At 16:50 2002-05-19 +0100, Peter A. J. Pilgrim did say:
I am using the last known version of `spambouncer'
That's a descriptive version number. Perhaps you have a release number
and/or date? You do realize that spambouncer isn't maintained by the
procmail list - it's someone elses' package which they used procmail to
facilitate?
I assume the original mail is stored upstream, but how do
I get to it.
Are you fetching email via POP or somesuch protocol instead of from a local
mailspool? Perhaps the spams are remaining in your inbox, as some are wont
to do if your mail client is a lousy mail client (don't take that to be a
commentary about the efficiency of web browsers as mail clients though).
Also I know a little `regexp' so I hack around the
`sb-blacklist.rc' to manually kill off a domains such as
[snip]
Those regexps are too vague.
consider:
smok.com.ru (no leading anchor)
ok.com.ruskie.net ('s' isn't a dot, so it matches)
(for this one, that might be a stretch, but as you add other hosts, what if
you had net.com or something?)
Why not:
* 1100^1 ok\.com\.ru($|[^-a-zA-Z0-9_.])
This is basically a slightly modified '\>', intended to match word breaks,
but with dot and dash added (and for the heck of it, ^ is omitted since we
know it to be not at the beginning of line).
BTW, within a character class [], dot doesn't need to be escaped.
That solves the trailing end anchor, but you still need a leading anchor -
basically the same, but the dot is valid (dot within a hostname)
(^|$|[^-a-zA-Z0-9_]) would do ya there.
Why the 1100 value and the 1 exponent? I take it you leeched these from
someplace. If you want to match and deal with it immediatley (which, since
there is no negative value shown in the recipe, I'd assume you'd really
want to do -- the alternative is that perhaps you want to see in the logs
how frequently some hostname appears), use 9876543210^0, and it won't
bother to check for the other hostnames the instant it does match (and with
a 0 exponent, won't bother to look for multiple occurrences of any one
hostname either). Perhaps there is a significance to the 1100^1 specific
to spambouncer, but it isn't apparent in the rule hack you provided.
Oh, and you list ok.com.ru twice. Why? If you checked your filters for
validity, seems like that oddity should have lept out at you.
The example rule you provided is missing the flags line which is ABSOLUTELY
NECESSARY for the filter to do anything. Without it, your logfile (and you
are using VERBOSE=ON to help diagnose your problem, right?) will end up
showing a lot of "Skipped..."). Please review your logfile.
Let me say it again: please review your logfile.
{
:0 f
| ${FORMAIL} -A"X-SBRule: spamhaus.org domain"
But it does not seem to work.
No surprise there -- it'd have something to do with the several errors in
it. You should review your logfile for error messages that procmail should
be belting out for you left and right. Besides the flags before the
conditions, you omit the closing brace around the above as well (though
there's no reason to put the filter within a brace to begin
with). Rewritten, your rule becomes:
:0f
*
(^|$|[^-a-zA-Z0-9_])(ok\.com\.ru|uole\.com|cjb\.net|jacceshomepage\.com)($|[^-a-zA-Z0-9_.])
|$FORMAIL -A"X-SBRule: spamhaus.org domain"
The condition is all on one line. Note also that we're not using scoring -
if there's a match, there's a match, and that's the end of it. If you
wanted each host out on a separate line, just maintain the same delimiters
on either end, and prefix it with the maximal match value given above.
Any help appreciated from fellow Mozilla 1.0 rc1 and spambouncer users
I use neither, can't help.
[snip - please do something about the sig, it's HUGE]
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail