procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Using EXITCODE= to reject SPAM

1998-02-05 01:03:58
from [jari.aalto] [Permanent Link] 
Wed 98-02-04 Clint Olsen <olsenc(_at_)ichips(_dot_)intel(_dot_)com> 
list.procmail
| Please Cc 
| 
| I'm trying to use EXITCODE=67 to reject SPAM based on certain criteria.
| Unfortunately, it doesn't always work as expected, and I'm surprised it
| fails.  The most obvious case is where the Received: bears no resemblance
| to the From: header:

Please don't. This has been discussed in full why it's bad idea, mostly
because the recipient won't care.

    [See pm-tips.txt]
    2.3 UBE and bouncing message back

          Has anyone found that bouncing spam does any good at all?
    .... Nothing but a waste of my resources...[read more about this]


I have had 100% success rate during 4 months now when I got my Emacs
Gnus anti-ube tool ready. In case someone here uses Emacs,
it's in the package tinygnus.el. I let procmail detect UBE
and save them to folder and then routinely purge the folder by sending
complaint to all postmasters found in received headers (after vefifying 
each site with nslookup). Naturally I leave out top level Received headers.

It's satisfying to hear from posmaster that "this site has now been blocked".
(Drop by http://www.spam-archive.org/ where I also CC each piece of UBE
to get maximum audience to block the sites)

| is there some sort of check to make sure that the
| Received domain reasonably matches the From: domain?

That is not a reliable way. Eg. I purposively chage my From field by hand.
The site name does not occur in Received header. The suggested way is that you
do the check for selected domains only, like juno, compuserve, aol etc.

    wwgrol(_at_)sparc01(_dot_)fw(_dot_)hac(_dot_)com (W. Wesley Groleau x4923)

Was the father of this idea in a recent thread some months ago.
Instead of duplicating all the spam techniques again here, you can read about
them from the existing filters, see my pm-tips.txt page (take a glimpse
on X-info header), where I list many spam filters. Th mentioned From-Received
technique is found at least from pm-jaube.rc UBE filter, but I'm sure
it's included in Grogory's junkfilter and Catherine's spamboucher and in
many other recipes as well.

In easiest case, when you install existing filter, you just have to
put single statement in your .procmailrc and your spam shied is up:

    INCLUDERC = $PMSRC/some-shield-here.rc

jari
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: HELP: Looking for procmail spam filter resources, jari.aalto
Next by Date:  Re: Sites with PM How-To's???, jari.aalto
Previous by Thread:  Re: Using EXITCODE= to reject SPAM, Professional Software Engineering
Next by Thread:  Re: Using EXITCODE= to reject SPAM, Walter Dnes
Indexes:  [Date] [Thread] [Top] [All Lists]