Debra Walker wrote:
Hello, everyone.
I just joined this list, and I began learning how to use procmail the
other day. I got the filtering FAQ, and downloaded copies of the man
pages. I ran the test and mailing list examples, and all went well.
Now, I would like to use procmail to trash (kill) and/or autobounce
unsolicited email. I have gotten three of these types of messages
this week, two of them apparently from Interramp and one from either
internet.com and/or gnn.com.
I got two from interramp today, prompting me to check out Usenet
to see if I had company. There were over 50 posts relating to
interramp.
I went through the suggested procedures
of forwarding such mail to postmasters and/or abuse.* and support.*.
However, I get the feeling that this is not enough. I would rather
not even see such email, when I download my messages.
According to what I read in news.admin.net-abuse.misc, interramp
is a known problem site.
According to all of the information that I have gathered, this seems
to be a common example of a recipe (?) to use:
:1
^From.*interramp.com
/dev/nul
More likely,
:0
^From.*interramp.com
/dev/null
(note 2 l's in null)
But if you want something more sophisticated, the following (untested
by me, but I may try it) was posted to news.admin.net-abuse.misc.
Cheers,
Stan.
------ begin included post ------
From lendl(_at_)cosy(_dot_)sbg(_dot_)ac(_dot_)at Sun May 26 01:01:14 EDT 1996
Article: 7534 of news.admin.net-abuse.misc
Path:
news-central.tiac.net!news-in.tiac.net!news.kei.com!newsfeed.internetmci.com!in2.uu.net!01-newsfeed.univie.ac.at!newsfeed.ACO.net!sbg.ac.at!not-for-mail
From: lendl(_at_)cosy(_dot_)sbg(_dot_)ac(_dot_)at (Otmar Lendl)
Newsgroups: news.admin.net-abuse.misc
Subject: Re: Unsolicited junk email from exd48265(_at_)interramp(_dot_)com
Date: 26 May 1996 01:40:36 GMT
Organization: Amalgamated Union of Philosophers, Sages, Luminaries and Other
Professional Thinking Persons
Lines: 61
Message-ID:
<4o8cqk$8ah(_at_)dwst13(_dot_)wst(_dot_)edvz(_dot_)sbg(_dot_)ac(_dot_)at>
References: <fbparker-2205961253440001(_at_)news>
<4nvo6d$4kt(_at_)sanjuan(_dot_)islandnet(_dot_)com>
<31a4d4a8(_dot_)3719119(_at_)news(_dot_)wwa(_dot_)com>
<4o2mrn$qh1(_at_)qualcomm(_dot_)com>
NNTP-Posting-Host: luchs.cosy.sbg.ac.at
Nathan Tenny <ntenny(_at_)qualcomm(_dot_)com> wrote:
Works for me. I have procmail set up to autobounce mail from several
sources, including interramp, with a basically polite message that says
"your site keeps being the source of email spam, so I'm not accepting
mail from it; here are some ideas on how to reach me in spite of the
autoresponder." Then there's a nasty message for individual email
spammers, and an experimental section that attempts to find and mark
the stuff I *do* want to read.
Just in case you're interested, my first take at a procmail rule
looks like this:
#
# Handle Junk E-Mail
#
:0 H
*
(^TO|^Received:|Reply-To:|From:).*(indirect\.com|netvoyage\.net|sprynet\.com|interramp\.com)
* !^X-Loop: lendl(_at_)cosy(_dot_)sbg(_dot_)ac(_dot_)at
* !^Subject: .*hotzenplotz
* !^FROM_DAEMON
{
#
# While testing, keep a log.
#
:0 c
junk-log
:0
| ($FORMAIL -brt -A"X-Loop: lendl(_at_)cosy(_dot_)sbg(_dot_)ac(_dot_)at"; \
echo "This is Otmar's autoresponder speaking." ;\
echo ""; \
echo "Your mail went through a system from which I have received" ;\
echo "unsolicited commercial e-mail in the past, and whose admins " ;\
echo "are apparently not able to stop that kind of net.abuse." ;\
echo ""; \
echo "Sorry, but this filter cannot determine whether *your* message";\
echo "does not fall into that category, but I won't take any chances," ;\
echo "so your message was D E L E T E D unread." ;\
echo ""; \
echo "In case your message was indeed a mass-mailing, please be advised"; \
echo "to G E T L O S T. "; \
echo ""; \
echo "If that's not the case, you can bypass this filter by adding " ;\
echo "the word >>hotzenplotz<< to the Subject: header." ;\
echo ""; \
echo "Or, even better, get an account somewhere else." ;\
echo ""; \
echo "otmar" ;\
echo "-- "; cat $HOME/.signature \
) | $SENDMAIL -oi -t
}
I think I'll rewrite if using scoring rules, but so far it was pretty
effective.
Share and Enjoy !
otmar
------ end included post ------