This is a plugin for spamassassin. http://spamassassin.apache.org/ It provides 2 functions that you can do eval tests on, these are eval:public_check_to_address() This just looks for a list of addresses that are known to be potential spam traps, such as email addresses you might have used in mailing lists or on usenet. A user can set multiple public_address settings, like so: public_address info@example.com public_address public_email@example.com This will check to see if the email was to one of these, use it with something like this: head PUBLIC_ADDRESS eval:public_check_to_address() score PUBLIC_ADDRESS 2 describe PUBLIC_ADDRESS It was sent to a public email address. To give email sent to one of these addresses a higher score. The other test is slightly more complex and requires some fiddling: eval:public_check_references('[strict]') This will check a storage module for known message-ID's, the idea is: You send someone an email, your SMTP server logs the message-ID and the email you sent it from. We'll call this: Later on, someone responds to your email. If they are using a modern email client with a "Reply" function, it'll set this header: In-Reply-To: This is typically how a mail client does threading. eval:check_references() will then look at it's own storage module for if found, the test passes. Therefore, the public_check_references() is only useful to alert you of NON-SPAM. You would give the test a NEGATIVE value: The optional 'strict' parameter (if set) tells it to ALSO confirm the message ID is from the same email address. This is optional because it may not be possible/reliable to get the information from your mail system. The idea is to set public addresses to a higher value, but then take them down to a lower value if the second test passes. You might want to put instructions in your signature alerting the recipient of this fact. head REFERENCE_MINE eval:public_check_references('[strict]') score REFERENCE_MINE -2 describe REFERENCE_MINE Probably a response to one of my emails. Getting this to work is a little tricky, it needs the configuration value: public_store_module Set to a storage implementation, included is a flatfile based implementation and an SQL based one. The SQL based storage method needs these settings: public_sql_password The password to connect to the database. public_sql_username The username required to connect. public_sql_dsn The database DSN, (See perldoc DBI) Additionally, it needs a table: CREATE TABLE mid_history ( username varchar(100) NOT NULL default '', email varchar(200) NOT NULL default '', message_id varchar(127) NOT NULL, PRIMARY KEY (username,message_id) ) TYPE=MyISAM; Pretty much as the other SQL stuff works. perldoc PublicCheck::MidStoreSql shows you the settings to change the SQL. There is a FlatStore module, but it's usefulness is limited to testing. (Wouldn't want to scan a text file over and over for each email address, for each email) The catch here, is that you need to store all the outbound message ID's some place. I personally use an exim system filter, and scan the leading From_ line. I know there are probably better ways. Included is an insert_mid.pl script, which can be used as a crude filter for out-bound email, it needs a leading From_ line in order to detect the username. You should season it to taste. Haven't done it yet.. but there should be a way to get an NNTP server to store it's Message-ID's in a database. There are probably a few bugs... Copywright (C) 2005 Jamie Hoglund. You're free to use it, same as SpamAssassin. I'm always available for custom programming, see http://www.geniegate.com/ for contact information.