On Tue, 26 May 1998 22:20:28 -0500, "Tom Betz" <tbetz(_at_)pobox(_dot_)com>
wrote:
For example, occasionally, a mail bomb will come in and cause
/usr/local/bin/bash: fork: No more processes
situations. I presume that this is the result of available
memory being exhausted. I had one today that resulted in
a series of 200 of these being placed in my procmail log.
This failure results in the set created by
ALTDNSDOM=`cat $HOME/.procmail/altdnsdom | tr '\012' '|'`
being empty, which results in <...>
registering a false match on every message.
I have three questions.
1) Is there any way I can disable my .procmailrc temporarily in
the event of 'fork: No more processes' problems?
I believe Procmail should ideally be capable of doing this itself.
As the error message you quote indicates, the error isn't detected by
Procmail, but by Bash. I can only speculate as to whether this is
something that could be fixed by using /bin/sh instead of Bash, or
disabling some internal constraint in Bash (help ulimit comes to
mind; my bash reports a limit of 256 user processes but I'm not sure
if that's per Bash session or per user. I'm sure it must be in the
manual though :-).
2) Is there a way that I can identify "empty set" situations
so that false matches caused by them can be avoided?
:0
* ALTDNSDOM ?? ^^^^
{ EXITCODE=75 HOST } # bail out (or whatever else you want to do here)
2) Does someone have a real good mailbomb-protection recipe
^
(You mean I get to answer the same question again? :-)
I can call at the top of the .procmailrc that will handle
such situations quickly and efficiently, preferably storing
the messages in a file until I can review them later, so that
Depends a bit on the nature of your mail bombs. I don't get a lot of
them but I've generally been lucky enough to mostly receive ones that
were either huge or not from a known correspondent, in which case
everything after the third goes to my off-quota holding area. The
latter recipe is probably not good enough to be widely shown but
contact me in private if you really think you want it (perhaps as a
starting point for something better). And of course, the size
constraint is easy enough:
:0
* > 100000
scratch/bomb
Hope this helps,
/* era */
--
Paparazzi of the Net: No matter what you do to protect your privacy,
they'll hunt you down and spam you. <http://www.iki.fi/~era/spam/>