:0
* ^Comments:.*authenticated\ sender\ is
* !^X-Mailer:.*Pegasus
* !^Resent-To:
/dev/null
Don't forget to add
* !^Return-Path:.*owner-
in case the message is resent via a mailing list.
:0
* ^Message-ID.*<>
/dev/null
# This will allegedly trap invalid message ID's
:0
* !^Message-Id:[\t ]+<("[^"]+"|[^ <>@]+)@[^<>]*>$
/dev/null
You can probably combine these two recipes into a single one. Ron posted
a much better one that checks just about every aspect of RFC compliance
a while back. You can see it at
http://www.rosat.mpe-garching.mpg.de/mailing-lists/procmail/1998-03/msg00268.html
Otherwise, you'll be filtering some valid mail too (although \t doesn't equal a
tab, so you need to make that an actual tab character for this to work).
:0
* ^Subject:.*\$\$\$
/dev/null
:0
* ^Subject:.*are\ you\ being\ investigated
/dev/null
:0
* ^Subject:.*are\ you\ in\ need\ of\ a\ lifestyle
/dev/null
You could probably combine these for appearances sake:
:0
* ^Subject:[ ]+.*(\$\$\$|are you (being investigated|in need of a
lifestyle))
/dev/null
:0
* ^Received:.*ybecker\.net
/dev/null
:0
* ^Received:.*cust.*uu\.net
/dev/null
Again, you might want to combine these for manageability.
:0
* ^Received:.*(ybecker\.net|cust.*uu\.net)
/dev/null
# Trash phony POP3 UIDL headers
:0
* ^X-Uidl:
/dev/null
I don't know about you, but I also get some mail with UIDL headers in
them. Usually comes via forwarded messages. Adding a check would fix it:
* ! ^Resent-
I would also recommend trapping the messages somewhere and checking them
for content instead of sending them to /dev/null on the off chance that
one of your recipes does an incorrect match.
Has your spam gone down since you added these?
Chris