Eric Wood:
I need to somehow test to To:,CC:, BCC: for the existence of a bad
recipient or some kind of "user-slamming" technique.
The Bcc: header is normally not there, or is empty.
So if I have an email come in with:
To: eric(_at_)interplas(_dot_)com, erik(_at_)interplas(_dot_)com,
erika(_at_)interplas(_dot_)com,
tom(_at_)xyz(_dot_)com, tommy(_at_)xyc(_dot_)com
I need that message to fail because erik and erika doesn't exist, yet
the message gets through to me, eric.
That should be done that at the SMTP-level, where you can actually
reject the message.
If you do it later, the only proper way to make the message fail is to
discard it.
So I need some kind of loop to:
1. Eliminate all recipients except interplas.com people. So I end of
with eric, erik, and erika.
2. Test that all recipients belong in my $USERS list.
I don't consider that the right way to counter it.
DNSBL will take care of most of the unwanted messages.
You could set up a filter 'at the gate' (like in sendmail.cf) that
rejects all messages with more than 1 invalid user.
But OK, if you are not able to solve this at the SMTP-level, try
something like this:
:0:
*$ ! H_TOCC ?? (^|,|<)${RE_USERS}(_at_)interpals\(_dot_)com(>|,|$)
.IN.spam.not2us
The variable H_TOCC needs to be filled with the values of the To and Cc
header fields, so look in the archives for H_TOCC.
With google, I found
http://www.mhonarc.org/archive/html/procmail/2005-05/msg00125.html
which has a line
H_TOCC = "$H_TO$H_CC"
that I would change to
H_TOCC = "$H_TO,$H_CC"
Suggestion: read that whole thread, see links to the other messages at
the bottom; Bart mentions SmartList.
The variable RE_USERS should contain a regex with all the allowed
userids, for example:
RE_USERS = '(eric|johnx|johnz|pete)'
or lay it out like
RE_USERS = '(\
eric|\
johnx|\
johnz|\
pete|\
@)'
You could also fill that variable from a file, you can use sed to
transform a file with one userid per line into the regex.
Adjust LINEBUF if needed.
Oops, there is a bug in
http://www.xs4all.nl/~rvtol/procmail/basic/pm/H_vars.inc
because both H_ToCc and H_To_Cc are used.
--
Grtz, Ruud
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail