procmail
[Top] [All Lists]

Re: How to find who spam was sent to?

2003-06-20 06:00:37
Marco:  Date: Thu, 19 Jun 2003 21:07:53 +0200
Marco:  From: M. Fioretti <m(_dot_)fioretti(_at_)inwind(_dot_)it>
Marco:  To: Procmail List <procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE>
Marco:  Subject: How to find who spam was sent to?
Marco:
Marco:  Hello,
Marco:
Marco:  As many others here I have a lot of different email addresses, for
Marco:  work, volunteer projects, friends, etc...
Marco:
Marco:  Predictably, I receive spam to almost all of them. I am not really
Marco:  sure if this is an (entirely) procmail question, but how do I build a
Marco:  table like this:
Marco:
Marco:  Address:                # of spam       Subjects
Marco:  address1(_at_)isp(_dot_)com     30              Some drugs
Marco:                                          Be bigger
Marco:                                          something else
Marco:  address2(_at_)isp(_dot_)com     2               Get rich
Marco:
Marco:  address3(_at_)anotherisp(_dot_)com       10             etc etc
Marco:
Marco:
Marco:  Basically, I want to understand how much of the spam comes from
Marco:  harvesting mailing list posts, how much from some ISP employee
Marco:  reselling addresses, etc...
Marco:
Marco:  I said "hey, 3 minutes of Perl hacking to massage PROCMAIL.log and I'm
Marco:  done, but I found in it no "Delivered to ..." line to build the first
Marco:  column above.
Marco:
Marco:  I use bogofilter to put spam in its own folder. My .procmailrc also
Marco:  has:
Marco:
Marco:  LOGABSTRACT = "all"
Marco:  VERBOSE     = "on"
Marco:
Marco:  How do I get the missing info? Is something for procmail, or should I
Marco:  do it in fetchmail, or with an altogether different approach?
Marco:
Marco:     TIA,
Marco:          Marco Fioretti
Marco:



Different approach.  I use a combination of procmail, cron and PERL.


* I use procmail to filter the spam to a folder using timestamps.

* I have a PERL script read through the headers and capture the FROM
  RECEIVED and RETURN-PATH.  Then it ships off the original spam
  back to postmaster(_at_)offending-domain(_dot_)com, 
abuse(_at_)offending-domain(_dot_)com and
  uce(_at_)ftc(_dot_)gov

* I have a cron job that calls the PERL script every 30 minutes


HTH


 Scott Birl
 Senior Systems Administrator            Computer Services   Temple University
====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*====*

_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>