Confusion over multidrop mail from pop3 server and anti-spam

Dear all, I hope someone has a better idea of the “best” way forward with this than I do! I’ve googled this til I’m confused as h*** and not yet found the right answers.

I basically need to collect multidrop email from a pop3 server and deliver it to /var/spool/mail/username accounts after spam filtering it.
I deliver local email locally and send back out via the ISPs sendmail port.

Not too difficult I hear you say – until you get lots of (backscatter) spam containing deliberately malformed headers.
It seems to me that fetchmail and the other progs are very poor at handling this (or the config is just beyond me). As I am upgrading my server - I’d like to fix this once and for all…if I can.
Then I’d like to use the resulting solution with Dovecot for serving the mail locally via IMAP to a number of machines.(but thats for later).

I have been using the Suse 10.3 “standard” way of doing this with pop3 ->
fetchmail -> postfix -> half a dozen obscure progs ? -> mail spool directory.

I’ve then been using spamassassin to filter out the crud from within Kmail (so not directly from fetchmail yet). In the end I supplemented both postfix and fetchmail with extra filters and also have to filter out false MDN (Message Disposition Notifications) within kmail (all this is really slow).

This keeps the spam down, but the problem seems to be that backscatter spam gets past quite a lot of this - resulting in things bouncing around in my system for a while.
Don’t worry - I’m not an open relay or anything like that, but I think I WAS initially backscattering with the default mail transfer agent (MTA) setup from suse 10.3.

Also - some email seems to get trapped on the pop server because fetchmail trys to reject it, but there is nowhere to reject it to ?(the pop server and fetchmail think some of it was sent by my system - which it wasn’t) so it just bounces back between the two. I can only clear this by unfiltered manual purges of the pop server.

I also wondered if rejecting spam is inherently impossible because any mail on the popserver is effectively already delivered ? (and anyway the To: From: and ReplyTo: fields in spam emails are all forgeries). There is an antispam command in fetchmail telling it to drop messages from postfix with certain response codes, but this doesn’t seem to get everything.

None of this is helped by what I consider a bug in kmail - it auto sends MDNs before the email has got to the spam filter even though the option is set to “ASK”. I can see this in some of the logs.

SO, Does anyone know a good email setup reference/guide/overview applicable to Suse 11.1 that would fit my requirements ??.

My setup doesn’t need to be complex, so I’m considering trying to ditch Postfix for this reason, but what real alternatives are there within Suse??

(new server is suse 11.1 x86_64 architecture.)

Do you not have a last-resort address for fetchmail for undeliverable email (–postmaster option in fetchmail)? You should not be sending out spam bounces (the default anyway), as that generally is not useful and makes things worse.

As for backscatter, I don’t see how you can avoid accepting the email as they are addressed to the recipient. You can only hope to filter them out once accepted.

There should not be any situation where you don’t accept mail from the POP server. If there is already mail in a loop, it should be deleted after acceptance and not rejected or bounced. Or perhaps fetchmail is not set for --fetchall, only those not marked seen? That would leave some messages on the server.

Dear Ken, thanks for fast reply, but yes - postmaster email goes to me

and fetchall is in my setup - I did discover that some of these commands are sequence sensitive - and I think I fixed it, but am open to comments!

for info - /etc/fetchmailrc is:

set postmaster alister
set no bouncemail
poll protocol POP3
  envelope X-envelope-To
      user poploginname with password mypopserverpasswd is * here
        fetchall antispam 554 421