Sharing custom SpamAssassin Rules
-
Still tons you can do by looking at how then usernames are structured. Many underscores or dashes, long ones, more numbers than letters, etc.
@robi Yes! I've noticed a pattern. No numbers though, at least for the gmail ones. It's first lastname+one random letter@gmail. Non-gmail addresses do have multiple numbers at the end with the same first last name format.
-
@humptydumpty Happy to try to find a possible pattern and rule using AI. Post the gmail addresses if you want me to try.
@crazybrad Here are some that showed up in the recent logs.
enchantedjewelsjpr@gmail.com dzamoludinh@gmail.com chcbpcgi@gmail.com nellefredrickson@gmail.com generalcontact555@gmail.com somnathmaity9292@gmail.com khadijaaa242@gmail.com alisa17217@gmail.com dayalray11199@gmail.com sanjocaleb259@gmail.com sajidsad044@gmail.com orcfgoyorlr@gmail.com liis1757@gmail.com conslt.khange@gmail.com obonsidibe2022@gmail.com ashuuindarkar2001@gmail.com finn.baseestimation1@gmail.com pankaj7323946133@gmail.com susan83imbing@gmail.com nqewirghmna@gmail.com -
@murgero said in Sharing custom SpamAssassin Rules:
@d19dotca does this just go into email -> Spam Filter -> Custom Spam Assassin Settings?
Yes, it goes right there. Basically from the Mail page > Spam filtering > Custom Spamassassin Rules box.
You can copy & paste the entire thing, but do note a few items just in case:
- You will need to likely remove the
blocklist_fromorwelcomelist_fromlines unless you have emails to place in those two sections already, I left those there just for an example. - If you want to use the DNSBLs from Abusix then you'll need to use your own API key (it's free for under 5,000 queries per day averaged over 7 days, it seems to work great and I highly recommend it).
The rest though you can basically copy & paste directly. Of course YMMV as they say, but this list works pretty well for me, or at least is a noticeable improvement over the rule tweaks I was using last year.
- You will need to likely remove the
-
@d19dotca great and thanks! for abusix I just have to put in the api key without <>, right?
Done but don't get queries shown in the dashboard (though I sent some mails).
Using zen.spamhaus.org as DNSBL@sponch said in Sharing custom SpamAssassin Rules:
@d19dotca great and thanks! for abusix I just have to put in the api key without <>, right?
Done but don't get queries shown in the dashboard (though I sent some mails).
Using zen.spamhaus.org as DNSBLThat’s correct, no angle brackets. The full URL to use is shown in the Abusix dashboard but it’s really just the API key plus the subdomain parts.
I didn’t see queries until the following day I think, if I’m remembering correctly. So maybe give it another day or two? Also maybe make sure you don’t have any spaces or blank characters in the DNSBL just in case that’s throwing off the DNS queries to it.
Also I saw you mentioned that you didn’t see on the dashboard “though [you] sent some mails”… just to clarify, the queries will be done when you receive mail rather than send mail. I’m sure you knew that, but just in case, I thought I should clarify that part.
If you don’t see anything in a couple of days on the dashboard then let me know, and I can try to help. If it’s set correctly in Cloudron though then it could be something more on the Abusix side, maybe something needs to get confirmed or activated first (I don’t remember having to do that though but I’ve been using it for a while so I can’t remember the full on-boarding workflow).
-
7 days recap after applying your rules.
I believe not one spam mail has hit my spam folder or inbox so far.
normally I'd get ~20x+ spam mails a day since my Inbox also redirects my old legacy mailboxes from web.de which have been leaked and abused over and over again.I must say, this feels very good.
-
@humptydumpty So I asked my favorite tool for some help on your list of "bad Gmail actors" and here is a detailed analysis for your consideration: https://www.perplexity.ai/search/please-review-the-attached-gma-BjXGrt4qR_er6c45dse5Vw .
I found myself curious as to whether those email addresses even exist. Unfortunately Gmail does not have a "finger" API and there are limited options within Spam Assassin for handling this directly. There were some ideas on combining Spam Assassin's rule-based tagging with a Sieve filter. Here are the details for your consideration: https://www.perplexity.ai/search/does-gmail-have-the-ability-to-jePfq628TDeod5jDVoYU2Q
-
@humptydumpty So I asked my favorite tool for some help on your list of "bad Gmail actors" and here is a detailed analysis for your consideration: https://www.perplexity.ai/search/please-review-the-attached-gma-BjXGrt4qR_er6c45dse5Vw .
I found myself curious as to whether those email addresses even exist. Unfortunately Gmail does not have a "finger" API and there are limited options within Spam Assassin for handling this directly. There were some ideas on combining Spam Assassin's rule-based tagging with a Sieve filter. Here are the details for your consideration: https://www.perplexity.ai/search/does-gmail-have-the-ability-to-jePfq628TDeod5jDVoYU2Q
@crazybrad That was an interesting read! I'm going to test the gmail spam rules and see how it goes. I'll add my gmail based clients to the whitelist to be on the safe side though. TYVM!
-
7 days recap after applying your rules.
I believe not one spam mail has hit my spam folder or inbox so far.
normally I'd get ~20x+ spam mails a day since my Inbox also redirects my old legacy mailboxes from web.de which have been leaked and abused over and over again.I must say, this feels very good.
@BrutalBirdie still get them in my spam folder but at least not in my inbox
