Am 2005-04-29 07:50:29, schrieb Mr Duck:
The additional script simply creates procmail recipe lines, that
do the checking. These recipe lines are added to my procmailrc
automatically as the file to checked for changes and the like.
Michelle's suggestion is definitely more attractive, in that it
keeps your procmail file small. However, I want more information
in my procmail log file, which indicates why the message was
accepted (to track problems/bugs if they arise). My script
basically does this:
A sniplet of
__( '/home/michelle.konzack/log/tdmailblacklist.log' )________________
/
| Blacklist: 2004-12-29 09:23:52 =>
cnlawren(_at_)sunset(_dot_)backbone(_dot_)olemiss(_dot_)edu (at
sunset.backbone.olemiss.edu)
| Blacklist: 2004-12-29 18:13:25 =>
VirusCheckService(_at_)VirusGuardman(_dot_)com
| Blacklist: 2004-12-30 10:04:26 => MSN Hotmail
<msn_newsletters(_at_)hotmail(_dot_)com>
| Blacklist: 2004-12-30 10:25:11 => Christopher Lawrence
<cnlawren(_at_)sunset(_dot_)backbone(_dot_)olemiss(_dot_)edu>
| Blacklist: 2004-12-31 10:31:54 => Christopher Lawrence
<cnlawren(_at_)sunset(_dot_)backbone(_dot_)olemiss(_dot_)edu>
| Blacklist: 2005-01-02 18:11:59 => NAV for Microsoft Exchange-EMAIL
<NAVMSE-EMAIL(_at_)genialloyd(_dot_)it>
| Blacklist: 2005-01-02 18:13:45 => NAV for Microsoft Exchange-EMAIL
<NAVMSE-EMAIL(_at_)genialloyd(_dot_)it>
| Blacklist: 2005-01-03 13:53:17 =>
ssiadmin(_at_)dsaf(_dot_)pm(_dot_)gouv(_dot_)fr
| Blacklist: 2005-01-03 17:03:51 =>
ssiadmin(_at_)dsaf(_dot_)pm(_dot_)gouv(_dot_)fr
| Blacklist: 2005-01-04 10:52:35 => Christopher Lawrence
<cnlawren(_at_)sunset(_dot_)backbone(_dot_)olemiss(_dot_)edu>
| Blacklist: 2005-01-04 17:42:41 => contentfilter(_at_)harmanbecker(_dot_)com
| Blacklist: 2005-01-05 05:13:30 =>
scanmail-notification(_at_)basf-it-services(_dot_)com
| Blacklist: 2005-01-06 10:04:19 => Christopher Lawrence
<cnlawren(_at_)sunset(_dot_)backbone(_dot_)olemiss(_dot_)edu>
| Blacklist: 2005-01-06 19:33:17 => virusalert(_at_)virusalert(_dot_)it
| Blacklist: 2005-01-07 10:33:46 => Christopher Lawrence
<cnlawren(_at_)sunset(_dot_)backbone(_dot_)olemiss(_dot_)edu>
| Blacklist: 2005-01-07 14:43:13 =>
VirusCheckService(_at_)VirusGuardman(_dot_)com
| Blacklist: 2005-01-07 17:51:05 =>
MAILER-DAEMON(_at_)ketovo(_dot_)zaural(_dot_)ru
| Blacklist: 2005-01-08 10:43:21 => Christopher Lawrence
<cnlawren(_at_)sunset(_dot_)backbone(_dot_)olemiss(_dot_)edu>
| Blacklist: 2005-01-08 17:03:19 => Netflix <nobody(_at_)netflix(_dot_)com>
| Blacklist: 2005-01-09 14:42:13 => contentfilter(_at_)harmanbecker(_dot_)com
| Blacklist: 2005-01-09 15:12:16 => Antigen(_at_)jacobs(_dot_)com
| Blacklist: 2005-01-09 15:13:43 => Antigen(_at_)jacobs(_dot_)com
| Blacklist: 2005-01-13 14:32:17 => NAV for Microsoft Exchange-EMAIL
<NAVMSE-EMAIL(_at_)genialloyd(_dot_)it>
| Blacklist: 2005-01-14 18:32:26 => virusalert(_at_)virusalert(_dot_)it
| Blacklist: 2005-01-15 20:22:40 => <service(_dot_)client(_at_)noos(_dot_)fr>
| Blacklist: 2005-01-16 16:02:32 => <Rechnung-Online(_at_)t-com(_dot_)net>
| Blacklist: 2005-01-17 13:33:19 => "Polaris - Sysadmin"
<sysadmin(_at_)polarcom(_dot_)com>
| Blacklist: 2005-01-17 15:52:13 => cs(_at_)webideas(_dot_)com
| Blacklist: 2005-04-16 12:00:22 =>
MAILER-DAEMON(_at_)pima(_dot_)hostsharing(_dot_)net (Mail Delivery System)
| Blacklist: 2005-04-16 14:31:47 => "Service de messagerie"
<neti(_at_)hfp(_dot_)fr>
| Blacklist: 2005-04-19 22:15:46 => PriceMinister High Tech
<PriceMinister(_at_)priceletter(_dot_)com >
| Blacklist: 2005-04-20 09:30:33 => "Pubstv.com"
<sender(_at_)pubstv(_dot_)fagms(_dot_)net>
| Blacklist: 2005-04-20 22:00:33 => "Pubstv.com"
<sender(_at_)pubstv(_dot_)fagms(_dot_)net>
| Blacklist: 2005-04-21 07:46:55 => no-reply(_at_)chevrontexaco(_dot_)com
| Blacklist: 2005-04-26 20:45:34 => "Pubstv.com"
<sender(_at_)pubstv(_dot_)fagms(_dot_)net>
\______________________________________________________________________
or
__( '/home/michelle.konzack/log/tdmailbody.log' )_____________________
/
| 2005-02-21 05:30:21 : (www.kc-loan.net) °í¹Î³¡!¿ù0.9~1.7%±Ýž®·ÎÇØ°áÇÏ°í
ºÐÇÒ»óȯÇÏŒŒ¿ä
<snip tons of copies>
| 2005-02-22 20:22:51 : (www.up6.org) FW: FW: your private invitation N-22151nY
| 2005-02-23 20:52:35 : (jezforteesmee.com) Hey there u. Nearly all of these
Milfs want to be banged...,,veil disgustful
| 2005-02-23 20:53:14 : (jezforteesmee.com) Hey there u. Nearly all of these
Milfs want to be banged...,,veil disgustful
| 2005-02-23 23:52:37 : (www.kc-loan.net) ¢¿°áÁŠ¹×¿¬ÃŒÇØ°áÇÏ°í 36°³¿ùºÐÇÒ»óȯ
5õžž¿ø±îÁö
<snip tons of copies>
| 2005-02-25 14:00:23 : (www.rgeg546.com) Approved mortage rate
| 2005-02-26 14:55:38 : (www.kc-loan.net) ¡ÙÄ«~µå.±Ý.ž®ºžŽÙ œÑ 1%ŽëÀÌÀÚ·Î
ÃÖ°í5000žž¿ø±îÁö!
| 2005-02-26 15:05:12 : (This message was cancelled from within Mozilla)
[PHP-DB] cancel <4217882B(_dot_)7060706(_at_)centurytel(_dot_)net>
| 2005-02-26 15:44:15 : (www.rgeg546.com) Your account #780V7898
| 2005-02-26 15:56:25 : (www.rgeg546.com) Your account #780V7898
| 2005-02-27 18:49:04 : (jespanfor.com) Each of these Milfs want someone to
bang them,,...tweed senatorial
| 2005-02-27 20:17:00 : (anationpickle.com) fw: high cholesterol breakthrough
discovery - beryllium
| 2005-02-27 20:17:09 : (anationpickle.com) fw: high cholesterol breakthrough
discovery - hudson
| 2005-02-27 20:17:13 : (anationpickle.com) fw: high cholesterol breakthrough
discovery - pancake
| 2005-02-28 02:16:57 : (ntvvoodoo.com) Bug#11147: not answering calls anymore?
| 2005-02-28 02:17:00 : (ntvvoodoo.com) Bug#11147: not answering calls anymore?
| 2005-02-28 02:17:04 : (ntvvoodoo.com) Bug#165619: not answering calls anymore?
| 2005-02-28 02:17:10 : (ntvvoodoo.com) Bug#79037: i emailed you earlier
| 2005-02-28 02:17:13 : (ntvvoodoo.com) Bug#78961: i emailed you earlier
| 2005-02-28 02:18:06 : (ntvvoodoo.com) Bug#11147: not answering calls anymore?
| 2005-02-28 02:18:09 : (ntvvoodoo.com) Bug#165619: not answering calls anymore?
| 2005-02-28 05:01:33 : (yahoosotime.com) Cure for Erectile Dysfunction.
| 2005-02-28 20:44:51 : (jespanfor.com) Heya cutey ,. 0 Cost Lifeteime
Passwords ,. Real gangbangs . Backseat Suck and Fuck, and much more ,,
uproarious humanoid
| 2005-03-01 05:32:15 : (anationpickle.com) fw: high cholesterol breakthrough
discovery - ringlet
| 2005-03-01 05:32:26 : (anationpickle.com) fw: high cholesterol breakthrough
discovery - abstain
| 2005-03-01 05:33:03 : (anationpickle.com) fw: high cholesterol breakthrough
discovery - locomotory
| 2005-03-01 18:03:12 : (loramadam.com) Bug#128082: Meeting Time and Place of
Meeting
| 2005-03-01 18:03:15 : (loramadam.com) Bug#126753: Update Required
| 2005-03-01 18:03:18 : (loramadam.com) Bug#126077: Location is Required
| 2005-03-01 18:03:21 : (loramadam.com) Bug#123918: Request: Your Response to
email
| 2005-03-02 00:03:32 : (low-low-refis.com) Bug#131633: It doesn`t hurt to
check Deborah
| 2005-03-02 01:47:21 : (cloudylora.com) have we got a date
| 2005-03-02 17:17:27 : (cloudylora.com) Heyllooo,
| 2005-03-02 17:17:31 : (cloudylora.com) Heyllooo,
| 2005-03-02 17:17:44 : (cloudylora.com) Heyz,
| 2005-03-02 17:17:50 : (cloudylora.com) Heyz,
| 2005-03-02 17:17:58 : (cloudylora.com) Heyz,
| 2005-03-02 18:18:55 : (yahoosotime.com) Start shagging more frequently
<snip>
\______________________________________________________________________
or
__( '/home/michelle.konzack/log/tdmailsubject.log' )__________________
/
| 2005-02-20 22:40:22 : (about Money) Testmessage "About Money"
| 2005-02-21 08:30:22 : (Mail Delivery) Mail delivery failed: returning message
to sender
| 2005-02-21 10:11:29 : (for your business) Urgent Request for your Business
Co-operatipon!
| 2005-02-21 18:32:29 : (PLEASE READ) SoBeFOTO Has Received Your Email - PLEASE
READ MESSAGE
| 2005-02-22 04:11:30 : (out of the office) [squid-users] Thomas Werner is out
of the office.
| 2005-02-22 04:22:07 : (Rolex) Pamela prefers Rolex, Cartier and Breitling
| 2005-02-22 04:22:14 : (Rolex) Pamela prefers Rolex, Cartier and Breitling
| 2005-02-22 13:22:15 : (out of the office) [squid-users] Thomas Werner is out
of the office.
| 2005-02-22 14:00:26 : (WINNING) WINNING NOTIFICATION.
| 2005-02-22 18:00:27 : (Business Venture) SOLICITING FOR BUSINESS VENTURE
| 2005-02-22 20:21:59 : (for your business) Urgent Request for your Business
Co-operation!
| 2005-02-23 03:13:15 : (cum) Hey good lookin. These Married chicks want
someone to hold them,,..cummings therell
| 2005-02-23 03:13:28 : (cum) Hey good lookin. These Married chicks want
someone to hold them,,..cummings therell
| 2005-02-24 04:51:57 : (Rolex) Grand Theft Rolex
| 2005-02-24 12:20:23 : (YOU HAVE WON) CONGRATULATION YOU HAVE WON
| 2005-02-24 13:44:55 : (Réponse automatique d'absence du bureau) Réponse
automatique d'absence du bureau : List
| 2005-02-24 14:00:23 : (WINNING) WINNING NOTIFICATION!!!!!!!!!!!!!!!!
| 2005-02-24 18:12:25 : (Risposta Automatica) Risposta automatica da
hcoppia(_at_)email(_dot_)it
| 2005-02-24 22:32:04 : (lowest prices) Bug#187218: lowest prices on your
medications Elias
| 2005-02-24 22:32:06 : (lowest prices) Bug#131065: lowest prices on your
medications Fern
| 2005-02-24 22:33:02 : (lowest prices) Bug#187218: lowest prices on your
medications Elias
| 2005-02-24 23:40:22 : (CONGRATULATIONS) Big Congratulations!!
| 2005-02-25 01:52:32 : (Drug) New Drug store Earnestine
| 2005-02-25 01:52:48 : (Drug) New Drug store Jacqueline
| 2005-02-26 15:53:55 : (We offer) Notification: We offer the lowest rates
| 2005-02-26 19:12:26 : (i need you) I NEED YOUR QUICK RESPONSE SIR.
| 2005-02-26 19:12:56 : (i need you) I NEED YOUR QUICK RESPONSE SIR.
| 2005-02-27 06:21:38 : (has invited you) [squid-users] squid, Kashif Ali
Bukhari has invited you to open a Google mail account
| 2005-02-27 07:00:22 : (Rolex) Re: Italian Rolex Order. [islamic]
| 2005-02-27 19:46:45 : (lowest prices) Bug#181170: lowest prices on your
medications Deanna
| 2005-02-27 19:46:51 : (pharm) Bug#152152: New pharm site new great prices
Shannon
| 2005-02-27 19:46:57 : (Drug) Bug#119753: New Drug store Jean
| 2005-02-28 03:31:46 : (your sex life) Ready to boost your sex life? Positive?
- gfhr
| 2005-02-28 03:31:55 : (meds shipping) discount meds shipping world wide - shcx
| 2005-02-28 13:00:25 : (CONGRATULATIONS) CONGRATULATIONS YOU HAVE WON WON
$500,000:00!!!
| 2005-02-28 15:15:25 : (FINAL NOTIFICATION) FINAL NOTIFICATION/AWARD WINNER.
| 2005-02-28 21:01:30 : (LOTTERY) CONGRATULATION!!! YOU WON A MICROSOFT LOTTERY
<snip>
| 2005-04-29 04:45:39 : (Penis) New Penis Enlargement Patches!
| 2005-04-29 12:15:35 : (Penis) Buyer beware - Penis patches!...nitric
| 2005-04-29 12:30:35 : (Penis) Penis Growth Extreme...filter
| 2005-04-29 12:45:40 : (WINNING) WINNING NOTIFICATION !!!
| 2005-04-29 12:45:43 : (Penis) No more penis enlarge ripoffs!...fowl
| 2005-04-29 12:45:48 : (WINNING) WINNING NOTIFICATION !!!
| 2005-04-29 13:15:38 : (Business Proposal) Private Business Proposal
\______________________________________________________________________
So you can see in the "( )" the reason why it was filtered...
Do not ask, how BIG are my LOGFILES...
I get per day between 100 (weekend) and 8000 (workingday) SPAMs.
* creates groups of 10 keywords
* creates a unique 6-char hex hash of group
* builds procmail recipe which:
. checks for existence of any keyword in group
. if exist:
* header item containing hex hash is added to email
* LOG file entry with hex hash is written
* email is delivered
It makes my rc file ugly as all get out, but the perk, for me, is
that if an email makes it through that I think shouldn't have, all
I need is the hex hash from the email or LOG file, and can quickly
identify why it was accepted, and then tweak the keywords as needed.
Not the most elegant solution, but it works. (=
:-)
Fortunatly they are many possibilities under Linux.
procmail-recipes, BASH, perl, tcl, python...
Greetings
Michelle
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail