Recommended "Surgeweb Style" spam handling

Surgeweb attempts to simplify surgemail's spam handling for end users and administrators. This involves storing all suspected spam in a single location, and having several predefined recommended configurations for users to select.

All of the traditional user.cgi spam handling featues are still available, but most users should never need to configure them directly.

Recommended configuration in Surgeweb

There is a "one step spam control" that allows you to configure all the underlying user.cgi spam handling settings in one of several configurations depending on your personal preference on how you want email identified as spam to be handled:

These are the recommended configuration "one step spam control" configurations available:

1. Disabled - Surgemail does not identify or process mail in any way as spam. Not recommended.
2. Mark probable spam and deliver to inbox - As the name suggests, email with a rating of 6 or higher is marked in the subject and delivered as normal to the inbox. Suitable if you receive small amounts of spam.
3. Mark probable spam and deliver to spam folder - Again, email with a spam rating over 6 is marked in the subject but delivered to your surgeweb Spam (ie IMAP Friends Pending) folder. Suitable if you receive small amounts of spam, want to keep this "out of your inbox" and are happy to periodically check your Spam folder.
4. Challenge almost certain spam, mark likely spam - A more advanced way of spam handling if you receive lots of spam. Email with a spam rating is split into "likely spam" (rating 6-10) and "almost certainly" (rating 10+) spam. Likely spam is marked in the subject and delivered to your inbox as normal, and almost certainly spam is sent a friends bounce and placed in your Spam folder. You will probably never need to look in your spam folder, and if real mail is caught and the sender replies to the friends bounce the message gets delivered to your inbox. Under the "surgeweb - options - Filtering and spam control - spam control - configure" link there are more options for configuring your advanced "split spam handling" configuration.

Administrators can configure the cutoff levels for "likely" and "almost certainly" spam. If you can't figure out what is going on the raw user.cgi settings are listed at the bottom of the "Surgeweb - Options - Filtering & Spam control" page. For each configuration these are:

1. Disabled

   CORE SETTINGS: spam_subject=0    friend_mode=list    friend_smite=0    spam_bounce=0
   ADDITIONAL: spam_body=0    spam_ddpriv=    spam_ddfrom=    [ spam_store=0    spam_vanish=0 ]
   

2. Mark probable spam and deliver to inbox

   CORE SETTINGS: spam_subject=6    friend_mode=list    friend_smite=0    spam_bounce=0
   ADDITIONAL: spam_body=0    spam_ddpriv=    spam_ddfrom=    [ spam_store=0    spam_vanish=0 ]
   

3. Mark probable spam and deliver to spam folder

   CORE SETTINGS: spam_subject=6    friend_mode=silent    friend_smite=6    spam_bounce=0
   ADDITIONAL: spam_body=0    spam_ddpriv=    spam_ddfrom=    [ spam_store=0    spam_vanish=0 ]
   

4. Challenge almost certain spam, mark likely spam

   CORE SETTINGS: spam_subject=6    friend_mode=smite    friend_smite=10    spam_bounce=0
   ADDITIONAL: spam_body=0    spam_ddpriv=    spam_ddfrom=    [ spam_store=0    spam_vanish=0 ]
   

Upgrading from "older" surgemail configurations

If are upgrading an older surgemail configuration to make use of surgeweb new features you may want to make some configuration changes. In particular the recommended method of quaranteening spam has changed a little over time.

You will probably want to convert existing accounts using the "tellmail held2pend ..." command, and configure the new global default behaviour:

  g_friends_default_mode "silent"

Plus optionally:

1. Set default friends spam scoring to match surgeweb ratings likely="6+" almost certainly="10+" This can be done using a global setting as follows in surgemail 4.2g-2+,

     g_friends_spam_score "6"
   

   or

     g_friends_spam_score "10"
   

   or in earlier versions of surgemail, using the global user defaults on the accounts page in the admin interface.
2. To make the "(Friends) Pending" folder available as the "Spam folder" in surgeweb (HIGHLY RECOMMENDED), make sure you have enabled this using:

     g_imap_friends "TRUE"
   

3. If you wish the Imap folder name (normally "Friends Pending") to match the surgeweb folder name (normally "Spam") use:
   surgemail.ini:

     g_friends_pending_name "Spam"
   

   surgemail/surgeweb/custom/config_global.dat:

     imap_spam_folder Spam
   

In addition you can customise the "levels" that define "likely spam" and "almost certainly" spam by customising these manually in the surgeweb config_*.dat files. It is recommended to select a levels the same for all domains and make sure this matches g_friends_spam_score above for the spam settings for new accoutns to fall into one of the recommended "one step" surgeweb spam handling configurations.

  rating_probable 6
  rating_certain 10

New format html spam status email

The old plain text status email reporting on the status of quaranteened spam has been replaced by an html formatted email with more information on the email messages that have been detained in the Spam folder (ie Friends Pending folder). This html status email provides the following features:

• 'Single click deliver' messages to your inbox, training the from address in your friends list to ensure future messages from this user are always delivered without being marked as spam
• 'Single click view' the message safely without delivery to your inbox
• 'Single click delete' the message
• Permanently block all email from this sender
• There are also options to enable spam reporting and Spam folder purging from this page
• Displays all the relevant addressing headers if they are different from the From header to help identify mail with faked headers. In particular "Reply-To" and "Return-Path".

For more information see recommended method of quaranteening spam.