1 Topic by cvcvelo

  • cvcvelo
  • Member
  • Offline
  • Registered: 2014-06-16
  • Posts: 150

Topic: Blacklist spam on From: field

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: 11.0-RELEASE-p3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? Yes
- Related log if you're reporting an issue:
====

Can iRedMail / iRedAdmin Pro blacklist emails based on sender name, not email address?

In the past four weeks, we have seen a 4x increase in spam with the string "erotika" in the From: header. The email address changes, so adding each address to the blacklist does not help.

It is possible to write procmail filters that will automatically move these emails to users' Junk folders but (a) it would be better to reject than to accept them and (b) I am not sure if iRedMail trains itself based on Junk folder contents. Based on the past few weeks, I do not see the system getting smarter about this spam.

Thanks in advance for clues on fighting this spam.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: Blacklist spam on From: field

You can do this with Postfix "header_checks". FYI:
http://www.postfix.org/header_checks.5.html

3 Reply by cvcvelo

  • cvcvelo
  • Member
  • Offline
  • Registered: 2014-06-16
  • Posts: 150

Re: Blacklist spam on From: field

Thanks for this. I found a way to mark spam based on header contents in SpamAssassin, but this is better. Since it can discard or reject the message, there is no processing needed.

Does iRedMail inspecti spam in the Junk folders to train itself? If not enabled by default, can it do so?

Thanks again!