Mercury Suggestions
Filter wish: Suppress autoreplies and broadcasts

Oh yes - I forgot about that small detail. BLAT is set to use our ISP's SMTP server for sending. I set the "outgoing" address as noreply@treverton.co.za and, of course, that address does not exist. I do see the SMTP server trying to deliver all of the failure messages to Mercury, but of course, they are never accepted.

The message that gets sent is:

Treverton has a very strict policy on unsolicited commercial email or SPAM.
Due to some wording or other part of your message to a user at treverton.co.za, your message was classified as SPAM and deleted.
You may resend your message with the code “jKx58Fq” appearing somewhere in the Subject line in order to ensure delivery.
You may also contact the IT Manager at postmaster@treverton.co.za, remembering to place the code “jKx58Fq" in the Subject line, and ask for your address to be whitelisted.

The other detail I omitted to mention: When my script parses a messages classified as SPAM but cannot find a local addressee in the headers, the message is saved in an "Orphans" folder. About 10 messages end up there every day, mostly "lottery winners" and "419" letters. Maybe 1 or 2 per day are send via a mailing list and I then have to go to the MercuryS logs and check the date and time and find out who the message was intended for. I then move the messages from the Orphans folder to the user's mail folder and add the sender to the whitelist.

 

<p>Oh yes - I forgot about that small detail. BLAT is set to use our ISP's SMTP server for sending. I set the "outgoing" address as noreply@treverton.co.za and, of course, that address does not exist. I do see the SMTP server trying to deliver all of the failure messages to Mercury, but of course, they are never accepted.</p><p>The message that gets sent is:</p><p>Treverton has a very strict policy on unsolicited commercial email or SPAM. Due to some wording or other part of your message to a user at treverton.co.za, your message was classified as SPAM and deleted. You may resend your message with the code “jKx58Fq” appearing somewhere in the Subject line in order to ensure delivery. You may also contact the IT Manager at postmaster@treverton.co.za, remembering to place the code “jKx58Fq" in the Subject line, and ask for your address to be whitelisted. The other detail I omitted to mention: When my script parses a messages classified as SPAM but cannot find a local addressee in the headers, the message is saved in an "Orphans" folder. About 10 messages end up there every day, mostly "lottery winners" and "419" letters. Maybe 1 or 2 per day are send via a mailing list and I then have to go to the MercuryS logs and check the date and time and find out who the message was intended for. I then move the messages from the Orphans folder to the user's mail folder and add the sender to the whitelist. </p><p> </p>

About 90% of our incoming mail is spam now. Spamhalter handles that very well.

A mayor pain in the neck however are the autoreplies that people send: most of the time they bounce, and end up in my (postmaster's) and the user's mailbox as a Delivery failure. For me about 500 per day in the holiday season, which makes it all but impossible to spot the real problems.

How nice would it be if I could write a filter rule like 'if headers contain "spam detected" suppress autoreply'. By the way, this corresponds to 'move to original adressees'.

I figure more people will have the same problem. Are there solutions I overlooked?

Bart

<P>About 90% of our incoming mail is spam now. Spamhalter handles that very well. </P> <P>A mayor pain in the neck however are the autoreplies that people send: most of the time they bounce, and end up in my (postmaster's) and the user's mailbox as a Delivery failure. For me about 500 per day in the holiday season, which makes it all but impossible to spot the real problems.</P> <P>How nice would it be if I could write a filter rule like 'if headers contain "spam detected" suppress autoreply'. By the way, this corresponds to 'move to original adressees'.</P> <P>I figure more people will have the same problem. Are there solutions I overlooked?</P> <P>Bart</P>

Step 1: Do you really want the "Send copies of all errors to postmaster" to be turned on? I have it turned off, and find that I am very quickly made aware of problems by users.

Step 2: I don't let any messages that Spamhalter has marked as spam actually reach the users and thus trigger an autoreply. What I do is have Mercury archive ALL mail. (I have a script that sorts about 1500 messages per day into daily folders which I archive to DVD on a monthly basis.)

A policy in Mercury then runs a  batch file which checks for an anti-spam signature string, eg "jKx58Fq" and the "SPAM DETECTED" header. If it contains the signature string then it is ignored (ie delivered to the user). If it contains the "SPAM DETECTED" header, but no signature then a) it is logged in a file with the date, time, addresses, sender, subject line and size and b) a script sends an email to sender (via a command-line mailer called BLAT, because using Mercury for the message would cause the address to be Whitelisted) telling him or her that their message has been deleted because of suspected SPAM, but inviting them to resend their message with the antispam signature). If the message had the "SPAM DETECTED" header but no signature, then the policy triggers Mercury to delete the message.

The final step is that at 00h01 every morning a batch file sends a message from the postmaster to each local user who was sent a deleted SPAM message  giving them the log entries for the previous day and instructing them to check their list and inform me if they need any of the messages recovered.

This system has been running for about 6 months here at our school. We have about 600 students and staff and the number of requests for recovery are down to 3 or 4 per day. These are most commonly where a user has signed up on a web site or joined a mailing list. It takes less than a minute to then recover that message from the archive and add the sending address to SpamHalter's whitelist.


 

<p>Step 1: Do you really want the "Send copies of all errors to postmaster" to be turned on? I have it turned off, and find that I am very quickly made aware of problems by users.</p><p>Step 2: I don't let any messages that Spamhalter has marked as spam actually reach the users and thus trigger an autoreply. What I do is have Mercury archive ALL mail. (I have a script that sorts about 1500 messages per day into daily folders which I archive to DVD on a monthly basis.)</p><p>A policy in Mercury then runs a  batch file which checks for an anti-spam signature string, eg "jKx58Fq" and the "SPAM DETECTED" header. If it contains the signature string then it is ignored (ie delivered to the user). If it contains the "SPAM DETECTED" header, but no signature then a) it is logged in a file with the date, time, addresses, sender, subject line and size and b) a script sends an email to sender (via a command-line mailer called BLAT, because using Mercury for the message would cause the address to be Whitelisted) telling him or her that their message has been deleted because of suspected SPAM, but inviting them to resend their message with the antispam signature). If the message had the "SPAM DETECTED" header but no signature, then the policy triggers Mercury to delete the message.</p><p>The final step is that at 00h01 every morning a batch file sends a message from the postmaster to each local user who was sent a deleted SPAM message  giving them the log entries for the previous day and instructing them to check their list and inform me if they need any of the messages recovered. </p><p>This system has been running for about 6 months here at our school. We have about 600 students and staff and the number of requests for recovery are down to 3 or 4 per day. These are most commonly where a user has signed up on a web site or joined a mailing list. It takes less than a minute to then recover that message from the archive and add the sending address to SpamHalter's whitelist.</p><p>  </p>

A very clever setup, thank you for sharing it.
If I understand it correctly though, it will only work if you have the error copies to the postmaster turned off: you are replying to all spam - 95% of those messages will bounce. I'm not sure I'm ready for your Step 1 yet. You have a point, but I prefer detecting problems before any users do.

In the meantime i found a simple solution that works well:

- Spamhalter prefixes the subject line with [spam]
- The new v 4.5 outgoing mail filter deletes any message that starts with [Autoreply] Re: [spam]

Error messages to the postmaster are now down to 10-20 per day, that's doable again.

It appears that Spamhalter ignores autoreplies in its whitelisting process, but i'm not entirely sure of that.

<P>A very clever setup, thank you for sharing it. If I understand it correctly though, it will only work if you have the error copies to the postmaster turned off: you are replying to all spam - 95% of those messages will bounce. I'm not sure I'm ready for your Step 1 yet. You have a point, but I prefer detecting problems before any users do.</P> <P>In the meantime i found a simple solution that works well:</P> <P>- Spamhalter prefixes the subject line with [spam] - The new v 4.5 outgoing mail filter deletes any message that starts with [Autoreply] Re: [spam]</P> <P>Error messages to the postmaster are now down to 10-20 per day, that's doable again.</P> <P>It appears that Spamhalter ignores autoreplies in its whitelisting process, but i'm not entirely sure of that.</P>
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Cancel
Delete
Pending draft ... Click to resume editing
Discard draft