Consolidating Several Anti Spam Message Headers On The Smtp Gateway

09 Jan 2021 - sj, tags: insights, product

A dedicated SMTP gateway is optional in front of the archive, however it may provide huge benefits using one. For example it may shield your archive’s smtp port from the outside world, or it may help you unify the various antispam message headers.

Scenario

You are a service provider, and receive emails from various sources that use different mail headers for recognized spam emails. You already have an SMTP gateway installed using postfix.

Host1 sets the following header for spam emails:

X-Spam-Flag: YES

Host2 uses the following header line for spam:

X-DSPAM-Result: Spam

The problem is that piler allows us to set a single spam header only.

Solution

Let’s configure piler to use the following header line:

spam_header_line=X-Piler-Spam-Status: Yes

Then we need postfix either to re-write both X-Spam-Flag and X-DSPAM-Result headers to “X-Piler-Spam-Status: Yes”. Or we keep the spam headers as they are and append our header. We’ll take the second approach.

/etc/postfix/main.cf:

header_checks = pcre:${config_directory}/header_checks

/etc/postfix/header_checks:

/X-Spam-Flag: YES/ prepend X-Piler-Spam-Status: Yes
/X-DSPAM-Result: Spam/ prepend X-Piler-Spam-Status: Yes

Finally run

postfix reload

We are good to go! If we get a marked spam either from Host1 or Host2, the SMTP gateway will add our configured X-Piler-Spam-Status: yes header to email. Then we can deal with such spam based on the company policy. eg. either discard it or set a short retention value for it allowing it to be removed in 15 days or so.