[Feature Request] Spam settings

[casesolved-co-uk]

Would be great to have a space in the mail settings for spam. Specifically:

• Reject some messages, possibly with a threshold
• Required spam threshold
• Mark as spam (current behaviour) or delete
• Threshold score for automatically forwarding the received message back to: abuse/postmaster@[Reply-To domain] and optionally abuse/postmaster@[From domain] (if different)

I've not really done much digging but know that there's a difference between SMTP in-session rejects (mail is not accepted) and post-acceptance filtering. And a difference between network-based filtering (looking things up like SPF, block lists) and local based filtering (just on the mail content).

From what I've gathered, rejects can only really happen on local based filtering (because of time taken for network lookups), which is obviously less accurate.

MIAB seems to be quite accurate (so could be used to delete things) but not sure if it does any spam rejecting to put people off sending them?

I'm guessing the spam score is not available at SMTP session time for a reject though.

NB: Also worth making a note somewhere that SMTP connections from new mail servers are first greylisted for 5 minutes. I was confused when getting things like two-factor codes by email that they didn't come through immediately.

Example below:

X-Spam-Flag: YES
X-Spam-Level: *****
X-Spam-Status: Yes, score=5.9 required=5.0 tests=DMARC_PASS,
    FREEMAIL_FORGED_REPLYTO,FROM_NTLD_REPLY_FREEMAIL,FROM_SUSPICIOUS_NTLD,
    FROM_SUSPICIOUS_NTLD_FP,MISSING_MID,RCVD_IN_DNSWL_BLOCKED,
    SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6
X-Spam-Report:
    * 0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
    * DNSWL was blocked. See
    * http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
    * for more information.
    * [66.212.29.74 listed in list.dnswl.org]
    * -0.1 SPF_PASS SPF check passed
    * -0.1 DMARC_PASS DMARC check passed
    * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
    * 0.1 MISSING_MID Missing Message-Id: header
    * 2.0 FROM_SUSPICIOUS_NTLD_FP From abused NTLD
    * 0.5 FROM_SUSPICIOUS_NTLD From abused NTLD
    * 2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
    * 1.0 FROM_NTLD_REPLY_FREEMAIL From abused NTLD and Reply-To is
    * FREEMAIL
X-Spam-Score: 5.9

[ddavness]

This is something that would take a big chunk of effort, though any advances (PRs) on this would be helpful.

Meanwhile, there's a guide on how to set up greylist exceptions. It works on MIAB so it'll likely also work here: https://discourse.mailinabox.email/t/how-to-use-postgrey-client-whitelists/8355