It sends Karmasphere queries during the parsed_metadata callback, and it receives responses during the check_post_dnsbl callback. The plugin hooks two points in the SpamAssassin scanner cycle.
Post-filter programs designed to work with this Karma plugin will therefore need to look for the configured header variants instead of X-Karma. The generated headers are all prefixed with "X-Spam-". For example, to generate a "traditional" karma header for the connect context, use: add_header all Karma-Connect _KARMASCORE(connect)_: _KARMADATA(connect)_ĭue to the limitations of SpamAssassin, it is impossible to generate a header "X-Karma".
This module adds two extra template tags for header rewriting: _KARMASCORE( context)_ and _KARMADATA( context)_, which expand to the numeric score, and explanatory data generated by Karmasphere in the given context. Karma_credentials corresponds to "password". Karma_principal corresponds to "username". That web page talks in terms of "username" and "password. karma_principalĪn identifier may be used to authenticate queries from SpamAssassin to Karmasphere.
The timeout for receiving Karmasphere responses, in seconds. Port number of the Karmasphere query server. Hostname or IP address of the Karmasphere query server. The default for the content filter context is ntentfilter. The default for the connect context is karmasphere.email-sender. The feedset name to query in the given context information. context is either connect or content karma_feedset context feedsetname karma_range rulename context min maxĪ karma score range. Valid contexts are connect, for a karma query relating to connection-time metadata, and content for content-filtering data. The very similar-looking words 'context', 'connect' and 'content' are used throughout this document. The details of a particular configuration file will depend on the choice of feedsets used for the various context. An administrator would be expected to write a more complex configuration file including more useful score ranges. USER SETTINGSĪn extremely simplistic, minimal example configuration file is provided in the eg/spamassassin/ subdirectory of this distribution. The second works with unathenticated identities, but should still trap URLs used by spammers and phishing sites. Of these, the first is relatively trustworthy, since it works (where possible) with authenticated identities. Two lookups are performed: One on the connect-time identities (client-ip, helo-address and envelope-from) and one on any identities found in the body of the message. This plugin performs lookups against the Karmasphere reputation service. Conversely, it can also detect identities used by reputable senders, and thus use a whitelisting strategy to bypass further antispam checking and (one hopes) reduce false positives. The aim of this plugin is to detect identities used by spammers and phishers, and thus detect zero-day spam runs and phishing scams. The Karmasphere reputation service is a real-time reputation service for Internet identities. Karma_range KARMA_CONNECT_0_10 connect 0 10 Karma_feedset connect karmasphere.email-sender Mail::SpamAssassin::Plugin::Karmasphere - Query the Karmasphere reputation system SYNOPSIS loadplugin Mail::SpamAssassin::Plugin::Karmasphere