On Wed, 9 Dec 1998 11:30:41 -0800 (PST), Peter Jay Salzman
<psalzman(_at_)landau(_dot_)ucdavis(_dot_)edu> wrote:
hello other procmail users
i'm a beginner procmail user and have a couple of questions.
this is from my rc.spam file:
# These people are to be deleted offhand
:0:
*^Received:.*asahi|^Received.*bitstream.com
| ${FORMAIL} -rkf \
-I "X-Mailer: Spam Complaint"\
-I "From: Peter Jay Salzman"\
-i "Subject: Your message has been deleted"\
| $SENDMAIL -t -oi
1- this recipe will probably grow quite large. is there a way to hold
known spammers in a separate file? does someone have a file like this?
Yes, there are [at least] three different methods you can use.
1. Use a preprocessor to construct your Procmail rc file from a
template and a list of spammers. This is very much recommended
if you can invest the time in building the preprocessor in the
first place. For a person who knows awk or Perl, this should be a
matter of minutes or even seconds. If you know how to use
Makefiles, they can be useful too.
(The preprocessor doesn't have to construct the whole .procmailrc
file, of course; you can manage your main .procmailrc "by hand"
and let the preprocessor build a separate file which you call up
using the INCLUDERC= mechanism.)
2. Use an external program like fgrep to look for patterns in an
external file. This is slightly expensive but probably the most
popular solution. Procmail sort of makes you think along these
lines, which is probably one of the reasons this is a popular
alternative. It's also very flexible -- one of the reasons
Procmail is so powerful is the way you can integrate external
commands to get precisely the sort of behavior you require.
That means the following is just a bare-bones skeleton you can
modify to taste:
:0
* ? fgrep -wsqi spammers.txt
| your-action-here
The options to fgrep are somewhat specific to GNU fgrep. Use
different options if they make sense. Notice that this is a very
big hammer -- we are feeding +all+ the headers to fgrep and
considering any match (the -w flag is supposed to restrict it to
[fgrep's idea of] "words" but it's still a bit broad and thus
prone to mismatches. See the list archives for better solutions).
3. Have Procmail construct the recipe on the fly each time. This is
probably even more expensive and there are a couple of tricky
conditions you have to look out for. This is the solution I
recommend the least and will therefore not cover any further.
2- is there a way of writing something like "an email from <FOO(_at_)BAR> was
deleted off hand" when this recipe gets run?
Writing where? It's certainly easy to get a log entry generated. See
the LOG pseudovariable in the documentation for details.
3- most likely the reply will go to a bogus address. is there a way of of
cc'ing it to:
1- the postmaster of the host listed in From:
2- the postmaster of the host listed in the first Received:
(which is probably the right person to send it to).
Yes, but I'd recommend against this. Complain by hand and don't
autorespond to spam at all.
# legitimate mail, we'll leave a back door open. Any email with a subject
# of "spam error" will be accepted. also, we want to keep any email that
# originates from ucd.
:0:
* ^Subject.*spam error|^From.*ucdavis
$DEFAULT
4- would the prefered way of expressing this be
* ^(Subject.*spam error | ^From.*ucdavis)
No. If you mean,
* ^(Subject.*spam error|From.*ucdavis)
then that has the same effect as the first one, but I don't see that
it would matter much which you use. You might want to tighten up those
regular expressions a little bit, though:
* ^Subject:(.*\<)?spam error\>|^From [^ @]+@([^
(_dot_)(_at_)]\(_dot_))*ucdavis[^.> ]
As a general rule, you should be rather specific about what contexts
you accept your matches in.
much thanks. if anyone has some really neat spam filters, i'd love to see
what other people are doing with this wonderful program.
This brings up another important point. There are oodles of good
Procmail spam filters out there. You might not want to play with your
own at all if you are not specifically interested in Procmail itself.
<http://www.iki.fi/~era/procmail/links.html> lists a good number of
them.
Hope this helps,
/* era */
--
.obBotBait: It shouldn't even matter whether <http://www.iki.fi/~era/>
I am a resident of the state of Washington. <http://members.xoom.com/procmail/>