OK folks, this is NOT the perfect SPAM filter you have been looking for.
All it does it check the return address, takes the domain, and
tries to verify that it exists using 'nslookup'
YES! I realize there are dozens of reasons why this isn't perfect,
complete, or anything else.
This does ONE thing. It _reports_ if the domain was not able to be
verified. You can change it to do something with that knowledge.
It checks a file called "~/.procmail/GoodDomains.txt" for a list of
domains.
I've commented on it before.
# this is a directory where I keep my procmail stuff
PROCDIR=$HOME/.procmail
# get the return address
SENDER=`formail -rtzxTo:`
# get the domain of the return address
DOMAIN=`echo $SENDER | sed 's/.*\@//g'`
# here is a list of good domains
GOODLIST=$PROCDIR/GoodDomains.txt
:0c
* ! ? grep -sw "^$DOMAIN" $GOODLIST # this domain is NOT in the list
{
# run nslookup, check for the "Name:" line and
# take the last argument
ISREAL=`/usr/etc/nslookup $DOMAIN|grep "Name: " |\
awk '{print $NF}'`
# if $ISREAL = "" then we know it wasn't verified
:0
* $ ! ${ISREAL+!} ${ISREAL:+!}
|/bin/echo "Domain $DOMAIN could not be verified" \
>/dev/console
# if we got to this point, add "$DOMAIN" to the
# list so we have it next time
:0E
|(/bin/echo "$DOMAIN" >> $GOODLIST)
}
I offer this for suggestions and recommendations on it.
I realize (as I've said) there are holes. I see this as part of a
larger INCLUDERC for SPAM/UCE.
TjL
--
Tj Luoma (luomat(_at_)peak(_dot_)org)
http://www.next.peak.org/~luomat
Awaiting Apple's NeXTStep