E-Mail forwarding policy

[Simon Niechzial]

I would like to start some discussion about the current e-mail forwarding policy and problems that arise from it.

 

Current situation

Forwarding is done by postfix and the mail_virtual table. There is a mapping from local-address -> destination.

mysql> select id,email,destination from mail_virtual where destination like '%t-online.de';
+----+--------------------------+-----------------------------------------------------+
| id | email                    | destination                                         |
+----+--------------------------+-----------------------------------------------------+
|  5 | some@domain.com          | some@t-online.de                                    | 

 

Problem

The problem with that is, that e-mail is forwarded, regardless of any other filter rules that might exist in Sieve. Especially SPAM is forwarded regardless of the spamassassin scoring.

 

spamd: result: Y 16 - RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RCVD_IN_XBL,RDNS_DYNAMIC,SPF_HELO_NEUTRAL,TRACKER_ID,URIBL_JP_SURBL,URIBL_WS_SURBL scantime=0.2,size=912,user=spamd,uid=10009,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=55632,mid=<FB42B745.860CF341@gmail.com>,autolearn=spam
[...]
postfix/smtp[4856]: *********: to=<some@t-online.de>, orig_to=<some@domain.com>, relay=mx01.t-online.de[194.25.134.72]:25, delay=0.14, delays=0.02/0.01/0.04/0.07, dsn=5.7.0, status=bounced (host mx01.t-online.de[194.25.134.72] said:
550-5.7.0 Message considered as spam or virus, rejected 550-5.7.0 Your IP: ********* 550-5.7.0 Mailhost: mailin06.aul.t-online.de 550-5.7.0
[...]

 

Proposal

I would suggest to use Sieve even for Froxlor-controlled forwarding. That would give you the option to not forward SPAM by putting a blocking-rule on top of the rule-list.

 

require ["fileinto"];
# rule:[spam rule]
if anyof (header :contains "X-Spam-Flag" "YES")
{
       fileinto "Junk";
       stop;
}
[...]
# rule:[test forward]
elsif anyof (true)
{
       redirect "simon@niechzial.de";
}

 

What do you think about this? What could be pitfalls?

[arnoldB]

Hey thanks for your post. My experience in this subject is very small so why don't you report this issue in the bugtracker at http://bugs.froxlor.org/ ? You can login there with your login data here.

[Simon Niechzial]

Hi arnoldB,

 

[..] why don't you report this issue in the bugtracker at http://bugs.froxlor.org/ ? [...]

 

thanks for your suggestion. The Bug can be found here: http://bugs.froxlor.org/view.php?id=303

 

Bye,

Simon

[wese]

One Comment on the thing.

For me i turned off all scanning of alias email-addresses all together, because you can expect the destination email address to have an filter anyway.

Also it can be pretty load intensive.

 

Another note, wouldn't your rule cause it to store spam mails in the junk of an alias account? I don't know for you'r pop/imap server but for alias's accounts i usually have no storage allocated and no login is possible.

 

-wese

[Simon Niechzial]

Hi wese,

 

Another note, wouldn't your rule cause it to store spam mails in the junk of an alias account? I don't know for you'r pop/imap server but for alias's accounts i usually have no storage allocated and no login is possible.

 

you're right, my proposed solution only works for real accounts with allocated mail storage. But forwarding of spam should be avoided. Do you have any suggestions? How do other providers handle that?

 

 

Bye,

simon

[Scarya]

Well, you can never be 100% sure if a mail really is spam.

If you now drop mails which maybe contains important data, the user doesn't even know that there's a mail missing.