procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Whitelist entry for yahoo address letting through yahoo spam..

2004-06-26 22:07:04
from [Paul Chvostek] [Permanent Link] 
On Sat, Jun 26, 2004 at 12:57:39AM -0500, Jim Witte wrote:


:0 H
* hilary|\
larylark(_at_)yahoo(_dot_)com
{
 LOG="Whitelist - "
 :0
 $DEFAULT
}

  Aside from most likely including redundant or unneeded file locks, it 
is also letting through *anything* from the yahoo domain (and probably 
msn too).  Is there a reason it would do this, instead of allowing 
through only messages that matched the entire yahoo address above?


You should probably read up on how regular expressions work.

What's your intended behaviour?  You want to whitelist the addresses
hilary(_at_)yahoo(_dot_)com and larylark(_at_)yahoo(_dot_)com?  From what 
you've posted, you
are currently whitelisting any email with the word "hilary" anywhere in
the headers ... along with any email with "larylark(_at_)yahoo(_dot_)com" 
anywhere
in the headers.  I'll assume that "hilary(_at_)yahoo(_dot_)com" is supossed to 
be
whitelisted.

First off, the "H" flag is redundant.  The header is checked by default.
Second, if you want two left-hand-side address components, you need to  
wrap them in brackets.  Third, if you're trying to whitelist mail coming
FROM those addresses, you can say as much in the headers.  Fourth, 
remember that a "." matches *any* character, not just a dot.  So:

  NL="
  "
  :0
  * ^From:.*\/(hilary|larylark)@yahoo\.com
  {
    LOG="Whitelist: $MATCH$NL"
    :0
    $DEFAULT
  }

If $DEFAULT is not a Maildir, you'll need a trailing colon on the second
:0 in order to lock the mailbox.  Also, note that this merely *delivers*
the mail.  You've presumably got stuff somewhere after this recipe which
does whatever it is that the whitelist is supposed to protect against.

Personally, I take a different approach to a whitelist:

  :0 fhw:
  * ? test -s $HOME/.whitelist
  * ? formail -rxTo: | grep -qsiFf $HOME/.whitelist
  $DEFAULT

This looks for a .whitelist file in my home directory, then uses formail
to determine what the response address would be to the mail (thus
detecting Reply-To addresses).  It checks for that address in the
.whitelist file, case insensitive, looking at each line of the file as
an exact pattern match rather than a regular expression.  At this point,
all I do to whitelist an address is add it to my .whitelist file.

Note that the -q and -s options' behaviour may be different on your
operating system.

-- 
  Paul Chvostek                                             
<paul(_at_)it(_dot_)ca>
  Operations / Abuse / Whatever
  it.canada, hosting and development                   http://www.it.ca/


____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Procmail 4.0 WishList, Michael J Wise
Next by Date:  Re: Procmail 4.0 WishList, David W. Tamkin
Previous by Thread:  RE: Whitelist entry for yahoo address letting through yahoo spam.., Gary Funck
Next by Thread:  Re: Whitelist entry for yahoo address letting through yahoo spam.., David W. Tamkin
Indexes:  [Date] [Thread] [Top] [All Lists]