How can I configure Warden to not forward mail classified as spam in order to protect the mail servers reputation?

If you want to configure Warden to reject and not forward mail classified as spam or spammy you can use the instructions below.

1. Run the command below to add the entry to header_checks. This entry will tell postfix to check if the mail was previously flagged as spam and if so add an additional X-Already-Spam header:

warden --task=mailserver:checks --oper=header_add --pattern='/^X-Spam-Flag:\s+YES/' --action=PREPEND --text='X-Already-Spam: YES' --reload=yes

Important: A bug exists in the Postfix RPM packages provided by Plesk where it will revert any changes to the file /etc/postfix/header_checks every time the Plesk Postfix RPM packages are updated. Admins will have to re-run the command above after Plesk updates Postfix until bug ID PPPM-14712 is fixed.

2. Reset the server wide policy to enable the spam kill level if it is not already enabled:

warden --task=contentfilter:policy --default=yes

3. Add a header rule to check if the message was already classified as spam:

warden --task=antispam:rules --oper=rule_add --name='__IS_ALREADY_SPAM' --description='Mail is already classified as spam' --type=header --value='X-Already-Spam =~ /YES/i'

4. Add a header rule to check if the message is a redirect (Plesk applies Sender Rewriting Scheme (SRS) to redirects):

warden --task=antispam:rules --oper=rule_add --name='__IS_REDIRECT' --description='Mail is a redirect' --type=header --value='Return-Path =~ /^<SRS0=/i'

5. Add a meta rule to check if both rules from above match then apply a higher score so that the message is rejected:

warden --task=antispam:rules --oper=rule_add --name='REDIRECT_SPAM' --description='Mail is redirect spam' --type=meta --value='(__IS_REDIRECT && __IS_ALREADY_SPAM)' --score=20

6. Enable the shortcircuit plugin:

warden --task=antispam:plugins --Shortcircuit=1

7. Shortcircuit the REDIRECT_SPAM rule we added so that we do not process any other rules once it is matched. This will save on CPU usage and should disable autolearning for the redirects.:

warden --task=antispam:plugin:shortcircuit --shortcircuit='REDIRECT_SPAM spam' --reload=yes

Now any incoming mail that is classified as spam or spammy will trigger the REDIRECT_SPAM rule and for their forwards so they will be rejected and not leave the server.

Reject spam redirects

  • redirect, reputation, forward
  • 0 Uživatelům pomohlo
Byla tato odpověď nápomocná?

Související články

How can I change the interface language of the extension?

You can change the interface language under Settings -> Application Settings -> Locale...

How can I disable admin email notifications in Amavis?

Amavis has different default options for controlling where virus, spam, banned file attachments,...

How can I whitelist or blacklist a mail server from greylisting?

To Whitelist a Mail Server From Greylisting Navigate to Warden -> Settings ->...

How can I enable third party anti-virus signatures within Warden to improve the ClamAV detection rate?

Warden supports enabling third party anti-virus signatures to improve the detection rate. These...

How can I setup a local caching DNS resolver to speed up DNS queries used by Amavis?

Run the following command to check if local DNS caching is enabled: host -tTXT...