Spam assassin is good at identifying spam, and boxtrapper is good at trapping it until you want to allow it to be delivered to your inbox. But I still don't trust automated spam solutions to not throw away email that I want.
So I tediously go through the box trapper list, and find emails that need to be whitelisted. Just today I found a message from a Bulgarian friend that has been trapped in the box trapper for days. And on some email lists I subscribe to, everytime a new person sends and email, that's a new address that needs to be added to boxtrapper's whitelist. And since boxtrapper only lets me select a couple of screens at a time of emails to delete, and my daily spam traffic is several screens long, it's very tedious cycle of select a couple of screens, delete, go back, refresh, select some more, delete, go back, refresh, etc.
So I decided to look through the stuff trapped in my queue, and generate some regular expressions to trash the obviously spam messages. The spam that is left is harder to identify by glancing at it, because spam assaasin hasn't trapped most of it, but with maybe just one screen a day to go through, it's easier overall.
With the following 30 or so regular expressions, I was able to succeed in reducing about 3300 things in box trapper's queue down to less than 200.
These details are for a Cpanel 10 system, which comes with box trapper and spam assasin installed.
Patterns file: (Be careful not to have a blank line, or all emails will match!):
se.{0-1}u{0-1}a.{0-1}lly\-EXPL.{0-1}CI.{0-1}T.{0-1}:
SE><u.ALLY-EXPL.CITI:
SEYX.UALLY-E.XPLICIT:
SEIIX.UALLY
Buy cialis
hot milf
black cocks*
fucked blond
therayreynoldsplan
SCOTT KEMME
fucked in the office
busty tranny
pen.s grow
PenisEnlarge
REPLICA //ATCHES
big d.cks
RCVD_IN_WHOIS_INVALID
beware of fake pills
Canadian pharmacy
C1alis
Super Viagra
Meet Online With WebEx
Affordable Health Plans Available
Adobe Creative Suite 3 download
\*SPAM:[1-9][0-9]
BAYES_99
URIBL_AB_SURBL
FROM_ILLEGAL_CHARS
SUBJECT_ENCODED_TWICE
UPPERCASE_25_50
URIBL_JP_SURBL
RCVD_IN_XBL
HELO_DYNAMIC_SPLIT_IP
|
Notice that
|
The linux command to run on with it:
cd /home/DOMAINOWNER/etc/DOMAINNAME/USER/boxtrapper/queue rm -f `grep -i -l -E -f ../spam_patterns *`
The CD moves to the boxtrapper queue directory. The grep command runs all the lines in the spam_patterns file against the items in the box trapper queue. Any matches are returned as file names, which are given to the rm command, which removes the file.
After upgrade to latest spam trapper 3.2:
 | Use sa-update to keep the SARE rules up to date. This is better than downloading and installing them manually.
/usr/bin/sa-update --nogpg --channel saupdates.openprotect.com Run in a cronjob on a daily basis and remove the rules from /etc/mail/spamassassin/. The recommended rules will then be kept up to date in the directory tree /var/lib/spamassassin/ |
Some more articles about getting rid of spam: