Mini tutorial: create anti-spam rules automatically

Lobby
1

So Zammad has this nifty little example macro “Close & Tag as Spam”. But what do we do with those tickets? Here is a solution that might work for you.

Disclaimer: please don’t use the below example in a production environment without fully understanding the details. No warranty. Use at your own risk!

1.) Create a user to access the REST API

First, we will create a user with the permission to only administrate the e-mail-settings.

  • Create role “Spam conductor”
  • Grant permission to “channel_email”
  • Add user “MC Spam”
  • Grant role “Spam conductor”

2.) Create webhook

Secondly, we will create a webhook, that is capable of creating e-mail-filters.

“New webhook”

image
image988×1205 45.8 KB

Replace the hostname with a valid URL of your instance. Use the e-mail-address/login of the previously created user.

http://localhost/api/v1/postmaster_filters.json

Custom payload:

{
  "name": "Spam Autorule for #{ticket.customer.email}",
  "channel": "email",
  "match": {
    "from": {
      "operator": "contains",
      "value": "#{ticket.customer.email}"
    }
  },
  "perform": {
    "x-zammad-ignore": {
      "value": true
    }
  },
  "note": "x",
  "active": true
}

3.) Create scheduler 1 of 2

Now we will create a scheduler, that creates the e-mail-filter using the webhook.

“New scheduler”

image
image1002×1273 60.6 KB

4.) Create scheduler 2 of 2

Now we will create another scheduler, that deletes the spam tickets after that.

“New scheduler”

image
image1000×1064 49.5 KB

Your spam tickets will be deleted after 3 weeks and email filters will ignore incoming mails from the same sender.

Please make sure to regularly check the e-mail filters and adjust your spam filter protection according to that. Having large amounts of e-mail-filters may have performance implications.

6 Likes
2

Isn’t it a better way to filter the spam before it reaches the zammad instance? This filter might only work, if the spammer uses the same email address each time spam is sended. But that is imho not the daily reality.

3

100% agree! This is not a replacement for spam filtering on the email server. Zammad email filters are not meant to handle that on a larger scale.

Further actions could be to regularly check the created email filters and adjust the server-side spam protection based on that. And remove the filters after that.

1 Like
4

The webhook is not called anymore, if in the same step the ticket is deleted. I will update the tutorial soon™️.

5

Would appreciate that update :slight_smile:

6

I updated the tutorial, so webhook and deletion are a two-step-process now.

I choose to simply add a new tag in the first scheduler, but be aware, if the second scheduler is not run for any reason, you might end up with two e-mail-filters for the same sender a week later.

This can be prevented with the expert mode by checking in the first scheduler, that the tag spam_filter_created is not present. The expert mode is not available for SaaS customers in the Starter and Professional tier, so I choose to not use it in this tutorial.