that was because I didn't explain the problem clearly enough
or they didnt understand. I like whole recipes and when ever
Sometimes the ideas proposed might not be so easy to turn into
algorithms. Or there might be so many ways to skin the cat,
that one hardly knows where to start or what the hidden requirements
are for what a party might have in mind.
These spammers who write a bunch of users, some of whom don't exist:
are you only interested in filtering on such things found in the To:
header? What about the Cc: header? What if the spammer uses
multiple Cc: headers, as they sometimes do? What if nobody's
in the To: header, but the envelope information (probably not
visible to procmail) contains all those names? What if the
To: header just says "undisclosed recipients;" (same case as
previous sentence, actually, just framed differently)?
Why do you think the plan is a useful way to filter, by the way?
I'm not saying it isn't, but it may take more work than what
easily might be more effective methods.
You could approach this problem -- assuming it's viable and
worth approaching, which I'm not completely persuaded of at
this stage, given some of the questions I asked above -- in
a variety of ways. For example, if there is only one recipient
in the message (on the To: line, with none on the Cc: line;
though it could be reversed, of course), then one only has
to see if that putative recipient exists. You realize, though,
that someone might have bcc'd one of your users, so that his
name won't be in the headers at all in the expected form,
but another name might still show up in the To:. Or no name
at all. Do you want to trash such mail? Are these your own
domains, so that you simply don't want to get mail, yourself,
to all those unlisted addresses? There are a lot of open
questions. I can tell you that if *I* got mail on your system,
I'd be upset to have mail trashed that might have been Bcc'd to
me.
How many users are on the system in question? The buffer issue
will arise if there are more than a few hundred, only. Otherwise,
it's not an issue.
Anyway, here's one way, though if I were going to do it, I'd
pre-filter so that I wasn't running all those pipes on every
mail that came into my system. This *seems* to work (but watch
out for "undisclosed recipients"!). I spent way too long on it,
though. Did I say "way too long"? I meant "way, way, way too long."
:0 wh
SUSPECTS=| egrep -i '^(To|Cc):' | xargs | fmt -1 \
| gsed '/@yourdom\.com/!d; s/@.*/|\\/;
s/^[^a-z0-9_*%#?.-]*//I' \
| sort -uf
SUSPECTS="(${SUSPECTS}$LOGNAME)"
:0
* ! ? fgrep -wi "$SUSPECTS" /etc/passwd
{ HOST = byebye }
--
"Weltbedenkend, ortlich lenkend!"
-- Original von W. Dallman Ross
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail