I want to force users sending mail to my server to use BCC (we're getting a lot of internal spam created by mailings to 30+ mailing lists which then reply to all).
I thought spamassassin could be a good place to start since it is already used for spam filtering. However, I'm not sure how to do this (or if spamassassin is really the right place to do it). My idea was to just make a bccfilter.cf which checks the number of To+Cc recipients and mark the mail as spam if it is larger than a number (e.g. 10). What is the best way to do this?
The only thing I came up whit is something like this:
header LOCAL_FORCE_BCC_TO To =~ /(.*?,){9,}/
header LOCAL_FORCE_BCC_CC Cc =~ /(.*?,){9,}/
meta LOCAL_FORCE_BCC (LOCAL_FORCE_BCC_TO || LOCAL_FORCE_BCC_CC)
score LOCAL_FORCE_BCC 15.0
It basically counts the number of comma's in the To and Cc header and if either one is larger than 9 (=10 recipients) is marks the message as spam. However I don't really like the approach and have the feeling it can be done better. Also I'd like to count the total number of recipients (To+Cc) instead of seperatly.
Does anyone know how to do that? Also I'd like to return a custom error message but that doesn't really matter much.
I think this is a great time to look into exim ACL's. You can use them to do your cc: to bcc rewriting.
http://tldp.org/HOWTO/Spam-Filtering-for-MX/exim-smtpdelays.html