Then remains the question why are the notifications being sent over and over again?
After I deleted them from my mailclient, they are sent over again. Looks like these notifications are not removed from the source after they have been sent.
1 Like
let me try to reproduce, I never tested with an alias
Of course it works as expected on my server with an alias, the contrary would be fun 
this let me think the account was not allowed to receive spam, so when the spam comes, it is rejected, since a spam is rejected then it is sent again and again.
this is normal, the account is allowed to receive spam, so unfortunately you cannot sort wanted and unwanted spam…but…but why the notification above :-?
could you post the command:
config show rspamd
cat /etc/rspamd/local.d/settings.conf
cat /etc/rspamd/local.d/metadata_exporter.conf
show me the account used to receive spam (here spam2, do it for the real user please)
db accounts show spam2@domain.com
what I did to enable the quarantine is
config setprop rspamd QuarantineAccount spam2@domain.com QuarantineStatus enabled SpamNotificationStatus enabled
signal-event nethserver-mail-quarantine-save
spam2@domain.com is an alias of spam@domain.com
also the rpm is now : yum install http://packages.nethserver.org/nethserver/7.5.1804/autobuild/x86_64/Packages/nethserver-mail-quarantine-2.3.0-1.12.pr83.g5a4f6f5.ns7.noarch.rpm
config show rspamd:
rspamd=service
BlockAttachmentClassList=Exec
BlockAttachmentCustomList=doc,odt
BlockAttachmentCustomStatus=disabled
BlockAttachmentStatus=enabled
Password=hUlsBhcUe4ESUCu3
QuarantineAccount=quarantine@domain.tld
QuarantineSelector=is_reject
QuarantineStatus=enabled
RecipientWhiteList=
SenderBlackList=
SenderWhiteList=
SpamCheckStatus=enabled
SpamGreyLevel=4
SpamKillLevel=20
SpamNotification=disabled
SpamNotificationStatus=enabled
SpamSubjectPrefixStatus=enabled
SpamSubjectPrefixString=SPAM
SpamTag2Level=6
VirusAction=reject
VirusCheckStatus=enabled
VirusScanOnlyAttachment=false
VirusScanSize=20000000
status=enabled
cat /etc/rspamd/local.d/settings.conf:
cat /etc/rspamd/local.d/settings.conf
================= DO NOT MODIFY THIS FILE =================
Manual changes will be lost when this file is regenerated.
Please read the developer’s guide, which is available
at NethServer official site: https://www.nethserver.org
whitelist the spam receiver account
whitelist {
priority = hight;
rcpt = “quarantine@domain.tld”;
want_spam = yes;
}
cat /etc/rspamd/local.d/metadata_exporter.conf
cat /etc/rspamd/local.d/metadata_exporter.conf
================= DO NOT MODIFY THIS FILE =================
Manual changes will be lost when this file is regenerated.
Please read the developer’s guide, which is available
at NethServer official site: https://www.nethserver.org
Refer to Metadata exporter for information on configuration
rules {
QUARANTINE {
backend = “send_mail”;
smtp = “127.0.0.1”;
mail_to = “quarantine@interlin.nl”;
mail_from = “quarantine@interlin.nl”;
helo = “ns7.interlin.nl”;
selector = “is_reject”; # could be “is_reject” or “is_spam”
formatter = “default”;
}
SPAM_NOTIFICATION {
backend = “send_mail”;
smtp = “127.0.0.1”;
mail_to = “postmaster@domain.tld”;
mail_from = “no-reply@domain.tld”;
helo = “server.domain.tld”;
selector = “is_reject”; # could be “is_reject” or “is_spam”
formatter = “email_alert”;
email_template = <<EOL
From: Rspamd <$mail_from>
To: <$mail_to>
Subject: Spam moved to quarantine: $header_subject
Date: $date
MIME-Version: 1.0
Message-ID: <$our_message_id>
Content-type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Authenticated username: $user
IP: $ip
Queue ID: $qid
SMTP FROM: $from
SMTP RCPT: $rcpt
MIME From: $header_from
MIME To: $header_to
MIME Date: $header_date
Subject: $header_subject
Message-ID: $message_id
Action: $action
Score: $score
EOL
}
end of rules
}
db accounts show quarantine@domain.tld:
quarantine@domain.tld=pseudonym
Access=private
Account=myaccount@domain.tld
Description=quarantine address
So basically you suggest to create a new (local?) account with an email address. My question would be: those notifications, would be delivered to that address. I will not receive them in my own mailaddres, but that spam account will be filled quite drastically…
Do I understand correctly that in order to override an email message that is amrked as spam, I have to log into that account and forward (or what else) that to my own mailaddres?
That might be a bit too cumbersome…
1 Like
yes, the idea is to use a dedicated account for this, notifications are sent to postmaster (root)
I tried to receive the spam on my account…it is simply not possible to open your mailbox with a friend, you son or your wife without hours of explanation 
no an external account is needed here.
Once received to the spam account, yes, if it is not a spam, yes could forward it to the good recipient.
How do you understand it should be ?
1 Like
maybe in some case it is incompatible, quarantine@domain.tld is whitelisted but the end recipient is myaccount@domain.tld
That’s because it is an alias…
I will try to set it up with a dedicated account/mailaddress. But to be honest I am not convinced this will work that great, since there is a need to log into the spam account and then go through the list of spam mails.
In my mind I had the idea of getting a digest of spam mails from which I can choose (by clicking a link in that digest mail) to mark messages as not spam and thus they get delivered.
I am sorry but this is out of the scope due to the amount of work, or at least not now 
you could set up an imap account to your thunderbird or equivalent to receive spam
eventually we could set a specific account to receive the notification, instead of postmaster it could be robb@domain.com, with the title and the spam score you could understand what is the content
works also with a shared mailboxe, just created in Email addresses > Shared Mailboxes
2 Likes
I thought first that the email was not rejected and the side effect is that the spam sender continues to send again and again spam, I am not sure now… I can see the spam sent rejected by my server but of course moved to the quarantine account.
Erreur signalée : *550 5.7.350 Remote server returned message detected as spam -> 554 5.7.1 Spam message rejected*
So in short the spam is seen rejected for the sender, but moved to the quarantine account.
it works well for account on the NS, as a dedicated user mailbox or a shared mailbox
testers needed to validate the work, please read the QA at
and
really thank you in advance
PS: as a side note, a virus found goes to quarantine
2 Likes
Should be added to the manual! There’s an open PR: who wants to do it? /cc @robb @GG_jr
Just follow this link and start edit it: Sign in to GitHub · GitHub
1 Like
What do I have to do to quarantine blocked office documents? does the user “spam” have to be an AD account? Is the user “spam” an IMAP user or can the user RSPAM login?
Sorry the question, the function is not really clear to me yet, I tried the documentation, but can’t get any further. Please give mnir some more startup help
http://docs.nethserver.org/en/latest/mail.html?highlight=quarantine#quarantine-beta
The documentation stated, create a real user or use a shared mailbox.
Sorry, I thought it was a user and not a public folder.
how can i best test it locally, so that an attachment runs in the spam folder, the signature “XJSC4JDBQADN1.NSBN32IDNENGTUBE-STANDARD-ANTI-UBE-TEST-EMAILC.34X” will not be sent at all
this is a special signature, well known to test antispam, the rspamd behaviour is not the same for this, for example even if you stop the spam filtering it is always rejected.
Wait some time, when you see a rejection in the rspamd history, then the quarantine must work