delay in /etc/mail/aliases

I am running sendmail on my website so that I can offer "vanity emails" for a few users… i.e. john@mysite.com which automatically forwards to their "real" email using /etc/mail/aliases.

To filter spam, I forward not directly to their "real" email, but to a gmail account, which in turn forwards to their "real" email (while leaving a copy in the gmail account)

The problem I'm having is that users are still complaining about spam. When I check the gmail account, I can see that the messages they are complaining about are indeed in the Spam box. What I think is hapenning is that at the time the email is forwarded, Gmail does not yet know the mail is spam…. later on, based on gmail user feedback, it learns that it is spam. By that time, it's too late for my poor users… they've already got the forwarded spam.

My idea is to set up sendmail to DELAY forwarding to gmail… hopefully that way, gmail will have a chance to learn that it's spam. Is there an easy way to do that?

4 Replies

Take a look at Greylisting; a greylisting system looks at each incoming email's to field, from field and sending server, and, if it hasn't see that combination in the last 24 hours (configurable), it has the mail server send a 451 "try again later" until some amount of time has passed (I use 20 minutes), and then allows the mail to pass through.

I use Postfix+Postgrey, but there are Sendmail implementations, too:

http://www.greylisting.org/implementati … mail.shtml">http://www.greylisting.org/implementations/sendmail.shtml

Actually, I think the problem may be that when you forward, you cause the message to originate from an unauthorized server. For example, a message from joeuser@yahoo will seem to be originating from your server instead of Yahoo!, which Gmail might see as a forgery and flag as spam.

This problem is perhaps most closely associated with SPF:

http://www.openspf.org/FAQ/Forwarding

(see the note about "remailing").

Or it could even be the inverse problem. If the spam originates from a known bad IP, and then he resends it from a nominally trusted IP (Gmail's), then it could be less likely to be flagged.

I re-read the OP–I may have misunderstood. I wouldn't process (e.g. forward) anything without virus/spam-filtering it first. If you make yourself that front line, you'll have to handle it. :)

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct