procmail
[Top] [All Lists]

Re: Wrong To: addr

2001-05-03 11:02:27
"Ashley M. Kirchner" wrote:
    Our domain is pcraft.com, and the To: field has bellatlantic.net in
it.  How can I refuse these emails?  Or should I?  

You can bit-bucket them like this:

    :0
    * ! ^TO_.*@([-.a-z0-9]*\.)?pcraft\.com\>
    /dev/null

But you really shouldn't.  Take a look at these headers:

    From: "Ashley M. Kirchner" <ashley(_at_)pcraft(_dot_)com>
    Organization: Photo Craft Laboratories, Inc.
    X-Mailer: Mozilla 4.77 [en] (Win98; U)
    X-Accept-Language: en
    MIME-Version: 1.0
    To: Procmail Mailing List <procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE>
    Subject: Wrong To: addr

There is no pcraft.com in "To:" or "cc:" or...  There's also no
"hp.com" there although that's my domain name.

                                                     Would this cause
problems for mailing lists that send out email with a To: field of the
list address, as opposed to the actual user address?  

Absolutely.  Well, it would cause problems for you if you subscribe to
one of these lists and expect to receive mail from it.  If you're
talking about a global procmailrc file, your whole domain would be
unable to receive mailing-list mail!

                                                        If so, is there
any other way of filtering out these types of spam and still allowing
for lists to come through with no problem?

I have a list of known good senders, which I access like this:

    :0 hWc: list.known.good.swp
    | formail -rtzxto: | grep -if list.known.good > /dev/null

    :0 a
    $DEFAULT

As far as mailing lists, if I know which list I want to keep, I can
use something like:

    :0
    * ^list-id:.*procmail
    * ^X-beenthere: *procmail
    * ^Sender: *procmail-
    procmail/.

    :0:
    * ^TO_procmail(_at_)lists
    procmail/.

That lets the list in.  After that, I have a rule that looks something 
like this...

    :0 H
    * ^TOcollin@
    {
    #       LOG="rule 20, any ^TO$NL"

            :0:
            $DEFAULT
    }

    # Rule 21: If we get here, it's spam.

    VERBOSE=n LOGFILE=$NormalLog
    LOG="rule 21, catch-all$NL"
    :0
    spam/.

I review the $NormalLog daily (there's a cron script that mails it to
me, actually) so I can dredge up false positives.  

-- 
Neither I nor my employer will accept any liability for any problems
or consequential loss caused by relying on this information.  Sorry.
Collin Park                         Not a statement of my employer.

    "That's like saying it's OK to set fire to a
     crowded theater, so long as you don't yell 'FIRE!'"  -RF 2001-04-09
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>
  • Wrong To: addr, Ashley M. Kirchner
    • Re: Wrong To: addr, Collin Park <=