At 13:47 2001-12-15 +0500, Mahmood Iqbal Hashmi wrote:
Can I block one email address for one user please advice me and
what permission are necessary for .procmail directory and .procmailrc
file etc.
~/.forward and ~/.procmailrc should not be _writeable_ by anyone
other than owner, for certain obvious reasons. Procmail enforces this
through checking. 600 is the typical setting (and 400 is the minimal -
procmail only needs to READ the file), though as long as group and world
don't have write perms, you won't run into trouble (procmail will emit
"suspicious rcfile" to the mail log if it is the LDA and encounters a
.procmailrc that isn't secure - AND it won't use the rcfile either, acting
instead as a regular LDA). I don't _think_ ~/.forward actually has any
particular permissions enforced, though you should handle it in exactly the
same fashion. When procmail starts running on your ~/.procmailrc it is
running as YOU, even though invoked by a privledged MTA. ~/.forward should
be handled in a similar fashion, AFAICR.
~/.procmail directory should typically be read/write by owner
(600) (well, at runtime, only read should be necessary, unless this is also
where you are putting your log, or are running processes which modify files
there), 700 is a typical setting. Group and world need no perms in this
dir, though in any event, procmail isn't going to enforce anything on you,
since as per 'man procmailrc' (see the section on INCLUDERC), procmail
doesn't check or enforce permissions on includes (and everything in
.procmail, or whatever other directory you elect to use for included rc
files, is going to be INCLUDERC or SWITCHRC'd). There _are_ instances
where you want others to have read access, at least to individual files,
but when you reach the point of sharing stuff among users, you'll come to
that conclusion. Until then, just set them to owner-only access permissions.
:0
* ^From: tieedfdf(_at_)hotmail(_dot_)com
/dev/null
Basically, yes, this would be how you'd do it. However, there's probably
more "stuff" between the header and the address, not just a single space
character.
Try this instead:
:0:
* ^From:.*\<tieedfdf(_at_)hotmail(_dot_)com\>
twits.mbx
A few things to note about this one: it writes to a mailbox instead of
merely trashing it (which is a better thing to do if you're not sure of
things), and as a result also uses locking (the trailing ':' on the flags
line), which isn't necessary when writing to /dev/null. It also matches
for "whatever" text before the address (.*), and also looks for word
separators on either side of the email address (\< and \> are *NOT* escapes
for <>).
Something else to consider is if you have a mailbox with messages from this
chap, you can set up a SANDBOX and pipe the messages at it:
formail -s procmail -m sandbox.rc < savedmessages.mbx
(the sandbox should set up a default delivery to /dev/null, set the MAILDIR
to another directory away from your usual mailboxes, and include the recipe
above that you're trying to test).
See my .sig for more information about sandboxes.
You might consider reserving "!!" in subjects for exclamations to family
and friends, since it's so nice to use procmail to filter spam out when it
has multiple exclamations in the subject.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail