Clarification of Spam Filter Policies in ISPConfig3

Discussion in 'Installation/Configuration' started by atjensen11, Aug 25, 2009.

  1. atjensen11

    atjensen11 New Member

    I am hoping to get some clarification on the spam filter policies settings within ISPConfig3. I have the default policies which are:

    Wants all spam
    Wants viruses
    Trigger happy

    Upon initial glance, there are a lot of red X icons showing. I am not sure if this is a good thing or a bad thing.

    I have some users that are complaining that they are receiving a higher number of spam emails on the new ISPConfig3 system than the previous system. The previous system was a Virtual user system on Ubuntu 8.04 LTS using a How To on this site.

    Is there a policy on the ISPConfig3 system that is similar to the system established in the virtual user How To that could be used as a default? Can someone explain they checks done by each setting? Would anyone be willing to share their other spam filter settings?
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The policys are the default ones from amavisd-new. So they are just examples that you can change to suit your needs. For detailed information on ecah option, please take a look at the amavisd-new documentation.

    If you receive more spam, just set the spam level to a lower value.
  3. atjensen11

    atjensen11 New Member

    OK, I will check the documentation and try to get up to speed.

    One last question regarding the policies...When I create the email domain, I leave the spam filter policy setting there as "-Not Enabled-". Then when I create the email account, I enable the spam filter policy "Normal".

    Users have stated that changing from "-Not Enabled-" to "Normal" at the email account level results in no discernable reduction of spam in their Inbox.

    Do I have to enable the spam filter policies at both the domain and account levels? What heirarchy applies? What are the rules that apply when spam filter policies are enabled at both levels? Does the more restrictive policy win out? Does the email account policy level always override the domain policy if configured?

  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The setting of the mailbox has priority over the domain. Please see amavisd-new documentation for details as this is all handled by amavisd-new and not ispconfig.
  5. atjensen11

    atjensen11 New Member

    OK. I have been doing a lot of reading on amavisd-new lately and studying the different settings within the ISPConfig3 spam filter.

    I have one email account in ISPConfig that is being targeted heavily for SPAM. Furthermore, this user forwards me every message that comes in with a note like "I got another one".

    Here is a header excerpt from one of these forwarded messages:
    X-Envelope-From: <[sanitized]@[sanitized].org>
    X-Envelope-To: <[sanitized]@[sanitized].org>
    X-Quarantine-ID: <pJdldNwoaAgB>
    X-Amavis-Alert: BAD HEADER SECTION Non-encoded 8-bit data (char A9 hex): From:
    	\251 VIAGRA \256 Offic[...]
    X-Spam-Flag: NO
    X-Spam-Score: 5.628
    X-Spam-Level: *****
    X-Spam-Status: No, score=5.628 tag=3 tag2=6.9 kill=6.9
    	tests=[DYN_RDNS_SHORT_HELO_HTML=0.287, HTML_IMAGE_ONLY_20=1.808,
    	HTML_IMAGE_RATIO_02=0.55, HTML_MESSAGE=0.001,
    Prior to receiving this email from the user, I had changed the spam filter policy to "Trigger Happy". The tag level settings for Trigger Happy are:

    SPAM Tag Level=3
    SPAM Tag2 Level=5
    SPAM Kill Level=5
    SPAM DNS Cutoff Level=0
    SPAM Quarantine Level=0
    SPAM Modifies Subject=Yes
    SPAM Subject Tag= [POSSIBLE SPAM Score=_SCORE_] -
    SPAM Subject Tag2= [SPAM SCORE=_SCORE_]-
    But these settings are reflected in the X Headers of the excerpt I posted. I haven't modified any of the amavisd-new configuration files manually. I assume these settings are stored in the DB. Where can I check to verify ISPConfig3 is storing the values correctly?
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    The settings are all written correctly, as you wont see them otherwise in ispconfig as amavisd and ispconfig read the same database table. Make sure that you have set:

    $final_spam_destiny = D_DISCARD;

    in amavaisd 50-user file in debian or amavisd.conf in other linux distributions if you want spam to be deleted when it reaches the kill level. Then restart amavisd.
  7. bluebirdnet

    bluebirdnet Member

    hi would be interesting to see this thread continue as I am also having issues with spam filtering and trying to grasp the whole amavisd-new and spamassissin and the configuration options in Ispconfig3.

    can anyone elaborate on the spam filter policy ? How can I improve them ?

  8. frogman

    frogman New Member HowtoForge Supporter

    Amavisd-Spamassassin-etc.. Overview

    I agree... I have searched the forums (always awesomely helpful, BTW) for some clarity on the interworkings of of the filter settings and have not found a good complete picture as I usually do.

    I'd be happy to put one together, but I don't understand it yet!

    If there is already something out there and I am missing it, please let me know.. What I think I, and others, are looking for is something that spells out how the settings work together, such as:

    1 - domain filter setting

    2 - user filter setting

    3 - What is Priority 1-10 and the slider really do in relation to the tag levels?

    4 - What happens to the emails at the various tag levels?- I for one am concerned about being too strict on SPAM scores and then a customer wanting an email from Quarantine and then finding it was actually deleted....

    5 - Map this info to the conf files that house the settings?

    Again - sorry if this is already out there, but I could not find it. If I can start to get the answers from the awesome members here, I would be more than happy to build the document for everyone. If its already started - somebody please point me to it..

    Thanks ALL, as always great help...
  9. falko

    falko Super Moderator ISPConfig Developer

    The settings for each of these levels are defined under Email > Spamfilter > Policy.
  10. latinsud

    latinsud New Member

    Just to make it clear, what happens I define a spam policy at the domain level but leave the user in "Not Enabled"?
    I think it follows the domain policy.

    But, then, isn't he label "Not Enabled" a little confusing? Shouldn't it read "Leave default", "Don't Override", "Not defined" or something like that?
  11. Ramm

    Ramm New Member

    Would like more info on this thread too...
  12. Jesse Norell

    Jesse Norell Well-Known Member

    You are correct in what it does, and that the label is inaccurate/misleading.

Share This Page