PureMessage basics

CSLab has a server-side spam filtering solution called Sophos PureMessage. The biggest obvious advantage to the user is that you yourself do not have to perform any training or setting up of spam filtering -- we do it for you.

We are doing two things with PureMessage: tagging things that are likely to be spam, and removing known viruses. Email that is classified as being either "spam" or "virus" have the following respective tags prepended to the Subject line:

[PMX:SPAM] if the email was classified as spam.

or

[PMX:VIRUS] if the email was thought to contain a virus (the virus itself is also stripped away).

Basic filtering with .forward-nonspam

If you just want to discard all of the messages to you that are scored by PureMessage as spam or viruses, all you need to do is create a .forward-nonspam file that contains: your_login_name

(Change your_login_name to whatever your Unix login is.)

For more information on how this works, see our page about email filtering.

If you also want to save a copy of the spam and virus tagged messages, also create a .forward file that contains something like:

/u/your_login_name/mail/spam

(Then make sure that the /u/your_login_name/mail/ directory exists.)

Advanced Setup with procmail

Since PureMessage tags all email before it arrives locally, all you need to do is set up procmail filtering to filter away email based on the Subject line. There are two files that you need to create and/or modify in order to make this work, the .forward and .procmailrc files in your home directory. The former is needed in order to pass messages onto procmail instead of delivering them directly to your mail folders; the latter contains the actual filtering rules.

Below are simple, working examples of the .forward and .procmailrc files that you can use as templates. {i} Please note that in all of the examples, you need to replace username with your CSLab account name.

For more detailed information on setting up a custom procmail configuration file, please go back to the spam filtering page and click on the "More detailed procmail information" link, also available through here.

Template for ~/.procmailrc

# Set default for normal mail placement.

DEFAULT=/var/mail/username

# Set this to the directory where you want to keep all the
# mail folders used by procmail (it is typically the same
# directory as your mail reader keeps its folders).

MAILDIR=$HOME/mail

# Set this to the name of the file in which to log procmail's actions.

LOGFILE=$HOME/.procmail.log

LOCKEXT=.lock

# Filters for PureMessage spam and virus tags.

:0:

* ^Subject:[    ]*\[PMX:SPAM]

spam

:0

* ^Subject:[    ]*\[PMX:VIRUS]

/dev/null

# By this point, anything that has not been delivered will go to $DEFAULT.

Template for ~/.forward

"|IFS=' ';exec $MAILBIN/bin/procmail -f-"