m thinking this could, at the very least, =
empower the users to actually receive these messages and manage possible =
false positives.
>>>>>=20
>>>>> Does anyone have any experience or insights about the strengths =
and weaknesses of alternate handling strategies?
>>>>>=20
>>>>> What would be the best way to implement this? Do I just need to =
make a =E2=80=99Store In=E2=80=99 domain-wide rule for each domain =
instead of the single system-wide rule I have now?
>>>>>=20
>>>>=20
>>>> You can use this option in cgpsa.conf (line 552 in my file), and =
keep using the server wide rule.
>>>=20
>>> Ahh=E2=80=A6I had forgotten about that. Thanks for the reminder! :)
>>>=20
>>> So, here=E2=80=99s my current server-wide processing rule. Do I just =
need to delete the =E2=80=99Store In=E2=80=99 action and tweak the =
cgpsa.conf dma settings?
>>>=20
>>> Subject is *SPAM-PALVELIN*
>>> Header Field is X-Spam-Flag: YES*=20
>>>=20
>>> Add Header
>>> 	X-Spam-Global: YES
>>> Write To Log
>>> 	Spam (GLOBAL) Detected
>>> Store In
>>> 	~spam/Junk-SpamAssassin
>>> Discard
>>=20
>> After setting dma in cgpsa.conf (and restarting extfilter), you can =
disable that rule completely. Just keep the one above, with the =
"ExternalFilter =3D  cgpsa" action.
>=20
> =E2=80=9D=E2=80=A6the one above=E2=80=9D?
>=20


In a setup like your's, we typically have a minimum of two Server Wide =
Rules ("the one above" is the high priority one, the one that actually =
fires CGPSA).

- Priority 9: run "cgpsa"
	- source	not in	authenticated
	- any Route 	is	LOCAL*
	Action =3D ExternalFilter CGPSA

- Priority 8: Ditch High scoring SPAMS
	- Header Field		in	X-Spam-Level: +++++++++*
	Action =3D Discard

- Priority 7: Put lower scoring SPAMS somewhere for review/sa_learn, =
whatever
	- Header Field		in	*X-Spam-Level: ++++*
	Action =3D Store In	~/spam/folder
	Action =3D Discard

Now,
In a DMA enabled solution, I typically just use the first rule.
CGPSA takes care of dropping any message tagged as spam into the user's =
Junk folder.
You don't need rules to evaluate any headers added by SA or by the =
highest priority rule.


BTW,
These are the headers my SA puts in

SPAM
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on =
mail.bulckens.com
X-Spam-Level: +++++++++
X-Spam-Status: Yes, score=3D9.5 required=3D4.8 autolearn=3Dno

HAM
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on =
mail.bulckens.com
X-Spam-Status: No, score=3D-1.6 required=3D4.8 autolearn=3Dno

BTW2
/etc/mail/spamassassin/local.cf, on how I like my SA headers

#	_______________ First we clear all headers
clear_headers

#	_______________ Put headers back in the way we like them
add_header spam Level _STARS(+)_
add_header all Status _YESNO_, score=3D_SCORE_ required=3D_REQD_ =
autolearn=3D_AUTOLEARN_

# 	_______________ add complete report - debug only
# add_header all Report _REPORT_

#	_______________ rewrite subject
rewrite_header Subject SPAM -- =20

#   _______________ Save spam messages as a message/rfc822 MIME =
attachment instead of
#   _______________ modifying the original message (0: off, 2: use =
text/plain instead)
report_safe 0



=09



------------------------------------------------------------------------=09=

zwartopwit.be - Drukkerij Bulckens
http://www.zwartopwit.be
Beestig drukwerk van A tot XXL

Industriezone Herentals
Grensstraat 9, 2270 Herenthout
+32 (0) 14 28 58 78
------------------------------------------------------------------------