From: MaD dUCK <madduck(_at_)madduck(_dot_)net>
initialize the scoring:
:0 c:
* 0^0
* 1^0 Subject.*password
* 1^0 Body.*password
passwords
That wasn't what was wrong. In fact, I just tested
a similar (but fixed) recipe with an uninitialized
score, and it worked. The implied initial score is
zero. (I use 3.11pre7 here.)
There are a couple of things wrong, with the recipe
even as you've altered it, though. One, the condition
line with (ignoring the scorin) "Body.*password"
is not useful procmail syntax for parsing the body.
A cursory review of "man procmailrc" will show - as
was reiterated on the list again only yesterday - that
"BH" flags are needed if one expects to egrep both the
headers and the body. Initializing the score is not
a bad idea, though not strictly required if we want
to accept a default of zero. But let's do it anyway,
for good form.
So now we have, to start,
:0 BHc:
* 0^0
All right. The "Subject.*password" will match a
Subject: header with the word "password" in it, that
much is true. (I have to presume that the original
poster didn't test that, but tested his body egrep
instead.) The trouble is that it will also match
a lot more. For example, there could be a header
called "X-Loop: Subjectively-Formed-Passwords-R-Us";
and that would be matched on. (it isn't a problem that
the word "password" was found among other strings,
so much, since the original search string did give a
lot of lattitude. The problem is more that we
probably want to restrict headers searched only to
actual Subject: headers.)
To restrict headers to Subject:, first, put in the
colon. Second, left-anchor the phrase by using a
caret. So now we have:
:0 BHc:
* 0^0
* 1^0 ^Subject:.*password
(We still might find the phrase "Subject: not about
passwords!" left-anchored in either the header area
*or* the body area; but let's not worry about that.
Much more dangerous would have been a body egrep that
would have been content to match on a non-anchored
occurrence of "subject" and "password" in the same line,
as, for example,
and my Aunt Matilda alway made the mistake of listening to
her sujective emotional state when trying to remember passwords.
At least this will stop that match!
Okay, now for the biggie: the body egrepping.
:0 BHc:
* 0^0
* 1^0 ^Subject:.*password
* 1^0 password
passwords
would work; but it would be both redundant and a return to
some of the problems hinted at above. Mainly, we now will
accept "password" in any header, which we probably didn't
want. Better is probably this:
:0 c:
* 0^0
* 1^0 ^Subject:.*password
* 1^0 B ?? password
passwords
which will at least limit a snag on the mere (unanchored, no less)
word to only the body, not the headers.
The original poster would do well to survey man procmailrc
and man procmailex (examples) in particular.
--
dman
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail