Eric Wood wrote:
Can someone help me with the syntax? I want internally sent mail to bypass
all procmail that is generated internally. Something like:
:0 H
* ^From*.mydomain.com
You probably want:
* ^From: .*mydomain.com
lest you match the From_ line or anything NOT specifically From:
* ^TO_*.mydomain.com
I'm almost positive someone will mention that:
* ^TO_mydomain.com
does the same more efficiently.
{
:0 H
if there's ONE and only ONE "^Received:" line in the header
{
ip_addr= "Received: from geolaw ([10.0.2.227])" // somehow strip
the ip that's in [] brackets
* ^Received: from geolaw \(\[\/.*\]\)
Will set $MATCH to the IP address in the square brackets.
if ip_addr= "10." or ip_addr= "192.168", then deliver
I use scoring procmail rules for situations like this to assign varying
levels of trust to headers I'm testing. The TO_ will probably match most
messages most of the time, so I don't think it adds much. Perhaps
Message-ID: instead? Something like (untested) should match on 3
criteria that should be present in any message sent from your domain
while not trusting any 1 completely:
:0
* -2^0
* 1^0 ^From: .*mydomain.com
* 2^0 ^Received: from geolaw \(\[\/.*\]\)
* 1^0 ^Message-ID: .*mydomain.com
{
$DEFAULT
}
The starting score is set to -2, then the presence of headers adds to
the score (procmail score, not SA!) and if it totals > 0, the rule matches.
The only problem is that the Received: header can vary if you change
mail servers. You might check out Tom Anderson's spamitarium to
normalize Received: headers. If your organization grows, you might have
more than one mail server eventually.
You could completely cheat and have your mailserver insert a
"fingerprint" header for mail you send. None of these will be 100%
bulletproof of course, but it would take a very determined (or lucky)
spammer to get through.
:0:
$DEFAULT
}
}
I know my procmail pseudo script is terrible but someone probably already
has this.
I'm no procmail wizard, but these bits work for me.
- Bob
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail