procmail
[Top] [All Lists]

RE: Recipe help - forged spam issue

1998-12-15 16:04:46

Era,

Thanks for the information.  I almost have this implemented.
However I have run into one problem.  When the strings:
INTERNATIONAL DRIVER'S LICENSE or UNIVERSITY DEGREE PROGRAMS
appear in the subject of the message and not the body I do not 
get a match and therefore no auto-reply.

Here is how I have it listed in my test .procmailrc file
after the backup section:

# forged spam complaint auto-responder
:0BHD #grep  body and headers, D means case sensitivity
* INTERNATIONAL DRIVERS'S LICENSE|UNIVERSITY DEGREE PROGRAMS
{
   :0hc
   * !^FROM_DAEMON
   * !^X-Loop: 010006(_at_)mot(_dot_)com
   | (formail -rt -A "X-Loop: 010006(_at_)mot(_dot_)com" \
         -I "Precedence: junk" ; \
      cat $MAILDIR/forgeresponse.txt ) | $SENDMAIL $SENDMAILFLAGS -t

   :0:
   postmaster-spam-complaint
}


-

Regards,

Carlos F. Sotero
Enterprise Messaging
602-446-5246 

-----Original Message-----
From: era eriksson [mailto:era(_at_)iki(_dot_)fi]
Sent: Thursday, December 10, 1998 2:14 AM
To: Carlos Sotero-O10006
Cc: procmail(_at_)informatik(_dot_)rwth-aachen(_dot_)de
Subject: Re: Recipe help - forged spam issue


On Wed, 9 Dec 1998 15:20:14 -0700 ,
Sotero Carlos-O10006 <Carlos(_dot_)Sotero(_at_)motorola(_dot_)com> wrote:
Can anyone help me with a recipe that would allow me to
auto reply with some reliability to forged spam complaints
such as the two listed below?  Also what can you do to prevent
looping conditions when implementing auto-replies?
Base it off the phrases "INTERNATIONAL DRIVER'S LICENSE" and
"UNIVERSITY DEGREE PROGRAMS" since the spammer is changing the
forged from address on a regular basis?

Quick and dirty:

    :0BHD # grep body and headers, D means case sensitively (take it out if
not)
    * INTERNATIONAL DRIVER'S LICENSE|UNIVERSITY DEGREE PROGRAMS
    {
        :0hc
        * ! ^FROM_DAEMON
        * ! ^X-Loop: you(_at_)your\(_dot_)address\(_dot_)net
        | ( formail -rt -A "X-Loop: you(_at_)your(_dot_)address(_dot_)net" \
                -I "Precedence: junk" ; \
            cat response.txt ) | $SENDMAIL $SENDMAILFLAGS -t

        :0:
        postmaster-spam-complaint
    }

This will generate an autoresponse and save the matched message to a
separate folder, called postmaster-spam-complaint. It will require you
to write a file called response.txt in the user's MAILDIR (or give cat
an explicit pathname). I suggest you mention in the file that you will
be reading all complaints (if you will; I hope you will) and what
measures you are taking against the spammer. A pointer to some spam
FAQs might be a good idea, too.

For a more sophisticated autoresponse, you might want to use something
to generate a ticket number or something, and/or make sure you only
send a limited number of replies to the same address. The
procmailrc(5) manual page has explicit instructions for the latter.

The X-Loop header is what hopefully prevents mail loops. The
^FROM_DAEMON condition prevents replies to "daemons" (see the manual
page for the exact regular expression Procmail uses to determine this).

Hope this helps,

/* era */

Some good general links:
  <http://www.tezcat.com/~gbyshenk/ive.been.spammed.html>
  <http://www.stopspam.org/email/headers/headers.html>

-- 
.obBotBait: It shouldn't even matter whether    <http://www.iki.fi/~era/>
I am a resident of the state of Washington.
<http://members.xoom.com/procmail/>

<Prev in Thread] Current Thread [Next in Thread>