NAME

Mail::SpamAssassin::Plugin::AWL - Normalize scores via auto-whitelist


SYNOPSIS

To try this out, add this or uncomment this line in init.pre:

  loadplugin     Mail::SpamAssassin::Plugin::AWL

Use the supplied 60_awl.cf file (ie you don't have to do anything) or add these lines to a .cf file:

  header AWL             eval:check_from_in_auto_whitelist()
  describe AWL           From: address is in the auto white-list
  tflags AWL             userconf noautolearn
  priority AWL           1000


DESCRIPTION

This plugin module provides support for the auto-whitelist. It keeps track of the average SpamAssassin score for senders. Senders are tracked using a combination of their From: address and their IP address. It then uses that average score to reduce the variability in scoring from message to message and modifies the final score by pushing the result towards the historical average. This improves the accuracy of filtering for most email.


TEMPLATE TAGS

This plugin module adds the following tags that can be used as placeholders in certain options. See Mail::SpamAssassin::Conf for more information on TEMPLATE TAGS.

 _AWL_             AWL modifier
 _AWLMEAN_         Mean score on which AWL modification is based
 _AWLCOUNT_        Number of messages on which AWL modification is based
 _AWLPRESCORE_     Score before AWL


USER PREFERENCES

The following options can be used in both site-wide (local.cf) and user-specific (user_prefs) configuration files to customize how SpamAssassin handles incoming email messages.

use_auto_whitelist ( 0 | 1 ) (default: 1)

Whether to use auto-whitelists. Auto-whitelists track the long-term average score for each sender and then shift the score of new messages toward that long-term average. This can increase or decrease the score for messages, depending on the long-term behavior of the particular correspondent.

For more information about the auto-whitelist system, please look at the the Automatic Whitelist System section of the README file. The auto-whitelist is not intended as a general-purpose replacement for static whitelist entries added to your config files.

Note that certain tests are ignored when determining the final message score:

 - rules with tflags set to 'noautolearn'
auto_whitelist_factor n (default: 0.5, range [0..1])

How much towards the long-term mean for the sender to regress a message. Basically, the algorithm is to track the long-term mean score of messages for the sender (mean), and then once we have otherwise fully calculated the score for this message (score), we calculate the final score for the message as:

finalscore = score + (mean - score) * factor

So if factor = 0.5, then we'll move to half way between the calculated score and the mean. If factor = 0.3, then we'll move about 1/3 of the way from the score toward the mean. factor = 1 means just use the long-term mean; factor = 0 mean just use the calculated score.

auto_whitelist_ipv4_mask_len n (default: 16, range [0..32])

The AWL database keeps only the specified number of most-significant bits of an IPv4 address in its fields, so that different individual IP addresses within a subnet belonging to the same owner are managed under a single database record. As we have no information available on the allocated address ranges of senders, this CIDR mask length is only an approximation. The default is 16 bits, corresponding to a former class B. Increase the number if a finer granularity is desired, e.g. to 24 (class C) or 32. A value 0 is allowed but is not particularly useful, as it would treat the whole internet as a single organization. The number need not be a multiple of 8, any split is allowed.

auto_whitelist_ipv6_mask_len n (default: 48, range [0..128])

The AWL database keeps only the specified number of most-significant bits of an IPv6 address in its fields, so that different individual IP addresses within a subnet belonging to the same owner are managed under a single database record. As we have no information available on the allocated address ranges of senders, this CIDR mask length is only an approximation. The default is 48 bits, corresponding to an address range commonly allocated to individual (smaller) organizations. Increase the number for a finer granularity, e.g. to 64 or 96 or 128, or decrease for wider ranges, e.g. 32. A value 0 is allowed but is not particularly useful, as it would treat the whole internet as a single organization. The number need not be a multiple of 4, any split is allowed.

user_awl_sql_override_username

Used by the SQLBasedAddrList storage implementation.

If this option is set the SQLBasedAddrList module will override the set username with the value given. This can be useful for implementing global or group based auto-whitelist databases.

auto_whitelist_distinguish_signed

Used by the SQLBasedAddrList storage implementation.

If this option is set the SQLBasedAddrList module will keep separate database entries for DKIM-validated e-mail addresses and for non-validated ones. A pre-requisite when setting this option is that a field awl.signedby exists in a SQL table, otherwise SQL operations will fail (which is why we need this option at all - for compatibility with pre-3.3.0 database schema). A plugin DKIM should also be enabled, as otherwise there is no benefit from turning on this option.


ADMINISTRATOR SETTINGS

These settings differ from the ones above, in that they are considered 'more privileged' -- even more than the ones in the PRIVILEGED SETTINGS section. No matter what allow_user_rules is set to, these can never be set from a user's user_prefs file.

auto_whitelist_factory module (default: Mail::SpamAssassin::DBBasedAddrList)

Select alternative whitelist factory module.

auto_whitelist_path /path/filename (default: ~/.spamassassin/auto-whitelist)

This is the automatic-whitelist directory and filename. By default, each user has their own whitelist database in their ~/.spamassassin directory with mode 0700. For system-wide SpamAssassin use, you may want to share this across all users, although that is not recommended.

auto_whitelist_db_modules Module ... (default: see below)

What database modules should be used for the auto-whitelist storage database file. The first named module that can be loaded from the perl include path will be used. The format is:

  PreferredModuleName SecondBest ThirdBest ...

ie. a space-separated list of perl module names. The default is:

  DB_File GDBM_File SDBM_File

NDBM_File is no longer supported, since it appears to have bugs that preclude its use for the AWL (see SpamAssassin bug 4353).

auto_whitelist_file_mode (default: 0700)

The file mode bits used for the automatic-whitelist directory or file.

Make sure you specify this using the 'x' mode bits set, as it may also be used to create directories. However, if a file is created, the resulting file will not have any execute bits set (the umask is set to 111).

user_awl_dsn DBI:databasetype:databasename:hostname:port

Used by the SQLBasedAddrList storage implementation.

This will set the DSN used to connect. Example: DBI:mysql:spamassassin:localhost

user_awl_sql_username username

Used by the SQLBasedAddrList storage implementation.

The authorized username to connect to the above DSN.

user_awl_sql_password password

Used by the SQLBasedAddrList storage implementation.

The password for the database username, for the above DSN.

user_awl_sql_table tablename

Used by the SQLBasedAddrList storage implementation.

The table user auto-whitelists are stored in, for the above DSN.