On Fri, Nov 28, 2003 at 11:27:37PM +0700, Tim Rice wrote:
In your message dated Fri, 28 Nov 2003 16:49:11 +0100, Dallman said that ...
My point was that if "dman(_at_)aol(_dot_)com", for example, is in your
whitelist but a spammer pretends to be "goldman(_at_)aol(_dot_)com", it
will get through.
Ok, I understand now. I dont think it's possible to avoid this when
greping a text file is it?
Perhaps the way to avoid this is to list the addresses in the recipe
using word separators, if they work like this, that is.
* ^From:.*\<(tim(_at_)thaistuff\(_dot_)com \
joe(_at_)whatever\(_dot_)com \
sam(_at_)new\(_dot_)com \
me(_at_)etc\(_dot_)com)
Imo, the best way to avoid it is to whitelist entire strings
that you can check, if you are using grep, with the x flag or,
at worst, the w flag.
I have whitelists. I use a completely other algorithm,
however. I don't use grep at all:
* ? test -x "$GREEN/$RP"
That's my whitelist. (Okay, greenlist.) That is, filenames
under $GREEN/ are a hash.
$RP is the Return-Path:, captured earlier via MATCH.
It works excellently, is low-impact, and has many other advantages.
For example, last-access-time tells me when the person last wrote me!
Create-time tells me when the party first wrote me. If I wanted to,
I could write dots to the (currently empty) file to tell me how
many times the party wrote me.
I keep my own address(es) out of there, because spammers tend to try to
co-opt one's own (i.e., their victim's) address when they send their
crap.
I've been using this system for a year. I love it! Much better than
grep in my experience, and easier to manage. I have a Bourne script
that checks new candidates and adds an x-flag to them when I approve
them. The names expire automatically, via a cron job, after so many
days (I think I have it set to 90). I also have a second file-perms
flag I can set with my approval script to make the greenlisted address
permanent, rather than expiring automatically. I use that sometimes for
people that write me rarely.
If and when spammers screw with me and try to counterfeit my friends'
names -- which they have yet to do, and I get some serious amounts of
spam and have been targetted by spammers with vendettas -- I have a
secret Plan B augmentation system ready.
--
dman
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail