SLUUG is now scanning incoming mail for spam with
- Mail with a very high spam score
is deleted without notification to you or the sender. The cutoff
is a score (also called "stars") of 11.0 or higher. Mail
with a lower score is delivered to your inbox, or forwarded as
requested by a .forward or .procmailrc file in your SLUUG home
directory. Quite a lot of spam will still get through the
system-wide deletion, and you will probably want to do your own
filtering using a .procmailrc in your SLUUG home directory, or
using options in your mail client. The high score was choosen so
it would delete a majority of the spam ith a very low probability
of valid mail being deleted by accident.
- It is still a good idea to do your own filtering using a .procmailrc
in your SLUUG home directory, or using
options in your mail client. You might find that almost everything over
a score of 2 or three is spam and send it to a separate mail folder.
You might use two levels, with 7 stars and higher goes to the bit
bucket while 2 through 6 goes to a folder for review.
Of course, you might also decide to have your filter silently
delete spam so you aren't bothered by it at all.
- No Microsoft virus scanning is being done.
- We are currently configured not to scan outgoing mail. That is,
mail we generate locally will not be scanned for spam so it will not
have a SpamAssassin score. Mail that is received by SLUUG and forwarded
to another system is scanned when it is received.
Modifications to incoming mail:
- Three headers are added to each message. For example:
X-SLUUG-MailScanner-SpamCheck: not spam, SpamAssassin (score=2.112,
required 5, ALL_TRUSTED -2.82, AWL -2.52, BODY_8BITS 1.50,
DIET_1 0.36, DRUGS_ANXIETY 0.00, DRUGS_ANXIETY_EREC 0.00,
DRUGS_ERECTILE 0.03, DRUGS_SLEEP 0.11, DRUGS_SLEEP_EREC
2.72, INFO_TLD 0.48, LONGWORDS 2.26)
- The X-SLUUG-MailScanner-SpamCheck header has the numeric score
assigned by SpamAssassin with a low or negative number indicating the
message is probably not spam and a high positive number indicating
the message probably is spam. It also contains the words "not
spam" or "spam" depending on whether the score is
below or above a threshold, which is currently a score of 5.
The numeric score is followed by details on which tests contributed
to the score and the value they contribute. Tests that weren't
triggered are not listed. This header is blank if mail was not
scanned by us.
- The X-SLUUG-MailScanner-SpamScore header has a number of "stars",
that are actually the lower case letter "s", representing the
spam score. The maximum number of stars is 60, even if the score
is higher. This header doesn't appear if the score is less than
- The X-SLUUG-MailScanner-From header basically repeats the normal
From: header and is mostly used for internal tracking by MailScanner.
You can normally ignore it.
- No changes are being made to the Subject:, From:, or To: of messages.
- The current scanning is being done on mail as it is received by SLUUG.
The configuration is system-wide for all users, you can't specify your
own SpamAssassin or MailScanner configuration files or databases used
for Bayesian, white/black list, etc. You also can't set the score
used to mark a message as spam or not, but can ignore that marking
and just use the numeric score in your filter, such as procmail,
to determine your own level for the dividing line(s).
- Design any filters you use to continue to work if the the spam related
headers are not in mail or change format.
- Don't configure any filter to send spam back to the "sender".
Most return addresses in spam are now forged so attempting to reply
will either fail or be sent to an inocent individual whose address
was used without permission. Just throw spam away instead of
trying to return it to the "sender".
- Large e-mails will not be scanned since they take too long to scan and
few large messages are spam. Currently the limit is 30kB.
- The scanning and marking options are subject to change.