I've had a number of users at my ISP ask for help getting procmail
installed. Some of them are too Unix-phobic to risk it, but a lot
of them are relatively capable Unix users who just needed some help
getting up and running, and who don't have a lot of time. So I wrote
this for several of those.
Then it occurred to me it might be useful to users on other systems.
So I expanded it a bit, and am posting it here for comments. Have I
made any major mistakes/boners in this document, or missed some things
that would be helpful for a neophyte to know?
Thanks for your feedback! :)
Catherine
=-=-=-=-=-=-=-=-=-=
GETTING STARTED WITH PROCMAIL
Version 0.1b Beta
by Catherine A. Hampton <ariel(_at_)tempest(_dot_)boxmail(_dot_)com>
This is a quick tutorial intended to get a procmail neophyte started
using procmail with as little trouble and fuss as possible. It's an
expanded and modified version of something I posted to an internal
newsgroup for my ISP, after yet another user who didn't know procmail,
but needed to learn how to use it so he could filter out spam from his
mailbox, asked for help.
Please note -- this is =not= a tutorial on writing procmail recipes.
It is just a beginning recipe and installation instructions which should
work for most people on most systems. It is particularly designed for
useres who want to install the Spam Bouncer and/or other Procmail-based
spam filters.
Those who want to learn how to write Procmail recipes of their own
and customize their filters to their own needs should:
1) Read the procmail man page, by typing "man procmail" from your
shell prompt.
2) Read the procmail examples page, by typing "man procmailex" from
your shell prompt.
3) Join the Procmail mailing list, by sending email to
procmail-request(_at_)Informatik(_dot_)RWTH-Aachen(_dot_)DE, with anything
in the
Subject: line, and a body that reads "subscribe".
First, to set up Procmail you will need to do some work while telnetted
into your shell account. If you do not ever telnet into a shell account
and have no idea how to use Unix or a command line, you are probably
better off not using Procmail, or getting someone else to set it up for
you. In my description below I assume you know these things:
1) How to access your shell account through telnet or rlogin.
2) How to list the contents of a directory.
3) How to copy and delete files from your shell account.
4) How to create a new directory, or remove an old directory.
5) How to use a shell-based text editor (like vi, pico, emacs, or
jove) to create, modify and save text files.
Included in this document is a good basic .procmailrc which will:
* Set the appropriate variables
* Nuke duplicate messages (messages with the same Message ID)
* Create a backup cache of messages so that, if anything goes
wrong, you always have the last 100 or so messages you
received
* Filter out Mailer_Daemon, root and system administrator
mail into a folder of its own
* Filter out mailing list mail into a "Bulk Mail" folder
* Filter the remaining mail for spam, either deleting it or
putting it into a separate folder, as you prefer
* Deliver the filtered personal mail to your inbox, where you
can read it with Eudora or a POP program, or on shell with
elm or pine
Before you start customizing the attached recipe, you need to do these
things:
1) Make sure you have a directory named "Mail" off of your home
directory on your shell account. If you don't, create it.
2) Create a directory named "backup" off of your Mail directory.
Now, save this message to a text file named "procmailrc" (no . before
it yet) in your home directory. (You might also want to print out a copy
of this to refer to, while you work.) Then, delete everything before and
after the =-=-=-= lines from procmailrc, including the =-=-=-= lines.
After you've deleted the extra stuff, look at the variables at the
top of the file. If your account is at Best Internet, I recommend
leaving everything but the last three strictly alone. If it is on
another system, talk with your system administrator to verify what
these settings should be. (Anything after a # sign is a comment, and
the comments should help your system administrator know what to do.)
If you prefer to save the Spam Bouncer filters in a location different
than a directory called "shared" off of your home directory, change the
SBDIR variable to point to the directory you prefer. If you prefer to
delete known spam, change the SPAMFOLDER variable to /dev/null.
I DO NOT recommend setting BLOCKFOLDER to /dev/null, since that is for
mail which is probably spam, but not certainly so. If you use Eudora or
a POP program to read mail, you might want to set BLOCKFOLDER to $DEFAULT,
in effect turning off that part of the Spam Bouncer, and then use whatever
filtering is available in your POP mail program to catch the stuff.
Or (and I think this makes more sense), just leave it as it is,
and check the folder "block.incoming" using elm or pine on your shell
account every few days, just to be sure nothing is getting caught
by mistake. (It doesn't happen often.)
=-=-=-=-=-=-=-=-=-=
# Set your variables
SHELL=/bin/ksh #Shell used to run procmail. If you are not on
#Best Internet, be sure this points to your
#system's copy of ksh. DO NOT substitute a
#different shell unless you really know UNIX
PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin
#Path for your programs -- this is probably best
#left alone.
MAILDIR=$HOME/Mail #you'd better make sure this directory exists
DEFAULT=$HOME/inbox #default incoming mailbox for shell2-5 users
#on Best Internet. Substitute the correct
#setting for your system.
LOGFILE=$MAILDIR/log #recommended
SENDMAIL=/usr/sbin/sendmail #useful for autoreply recipes. If you are
#not on Best Internet, modify this to point
#to your system's copy of sendmail.
FORMAIL=/usr/local/bin/formail #also useful for autoreply recipes. If you
#are not on Best Internet, modify this to
#your system's copy of formail.
LINEBUF=16384 #Needed to keep Procmail from choking on large
#lists of spam sites. :(
SBDIR=$HOME/shared #Directory where Spam Bouncer files are located
BLOCKFOLDER=$MAILDIR/block.incoming #for suspicious mail, but possibly not spam
SPAMFOLDER=$MAILDIR/spam.incoming #change this to SPAMFOLDER=/dev/null
#to delete spam entirely
# Nuke duplicate messages
:0 Wh: msgid.lock
| $FORMAIL -D 8192 msgid.cache
# Create a backup cache of 100 most recent messages in case of mistakes
:0 c
backup
:0 ic
| cd backup && rm -f dummy `ls -t msg.* | sed -e 1,100d`
# Regenerate "From" lines to make sure they are valid
:0 fhw
| formail -I "From " -a "From "
# Send mailer daemon mail to its own folder
:0:
* ^(FROM_MAILER|\
From.*[^0-9A-Za-z]abuse@|\
From.*[^0-9a-zA-Z]spam@)
admin.incoming
# MAILING LISTS
# Filter out mail from all mailing lists you are on =before= spam
# filtering. I included two I subscribe to and recommend highly, but
# your list will doubtless be different. Just duplicate the recipe
# for each mailing list you are on, and put the correct address for
# the list in the condition statement. (The "* ^TO" part.) If you
# read mail on shell, you may find it easier to deliver this mail
# to separate folders, especially for busy lists. I do. :)
# List Mom mail (GREAT list for mailing list managers)
:0
* ^TOlistmom-talk(_at_)skyweyr(_dot_)com
bulk.incoming
# Procmail list (Wonderful for new Procmail users!)
:0
* ^TOprocmail(_at_)Informatik(_dot_)RWTH-Aachen(_dot_)DE
bulk.incoming
# Call the Spam Bouncer (lite version) to filter remaining mail for spam.
INCLUDERC=$SBDIR/splite.rc
# Sort out mail that really is to you from mail Bcc'd to you, or mail
# which doesn't have any of your email addresses on the To: or Cc: line.
# (Best Internet users -- I recommend =NOT= putting your
# login(_at_)shellx(_dot_)best(_dot_)com,
login(_at_)nntp?(_dot_)best(_dot_)com, or
login(_at_)shell#(_dot_)ba(_dot_)best(_dot_)com
# addresses in here if you post to Usenet from shell, since they appear in
# those posts, and spammers tend to collect them. :()
#
# This does =wonders= in keeping spam from appearing in your personal
# mail. :)
#
:0
* ^(To:|Cc:).*(login(_at_)best\(_dot_)com|\ #Substitute your main Best
email address
(_dot_)*(_at_)customdomain\(_dot_)com|\ #Substitute your custom
domain
login(_at_)otherdomain\(_dot_)net) #Substitute any other account
you have
$DEFAULT
# Deliver email which passed spam filtering, but which wasn't sent to
# a recognizable personal email address of yours, to your "bulk mail"
# folder, for reading on a less-urgent basis.
:0
bulk.incoming
=-=-=-=-=-=-=-=-=-=
When you are finished setting up procmailrc as you like it, type
"mv procmailrc .procmailrc".
Next, BEFORE YOU INSTALL EITHER VERSION OF THE SPAM BOUNCER, read
the WWW page at:
http://www.best.com/~ariel/nospam
When you have read it, unless you are a Best Internet user and have an
account on shell3, your next step should be to create a directory off of
your home directory called "shared" or whatever you set up as your SBDIR
in your .procmailrc file. Retrieve the file "sblite.rc" from the Spam
Bouncer page, and save it in your shared directory. You don't need to
customize it.
If you are on shell3, you can do that, or you can issue this command
while logged into your shell account and in your home directory:
ln -s shared ~ariel/shared
This will create a symbolic link from my shared subdirectory, which
contains the latest tested version of the Spam Bouncer, to a subdirectory
off of your home directory, called "shared". The advantage to doing
this is -- I update the Spam Bouncer on an average three to five times
a week with new spam sites. This way, you'll always be using the
latest version.
(If someone with an account on shell2, shell4, or shell5 would like to
make the Spam Bouncer available to everyone on those machines and will
take on the responsibility of keeping it up to date, email me and we'll
make arrangements. :))
Finally, you will need to create an appropriate .forward file in your
home directory to forward your mail to Procmail for filtering. If you
have an account at Best Internet, this is the .forward you need to use:
"|IFS=' '&&exec /usr/local/bin/procmail -f-||exit 75 #login"
You need to type that exactly as shown, including the quote marks on
either end. BE SURE TO SUBSTITUTE YOUR LOGIN NAME for "login".
If you are not at Best Internet, check with your system administrator
or another, more experienced procmail user on your system. Depending
on your system and on which version of Procmail you are running, the
proper syntax for .forward can vary quite a bit, so please don't just
assume this will work.
Once you create the .forward, you are up and running with procmail,
and have the Spam Bouncer installed to filter your mail for spam. If
you are at Best or one of many sites which now block mail from Cyberpromo
and other egregious spam sites, the filter should catch any spam from
these sites which is missed because the spammer forged the headers
and sent his spam through (or "bounced it off") someone else's
SMTP server. :/
Depending on how you set up your variables, this setup will create
the following files:
* In your home directory, it will create a standard inbox file
containing spam-filtered personal mail, which can be retrieved
as usual using Eudora, Pegasus Mail, Netscape, Internet Explorer,
or on shell using elm or pine. (In some cases, this file may be
in a system mail directory rather than your home directory.)
* In your Mail directory, it will create an admin.incoming file
which contains any bounces from Mailer Daemons (automated programs),
mail from root, from admin, from sysadmin, and from abuse. You
can read this mail on shell, using elm or pine to retrieve this
folder. If you prefer to read it in your POP mail reader, you
can change the folder "admin.incoming" to "$DEFAULT".
* In your Mail directory, it will create a bulk.incoming file of
mail from mailing lists and mail which was sent using a blind
carbon copy or mailing list, in which none of your personal
email addresses appears. You can read this mail on shell, or in
your POP mail reader by changing all instances of "bulk.incoming"
to "$DEFAULT".
* In your Mail directory, it will create a block.incoming file of
mail which the Spam Bouncer trapped using pattern matching, but
which did not come from a known spam source and which might
possibly be legitimate. You can read this mail on shell, or
in your POP mail reader by changing your BLOCKFOLDER variable to
"$DEFAULT".
* In your Mail directory, unless you set SPAMFOLDER to /dev/null, it
will create a folder called "spam.incoming", with known spam
messages. If you want to make a point of learning how to analyze
spam and complain about it, you should not set SPAMFOLDER to /dev/null.
If you just don't want to be bothered, set SPAMFOLDER to /dev/null.
* In your Mail directory, it will create a file named "log" with a
record of all mail you received, who it was From:, the Subject:
and what Procmail did with it.
* In your Mail/backup directory, it will maintain copies of the last
100 emails you received, just in case something goes wrong and
you need to retrieve your mail. Ask for help if something
goes wrong. :)
Let me know if this is helpful, or if some part of the explanation isn't
clear, and I'll fix the bugs and credit those who helped. :) I would
also like to get the following information from users on other systems
with shell access and procmail:
1) Location of users' incoming mailboxes.
2) Locations of ksh, sendmail, and formail on your system.
3) Version of Procmail running on your system. (You can get this by
typing "procmail -v" from your shell command line.)
4) Correct syntax for .forward file to invoke Procmail on your system.
In later versions of this document I will include this information to
help users, and system administrators who would rather not be bothered
with routine questions all the time. ;>
Thank you!
--
Catherine Hampton <ariel(_at_)tempest(_dot_)boxmail(_dot_)com>