The sed/awk recipe below is excerpted from one that automatically updates
procmail filters from JD Falks list of cyberpromo/nancynet/llv domains.
For some reason, it inserts a ^M carriage return before the \> and I
can't figure out how it's getting there. Any ideas?
My idea (well, not mine, many people contributed to it) is bypass the
whole problem: instead of trying to convert a list of domains into a list
of recipes, just use the list as is:
# Known spam domains....
:0
* !^X-Loop: noloops_for_wwgrol(_at_)fw(_dot_)hac(_dot_)com
* ? formail -ISubject: | fgrep -i -f $SBDIR/llv.domains
{ INCLUDERC=$SBDIR/surespam.rc }
:0
* !^X-Loop: noloops_for_wwgrol(_at_)fw(_dot_)hac(_dot_)com
* ? formail -ISubject: | fgrep -i -f $SBDIR/cyberpromo.domains
{ INCLUDERC=$SBDIR/surespam.rc }
:0
* !^X-Loop: noloops_for_wwgrol(_at_)fw(_dot_)hac(_dot_)com
* ? formail -ISubject: | fgrep -i -f $SBDIR/nancynet.domains
{ INCLUDERC=$SBDIR/surespam.rc }
The INCLUDERC contains what you want to do for each message.
The first part of the condition is optional; it temporarily hides the
subject line from the second part. The second part alerts if any
remaining (i.e., non-subject) header contains any item from the list.
If you consider
Subject: Warning: cyberpromo is a spammer
to also be spam, change the condition to
* ? fgrep -i -f $SBDIR/nancynet.domains
Both approaches have been verified effective. A fringe benefit: after two
hits on this recipe (the action sends back a statement of _legal_
consequences to spamming) Sanford left my address alone for two weeks
straight.