I moved all of our company email accounts to the new ubuntu/virtualmin server last Friday. A lot of spam is getting through. I just enabled greylisting, and I am forwarding spam emails to email@example.com (fictious domain, of course I am looking at the directory /var/virtualmin-traps/spam and taking a count of the messages. There are 15 messages from somewhere that date from building the system, all with 0 file size. The emails I have sent to the spamtrap address this morning do not change the directory count. Is there some place else the spamtrap is delivering to?
Also, will I have to manually start baysian filtering/learning? If so, should I wait until there are 200 messages? I am forwarding spam as attachments in groups of 4-5 per forwarded message.
I could be wrong about a lot of things here, but this is what I think happens with all that –
I believe each file in that directory represents a Virtual Server, and multiple emails coming from the same Virtual Server would be appended to that same file – similar to mbox.
Also, I believe Virtualmin processes all of those once an hour.
So what I could do is send one or two messages to the ham or spam trap, then look at the files right away (and not when it’s the top of the hour – at that point, the files should not be zero-sized.
Bayesian filtering should be enabled by default, you shouldn’t have to do anything to enable that.
As far as forwarding 4-5 attachments – I can’t really speak to whether that works or not (as opposed to attaching just one) without poking through the code more, perhaps someone who happens to know could chime in