• 服务端发送垃圾邮件-1
• 服务端发送垃圾邮件-2
• 常见邮件客户端中设置过滤规则

服务端发送垃圾邮件-1

rambo@mail:~$ cat test-spam-email.txt 
Subject: 恭喜您！您赢得了奖品！
From: [email protected]
To: [email protected]

亲爱的用户，
您已被选为我们抽奖活动的获胜者！请点击以下链接以领取您的奖品：
http://example.com/win
请尽快回复，因为奖品数量有限！


# 发送垃圾测试邮件
rambo@mail:~$ cat /home/rambo/test-spam-email.txt | /usr/bin/spamc -f | /usr/sbin/sendmail  [email protected]


# 日志
rambo@mail:~$ sudo tail -f /var/log/mail.log
2024-10-17T19:42:27.937220-04:00 mail spamd[3373]: spamd: connection from localhost [::1]:60302 to port 783, fd 5
2024-10-17T19:42:27.937220-04:00 mail spamd[3373]: spamd: connection from localhost [::1]:60302 to port 783, fd 5
2024-10-17T19:42:27.943412-04:00 mail spamd[3373]: spamd: setuid to rambo succeeded
2024-10-17T19:42:27.943412-04:00 mail spamd[3373]: spamd: setuid to rambo succeeded
2024-10-17T19:42:27.949928-04:00 mail spamd[3373]: spamd: processing message (unknown) for rambo:1000
2024-10-17T19:42:27.949928-04:00 mail spamd[3373]: spamd: processing message (unknown) for rambo:1000
2024-10-17T19:42:28.762674-04:00 mail spamd[3373]: spamd: identified spam (5.5/3.0) for rambo:1000 in 0.8 seconds, 281 bytes.
2024-10-17T19:42:28.762674-04:00 mail spamd[3373]: spamd: identified spam (5.5/3.0) for rambo:1000 in 0.8 seconds, 281 bytes.
2024-10-17T19:42:28.763779-04:00 mail spamd[3373]: spamd: result: Y  5 - DOS_BODY_HIGH_NO_MID,MISSING_DATE,MISSING_MID,NO_RECEIVED,NO_RELAYS,PP_MIME_FAKE_ASCII_TEXT scantime=0.8,size=281,user=rambo,uid=1000,required_score=3.0,rhost=localhost,raddr=::1,rport=60302,mid=(unknown),autolearn=no autolearn_force=no
2024-10-17T19:42:28.763779-04:00 mail spamd[3373]: spamd: result: Y  5 - DOS_BODY_HIGH_NO_MID,MISSING_DATE,MISSING_MID,NO_RECEIVED,NO_RELAYS,PP_MIME_FAKE_ASCII_TEXT scantime=0.8,size=281,user=rambo,uid=1000,required_score=3.0,rhost=localhost,raddr=::1,rport=60302,mid=(unknown),autolearn=no autolearn_force=no
2024-10-17T19:42:28.775234-04:00 mail postfix/pickup[3370]: BD2AF1E2AFD: uid=1000 from=<rambo>
2024-10-17T19:42:28.775234-04:00 mail postfix/pickup[3370]: BD2AF1E2AFD: uid=1000 from=<rambo>
2024-10-17T19:42:28.783552-04:00 mail postfix/cleanup[3408]: BD2AF1E2AFD: message-id=<[email protected]>
2024-10-17T19:42:28.783552-04:00 mail postfix/cleanup[3408]: BD2AF1E2AFD: message-id=<[email protected]>
2024-10-17T19:42:28.784833-04:00 mail postfix/qmgr[3371]: BD2AF1E2AFD: from=<[email protected]>, size=1298, nrcpt=1 (queue active)
2024-10-17T19:42:28.784833-04:00 mail postfix/qmgr[3371]: BD2AF1E2AFD: from=<[email protected]>, size=1298, nrcpt=1 (queue active)
2024-10-17T19:42:28.789277-04:00 mail spamd[3045]: prefork: child states: II
2024-10-17T19:42:28.789277-04:00 mail spamd[3045]: prefork: child states: II
2024-10-17T19:42:28.794790-04:00 mail postfix/local[3410]: BD2AF1E2AFD: to=<[email protected]>, relay=local, delay=0.84, delays=0.83/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
2024-10-17T19:42:28.794904-04:00 mail postfix/qmgr[3371]: BD2AF1E2AFD: removed
2024-10-17T19:42:28.794790-04:00 mail postfix/local[3410]: BD2AF1E2AFD: to=<[email protected]>, relay=local, delay=0.84, delays=0.83/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
2024-10-17T19:42:28.794904-04:00 mail postfix/qmgr[3371]: BD2AF1E2AFD: removed


# 查看邮件
rambo@mail:~$ cat Maildir/new/1729208548.V802I3febfM793041.mail.example.com 
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: by labexample.com (Postfix, from userid 1000)
	id BD2AF1E2AFD; Thu, 17 Oct 2024 19:42:28 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on mail.example.com
X-Spam-Flag: YES
X-Spam-Level: *****
X-Spam-Status: Yes, score=5.5 required=3.0 tests=DOS_BODY_HIGH_NO_MID,
	MISSING_DATE,MISSING_MID,NO_RECEIVED,NO_RELAYS,PP_MIME_FAKE_ASCII_TEXT
	autolearn=no autolearn_force=no version=4.0.0
X-Spam-Report: 
	* -0.0 NO_RECEIVED Informational: message has no Received headers
	*  0.1 MISSING_MID Missing Message-Id: header
	*  1.4 MISSING_DATE Missing Date: header
	* -0.0 NO_RELAYS Informational: message was not relayed via SMTP
	*  0.2 PP_MIME_FAKE_ASCII_TEXT BODY: MIME text/plain claims to be ASCII but
	*       isn't
	*  3.7 DOS_BODY_HIGH_NO_MID High bit body and no message ID header
Subject: ***** SPAM SCORE ***** 恭喜您！您赢得了奖品！
From: [email protected]
To: [email protected]
X-Spam-Prev-Subject: 恭喜您！您赢得了奖品！
Message-Id: <[email protected]>
Date: Thu, 17 Oct 2024 19:42:27 -0400 (EDT)

亲爱的用户，
您已被选为我们抽奖活动的获胜者！请点击以下链接以领取您的奖品：
http://example.com/win
请尽快回复，因为奖品数量有限！

服务端发送垃圾邮件-2

# 发送垃圾测试邮件
rambo@mail:~$ echo -e "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X"| /usr/bin/spamc -f | /usr/sbin/sendmail [email protected]


# 查看垃圾测试邮件
rambo@mail:~$ cat Maildir/new/1729208114.V802I3febfM993572.mail.example.com 
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: by labexample.com (Postfix, from userid 1000)
	id EDE471E2AFD; Thu, 17 Oct 2024 19:35:14 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on mail.example.com
X-Spam-Flag: YES
X-Spam-Level: *******
X-Spam-Status: Yes, score=7.9 required=3.0 tests=EMPTY_MESSAGE,MISSING_DATE,
	MISSING_FROM,MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,
	NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS autolearn=no
	autolearn_force=no version=4.0.0
X-Spam-Report: 
	*  2.3 EMPTY_MESSAGE Message appears to have no textual parts
	*  1.4 MISSING_DATE Missing Date: header
	* -0.0 NO_RECEIVED Informational: message has no Received headers
	*  1.0 MISSING_FROM Missing From: header
	*  0.1 MISSING_MID Missing Message-Id: header
	*  1.8 MISSING_SUBJECT Missing Subject: header
	*  1.2 MISSING_HEADERS Missing To: header
	* -0.0 NO_RELAYS Informational: message was not relayed via SMTP
	*  0.0 NO_HEADERS_MESSAGE Message appears to be missing most RFC-822
	*      headers
Message-Id: <[email protected]>
Date: Thu, 17 Oct 2024 19:35:14 -0400 (EDT)
From: rambo <[email protected]>

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
Subject: ***** SPAM SCORE ***** 
X-Spam-Prev-Subject: (nonexistent)



# 日志
rambo@mail:~$ sudo tail -f /var/log/mail.log
2024-10-17T19:35:14.865268-04:00 mail spamd[3373]: spamd: connection from localhost [::1]:48336 to port 783, fd 5
2024-10-17T19:35:14.865268-04:00 mail spamd[3373]: spamd: connection from localhost [::1]:48336 to port 783, fd 5
2024-10-17T19:35:14.870601-04:00 mail spamd[3373]: spamd: setuid to rambo succeeded
2024-10-17T19:35:14.870601-04:00 mail spamd[3373]: spamd: setuid to rambo succeeded
2024-10-17T19:35:14.886138-04:00 mail spamd[3373]: spamd: processing message (unknown) for rambo:1000
2024-10-17T19:35:14.886138-04:00 mail spamd[3373]: spamd: processing message (unknown) for rambo:1000
2024-10-17T19:35:14.962630-04:00 mail spamd[3373]: spamd: identified spam (7.9/3.0) for rambo:1000 in 0.1 seconds, 69 bytes.
2024-10-17T19:35:14.962630-04:00 mail spamd[3373]: spamd: identified spam (7.9/3.0) for rambo:1000 in 0.1 seconds, 69 bytes.
2024-10-17T19:35:14.963265-04:00 mail spamd[3373]: spamd: result: Y  7 - EMPTY_MESSAGE,MISSING_DATE,MISSING_FROM,MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS scantime=0.1,size=69,user=rambo,uid=1000,required_score=3.0,rhost=localhost,raddr=::1,rport=48336,mid=(unknown),autolearn=no autolearn_force=no
2024-10-17T19:35:14.963265-04:00 mail spamd[3373]: spamd: result: Y  7 - EMPTY_MESSAGE,MISSING_DATE,MISSING_FROM,MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS scantime=0.1,size=69,user=rambo,uid=1000,required_score=3.0,rhost=localhost,raddr=::1,rport=48336,mid=(unknown),autolearn=no autolearn_force=no
2024-10-17T19:35:14.975092-04:00 mail postfix/pickup[3370]: EDE471E2AFD: uid=1000 from=<rambo>
2024-10-17T19:35:14.975092-04:00 mail postfix/pickup[3370]: EDE471E2AFD: uid=1000 from=<rambo>
2024-10-17T19:35:14.983882-04:00 mail postfix/cleanup[3382]: EDE471E2AFD: message-id=<[email protected]>
2024-10-17T19:35:14.983882-04:00 mail postfix/cleanup[3382]: EDE471E2AFD: message-id=<[email protected]>
2024-10-17T19:35:14.985815-04:00 mail postfix/qmgr[3371]: EDE471E2AFD: from=<[email protected]>, size=1273, nrcpt=1 (queue active)
2024-10-17T19:35:14.985815-04:00 mail postfix/qmgr[3371]: EDE471E2AFD: from=<[email protected]>, size=1273, nrcpt=1 (queue active)
2024-10-17T19:35:14.994911-04:00 mail postfix/local[3384]: EDE471E2AFD: to=<[email protected]>, relay=local, delay=0.12, delays=0.11/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
2024-10-17T19:35:14.994911-04:00 mail postfix/local[3384]: EDE471E2AFD: to=<[email protected]>, relay=local, delay=0.12, delays=0.11/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir)
2024-10-17T19:35:14.995751-04:00 mail postfix/qmgr[3371]: EDE471E2AFD: removed
2024-10-17T19:35:14.995751-04:00 mail postfix/qmgr[3371]: EDE471E2AFD: removed

常见邮件客户端中设置过滤规则

1、Thunderbird
Thunderbird 是一个流行的开源邮件客户端。您可以通过以下步骤设置垃圾邮件过滤规则：
打开 Thunderbird 并选择您的邮箱账户
点击“工具”菜单，选择 “邮件过滤”
点击 “新建”，创建一个新的过滤规则

设置过滤条件：
选择 “自定义”，并在字段中输入 X-Spam-Flag
设置条件为 “等于”，并在值中输入 YES

选择执行操作：
选择 “移动到文件夹”，并选择或创建垃圾邮件文件夹
保存规则，邮件客户端将自动根据 SpamAssassin 的标记来过滤垃圾邮件


2、Outlook
在 Outlook 中，您可以通过以下步骤创建过滤规则：
打开 Outlook 并转到 “文件” > “管理规则和通知”
点击 “新建规则”，选择 “应用规则到接收的邮件”
在条件部分选择 “邮件包含特定字词”
选择 “在邮件头中”，并输入 X-Spam-Flag: YES
在操作部分选择 “将邮件移到指定文件夹”，选择或创建垃圾邮件文件夹
保存规则，之后任何被 SpamAssassin 标记的垃圾邮件都会自动移动到指定的文件夹

3、Apple Mail (macOS)
在 Apple Mail 中，您可以通过以下步骤设置垃圾邮件过滤规则：
打开 Apple Mail 并选择 “邮件” > “偏好设置”
转到 “规则” 标签页，点击 “添加规则”
为规则命名，设置条件为：
“邮件头包含 X-Spam-Flag”，并设置为 “YES”
设置操作为 “将邮件移动到垃圾邮件” 文件夹
保存规则，Apple Mail 将根据规则自动过滤垃圾邮件。


# 调整客户端垃圾邮件策略
大部分邮件客户端（如 Thunderbird、Outlook 和 Apple Mail）都有内置的垃圾邮件过滤功能。这些功能会与 SpamAssassin 产生一定的协同作用，进一步提高垃圾邮件识别率
您可以在客户端中调整这些设置，以便结合服务器端 SpamAssassin 过滤器使用

例如：
Thunderbird：启用 “垃圾邮件控制”，客户端会根据邮件头中的 SpamAssassin 标记以及自身的垃圾邮件规则共同判断
Outlook：可以调整垃圾邮件保护级别，以自动将 SpamAssassin 标记的邮件移至垃圾邮件文件夹
Apple Mail：可以结合规则和内置的垃圾邮件过滤机制，进一步增强垃圾邮件的自动检测和处理


# 定期检查垃圾邮件文件夹
即便有 SpamAssassin 和客户端规则的双重保障，偶尔也可能会有误判。因此，建议定期检查垃圾邮件文件夹，以确保没有误将正常邮件标记为垃圾邮件