Can't discard spam messages on arrival using Sieve filters
-
@robi said in Can't discard spam messages on arrival using Sieve filters:
@d19dotca is it something about the spam folder?
That's for Cloudron team to confirm. I can't say for sure, but yes it certainly seems related to the spam folder itself. If I had to guess, I think the Spam sieve or rules are overriding any of the custom user sieve filters.
can you have spam messages drop in a different folder?
Not that I've been able to do so far but like I said, I haven't tried every possibility. Doesn't seem worthwhile to test every possibility when none of the other ones get to me what I want in my particular use-case anyways. I've done a ton of troubleshooting for various issues, this week I'm a bit tired out. Maybe I'll do more testing next week sometime to get a better picture, but regardless of that I can say for certain that my use-case is not working correctly and I'm pretty certain it's because any user Sieve filters are overwritten by a particular Spam sieve or MTA rule with a higher priority.
can you match on something else in the header and get a log message or indication it did?
As I noted earlier, I can make a rule that works correctly to redirect only non-spam using the sieve filter mentioned in the first comment, so sieve filters definitely work on any message headers including the Spam header when it comes to rules other than discard. Redirect works, for example. But I cannot use the Discard rule apparently on any spam messages.
can you leave the spam in the inbox and discard from there?
It doesn't appear so, no. That's why I suspect this whole thing is being caused by a higher priority Sieve filter or MTA rule that is forcing the message into the Spam folder. There isn't a way that I'm aware of to prevent spam from entering the designated Spam folder and stay in another folder like the inbox for example. This is another reason I'm pretty sure this is all because of a higher priority rule that's preventing any Sieve filters from changing the placement (including discarding completely) any identified spam messages.
can MTA be configured to not deliver spam at all?
That's ultimately what I wanted to some extent. Unfortunately there's no way to prevent spam from being delivered to a mailing list, so that's what led me to consider using mailboxes instead with the sole use-case of redirecting only non-spam and deleting all mail (regardless of spam or not) after it was processed, but no-dice. Wasted a lot of time unfortunately making all these changes and testing. I am one step ahead in the sense that spam isn't forwarded anymore and only non-spam is, but one step back in the sense that now I'm using disk space to store a lot of spam from certain users who receive a ton of it (like talking most days 20-40+ messages a day of just spam because they have a publicly listed email address which has been used for nearly a decade or longer).
does Sieve only work on inbox?
This is a possibility but again, the Cloudron team really needs to confirm this as I am not a programmer so sifting through the code in their Git repo only gets me so far unfortunately. It's their design (whether intentional or not).
-
FWIW, I've tried with a general "discard all" after the redirect, but still no-dice which is why I'm certain this is to do with some rule taking a higher priority when it comes to messages marked as spam.
# rule:[Discard messages after redirect complete] if true { discard; }
So in my case, the full Sieve file looks like this right now, but still not working to remove any spam messages:
# rule:[Redirect non-spam messages] if allof (not header :contains "x-spam-status" "Yes") { redirect "<clientExternalEmailAddress>"; } # rule:[Discard messages after redirect complete] if true { discard; }
-
@robi oh okay, so you’re saying to make a rule that tells all incoming mail to go to a particular new folder then run the other sieve filters on that new folder? I can try later I guess, I’m doubtful that’ll work because that’s kind of the issue… whatever exists that makes spam go to the Spam folder is overwriting everything else, basically completely bypassing Sieve filters. I’ll try when I can though (likely next week, I’m going to be away for the next few days after tomorrow).
-
@d19dotca Just got around to looking into this. This doesn't work because the mail server processes spam messages using dovecot's
sieve_before
flag - https://doc.dovecot.org/settings/pigeonhole/#plugin-sieve-setting-sieve-before . You can check the/app/dovecot-config/sieve_before/spam-move.sieve
script in the mail container which is moving X-Spam-Flag into the Spam folder. Because the filter below is run before user messages, your filters don't work. This also makes it easy for the end user to not worry about processing spam messages when writing filters, so I think the default behavior is good.require ["fileinto","mailbox"]; if header :contains "X-Spam-Flag" "YES" { fileinto "Spam"; stop; }
For the original use case of discarding all spam for forwarding mailboxes, this is the default behavior in next release.
-
@girish said in Can't discard spam messages on arrival using Sieve filters:
so I think the default behavior is good.
As a default I think so too, but whilst the spam protection in Cloudron is reliable, sometimes the end user wants / needs to be able to filter spam messages directly It would therefore be good to have a simple way of filtering mails to discard spam selectively rather than just having all SPAM go to the SPAM folder. Mails with a SPAMASSASSIN score of over 20, for example, do not need to be saved anywhere, but those with a score of 7 or 8 could in theory be false positives so would warrant 'quarantining' rather than discarding altogether. The same applies to certain sender addresses and subjects.
This does not need to be something defined in webmail clients per domain, but could be a server-wide setting similar to the custom spamassassin rules.
-
@girish said in Can't discard spam messages on arrival using Sieve filters:
For the original use case of discarding all spam for forwarding mailboxes, this is the default behavior in next release.
Do you mind just expanding on this a bit more? What is a "forwarding mailbox" in your terms? Are you referring to the other feature request I had about mailing lists having an option to not forward messages identified as spam? If so, that's great! But now I will have to go back to the mailing list functionality I had moved away from a couple weeks ago, haha, but that's all good. If I've misunderstood what you mean by "forwarding mailbox" though, please clarify.
-
Any update on this? Ideally it would be nice to be able to define a custom spam assassin rule to instantly discard mails with certain criteria. I see persistent SPAM in the event log with easily identifiable criteria I would like to discard before it hits a mailbox but at the moment all I can do is give it a score of 100 so it is always marked as SPAM.
Whilst we can prevent mailservers with specific IPs or ranges from delivering mails via the firwall, this does not work for hostnames. That would be another way of stopping persistent spamming domains.
-
-