[esd-l] Need To Build Reports Of all Mail in mbox
wiskbroom at hotmail.com
Tue Jan 17 10:05:00 PST 2006
Thank you for your thoughts David, pretty much what I am looking to do plus.
Conceptualizing this is the easy part though ;-)
>From: "David Gilligan, NYFIX O'Seas" <dgilligan at nyfix.co.uk>
>To: "'Vadim Pushkin'" <wiskbroom at hotmail.com>, <esd-l at impsec.org>
>Subject: RE: [esd-l] Need To Build Reports Of all Mail in mbox
>Date: Tue, 17 Jan 2006 17:53:14 -0000
>Received: from linux.trinitech.co.uk ([18.104.22.168]) by
>bay0-mc12-f17.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Tue,
>17 Jan 2006 09:53:28 -0800
>Received: from wxpdg56 (w-xpdg-56.trinitech.co.uk [192.168.1.56])by
>linux.trinitech.co.uk (8.11.6/8.11.6.041) with ESMTP id k0HHrLG32335;Tue,
>17 Jan 2006 17:53:22 GMT
>Organization: NYFIX Overseas Inc
>X-Mailer: Microsoft Office Outlook, Build 11.0.6353
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
>Return-Path: dgilligan at nyfix.co.uk
>X-OriginalArrivalTime: 17 Jan 2006 17:53:29.0192 (UTC)
>One implementation I have seen - and use myself (only) for Virus reports -
>is to send all tagged SPAM/VIRUS/EXPLOIT mails to a
>separate mailbox and access that mailbox as an IMAP store. One ~could~ use
>one's normal mail client for this (and I do for the
>Virus reports) but in the 3rd-party implementation I describe, the system
>sent a reminder-mail once per week inviting the users to
>use a specially provided webmail client to check their SPAM box.
>There were internal-only 'HAM-for-sure' and 'SPAM-for-sure' mail addresses
>that users were requested to bounce their messages to.
>This worked for a 50 client installation so with your small site you should
>find this idea reasonably straight forward.
>The ?value? of this was that the sysadmin was spreading the load onto his
>users and they were pleased have an authority to be
>assisting in the clean-up process.
>From: esd-l-bounces at impsec.org [mailto:esd-l-bounces at impsec.org] On Behalf
>Of Vadim Pushkin
>Sent: 17 January 2006 16:50
>To: esd-l at impsec.org
>Subject: [esd-l] Need To Build Reports Of all Mail in mbox
>First, I'd like to thank Mr. Hardin for his work on this project and
>especially for ressurecting it.
>The amount of spam that I am capturing using bayes, spamassassin and/or the
>Sanitizer has grown to over 20,000 per day! this is the great news, the
>news is that I still find myself parsing through the spam mbox file that
>gets created (using procmail to redir). I still have to look at this
>mailbox for all email that was addressed to me and other legitimate email
>addresses (we have 12 email addresses that are valid, very small site).
>What I am hoping to achieve is to print out a report, one per user/email
>address, that would be sent showing the user who sent an email, when and
>what the subject was (it was already tagged as spam). If the user sees
>something that could possibly be ham, then that user would send me the
>report with a flag, or just an email stating that message #XXX from todays
>report is NOT spam, allowing me the opportunity to retrain spamass/bayes,
>then send this message back to the user.
>Does anyone have a similiar setup that they would like to share? I ca't be
>the only one with this problem :-)
>Thank you all,
>Vadim A. Pushkin
>esd-l mailing list
>esd-l at impsec.org
More information about the esd-l