MostlyHarmlessnj <mostlyharmlessnj(_at_)comcast(_dot_)net> wrote:
This is going to sound really dumb but....
:-)
I have procmail making backup copies of e-mail which it is placing in
a directory. Each mail becomes a file with a name of msg.xxxx which
is good as the e-mail is there!
Now that I have a backup of them, how do I make use of the backups?
What can I do with these files?
Is there a program I can use that will let me parse the files, find
Well, I use grep, and sometimes sed, myself.
certain ones and reinject them back into postfix? Or then deliver
them to a mailbox?
formail, which is part of the procmail package, is the perfect tool
for that. Here are a couple of examples to get you going -- though
I highly recommend a trip through the formail main pages.
In this exercise, I will go to the directory where I keep my last 100
spam messages. I will then look for Nigeria-scam spam and send any I
find to the U.S. Treasury Department for their prosecutorial efforts.
(The Treasury Dept. has previously stated a desire to collect these,
and I have certainly complied -- to the tune of about 25 a week, I
think. Son of a bitch if one didn't just come in in my incoming
spam^H^H^H^Hmail just as I was typing that last sentence! Good.)
-------------- annotated typescript of shell activity follows ------------
2:59pm [~/Mail] 315[0]> cd .myspam/
2:59pm [~/Mail/.myspam] 316[0]> ls | wc -l
100
[That is, there are 100 messages in this directory.]
2:59pm [~/Mail/.myspam] 317[0]> grep -i nigeria *
[Struck out. They're using a variant of the scam but not naming that country.]
2:59pm [~/Mail/.myspam] 318[1]> grep -iw sum *
msg.M5iJ:your bank account the sum of US $10,000,000(ten million Dollars)
msg.M5iJ:nominated account the above sum and diamonds. This transaction
msg.O5iJ:your bank account the sum of US $10,000,000(ten million Dollars)
msg.O5iJ:nominated account the above sum and diamonds. This transaction
[There we go -- two messages at the moment.]
2:59pm [~/Mail/.myspam] 319[0]> grep -iwl sum *
msg.M5iJ
msg.O5iJ
[Using grep flags to print out just the filenames for the susupect messages.]
2:59pm [~/Mail/.myspam] 320[0]> which nigeria
/net/u/1/d/dman/bin/nigeria
[That's a Bourne script of mine to send Nigeria-scam mail to the feds.]
DING! [~/Mail/.myspam] 321[0]> cat `!!`
cat `which nigeria`
#! /bin/sh
# shut off Berkeley Mail's default call to ~/.mailrc
MAILRC=/dev/null; export MAILRC
myarg="${1:-nigeria}"
target="${2:-/var/tmp/.dman}"
formail -s \
Mail -v -s "No exposure here; for your records"
419(_dot_)fcd(_at_)usss(_dot_)treas(_dot_)gov < $myarg
mkdir -pm 700 $target | exit $?
mv -f $myarg $target
# ver. 2.2; 1 Nov 02
[Feel free to use my script, I hope with attribution, if you like it.]
3:00pm [~/Mail/.myspam] 322[0]> cat `grep -iwl sum *` > nigeria
[Put the individual messages in one file, because my script expects one file.]
3:02pm [~/Mail/.myspam] 323[0]> frm nigeria
MPETI L.KABILA (Jnr) PLEASE KINDLY GET BACK TO ME
MPETI L.KABILA (Jnr) PLEASE KINDLY GET BACK TO ME
[Double-check to make sure they're really in there.]
3:02pm [~/Mail/.myspam] 324[0]> nigeria
[I've deleted the verbose output from sendmail.]
Okay, lesson over. :) Sorry for going way off-topic for the procmail list.
--
dman
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail