Hi All,
I am test-piloting the gif spam recipe that was posted to the list a
week or two ago. As I have said in the past, I am a procmail newbie
and I am really trying to understand the programming that is behind
what procmail recipes do. Here is my question.
I am using the revised/cleaned-up/commented version of the gif recipe.
I am trying to integrate a couple of things into the procmail recipe
that I have used in my current recipe. First off, here is the error
message I am receiving in the log.
~<006c01c70b0b$95f44d30$b001a8c0(_at_)jamiedesktop> 3
From personal(_at_)address(_dot_)net Sat Nov 18 07:17:56 2006
Subject: Testing20
Folder: (/usr/bin/formail -rtb -IPrecedence: junk -IFrom: EOSgrad.co 1317
/bin/sh: (/usr/bin/formail: No such file or directory
Here is the portion of the recipe in question:
:0 Hh
* ^TOsally(_at_)testdrop(_dot_)teamhendricks(_dot_)com
* !^FROM_DAEMON
* !^X-Loop: sally(_at_)testdrop(_dot_)teamhendricks(_dot_)com
| ($FORMAIL -rtb -I"Precedence: junk" \
-I"From: EOSgrad.com Autoresponder
<sally(_at_)testdrop(_dot_)teamhendricks(_dot_)com>" \
-A"X-Loop: sally(_at_)testdrop(_dot_)teamhendricks(_dot_)com"; \
cat $HOME/.procmailrecipes/testdrop/AUTOmembership.txt \
) | $SENDMAIL -oi -t
$AUTORESPOND
Three questions...
#1 I --do-- have formail on my server. When I do a whereis, the
formail comes up at /usr/bin/formail. I put a variable (is that what
you call it?) at the top of the recipe that says: FORMAIL =
'/usr/bin/formail' I have also tried putting in (in the above portion
of the recipe without the variable at the top of the recipie) just
formmail or /usr/bin/formail. The error log says that there isn't
such a file and stops.
#2 I have the $AUTORESPOND variable at the bottom of that portion of
the recipe. At the top of the recipe near the GIFSPAM I set an
autorespond directory with my mail account. How do I get the email
that triggers the autoresponse to drop to the autorespond directory.
#3 If you see anything I should fix/clean-up that is unrelated to the
above 2 questions, could you let me know? It helps my learning
process.
I have attached the entire recipe below if you need further
information. I have gotten rid of my addresses. Thanks for your
help, in advance. Jamie
# $Id: .procmailrc.anti-gifspam 2006-Nov-10 10:55 $
SHELLMETAS # unset, for better error messages
SHELL = '/bin/sh'
LINEBUF = 4096
LOGABSTRACT = 'all'
MAILDIR = '/home/usernamehere/mail/domain.com/zzztestdrop-r'
DEFAULT = 'new'
SENDMAIL = '/usr/sbin/sendmail'
FORMAIL = '/usr/bin/formail'
# disable next line to get procmail's logging on stderr
LOGFILE = "$_.log"
LOG = '~'
GIFBOX = '.suspect' # IMAP-oriented, see delivery
CERTAINLYSPAM = '.certainly-spam/new'
AUTORESPOND = '.autorespond'
#------------------------------------------------------------
# set some globals
#------------------------------------------------------------
t = ' ' # only a TAB, like "\t"
b = "[ $t]" # [[:blank:]]
n = '
' # only an LF, like "\n"
a = '[0-9A-Za-z]' # [[:alnum:]]
a2 = "$a$a" a3 = "$a2$a"
a4 = "$a2$a2" a6 = "$a4$a2"
a8 = "$a4$a4" a12 = "$a8$a4"
x = '[0-9A-Fa-f]' # [[:xdigit:]]
x2 = "$x$x" x3 = "$x2$x"
x4 = "$x2$x2" x6 = "$x4$x2"
x8 = "$x4$x4" x12 = "$x8$x4"
#------------------------------------------------------------
# collect some message parameters
#------------------------------------------------------------
:0
* ^^(From |Return-Path: <)[^ @]+(_at_)\/[^ >]+
{ ENV_DOMAIN = $MATCH } # domain part of the Envelope-From
:0
* 1^1 ^Received:
{ } N_RCVD = $= # number of Received header fields
:0
* ^Received: from \/[^ ]+
{ R1_HOST = $MATCH }
:0
* ^Content-Type: multipart/related;.*\
boundary=(\")?\/[^\"]+
{ H_CTB = $MATCH } # primary MIME boundary
:0
* ^Message-ID:.*\/[^ <@]+(_at_)[^>]+
{ H_MID = $MATCH
:0
* H_MID ?? ^^\/[^(_at_)]+
{ MID1 = $MATCH } # volatile part of the Message-ID
:0
* H_MID ?? @\/.+
{ MID2 = $MATCH } # FQDN part of the Message-ID
}
LOG = "<${H_MID}> ${N_RCVD}$n"
#------------------------------------------------------------
# dump all blacklisted to addresses
#------------------------------------------------------------
:0
* ? [ -s $HOME/.procmailrecipes/testdrop/testdrop-blacklist.txt ]
* ? fgrep -iqf $HOME/.procmailrecipes/testdrop/testdrop-blacklist.txt
$CERTAINLYSPAM
#------------------------------------------------------------
# catch gifspam
#------------------------------------------------------------
:0
# if the number of Received header fields is 1 or 2
* N_RCVD ?? ^^(1|2)^^
# and it is a multipart message
* ^MIME-Version: 1\.0\
^Content-Type: multipart/
# and the MIME boundary matches some regex
*$ H_CTB ?? ^^----=_NextPart_000_${x4}_$x8\.$a8^^
{
:0
# if the FQDN part of the Message-ID does not contain a dot
# or ends in the domain part of the Envelope-From
*$ MID2 ?? (^^[^.]+|$\ENV_DOMAIN)^^
# and part of the message body matches some regex
*$ B ?? ^--$\H_CTB\
^Content-Type: image/gif;\
^$b+name=\"[^\"]+\.gif\"\
(^Content-Transfer-Encoding: base64)?\
^Content-ID: <\
($x12[$]$x8[$]$a8(_at_)$\MID2\
|$a12[$]$a8[$]$a+(_at_)$a+\
|[^ >(_dot_)(_at_)]+\(_dot_)gif@$x8\.$a8\
)>$
# then deliver
$GIFBOX/
#----------------------------------------------------------
# Procmail stops at delivery, so only if the previous
# recipe did not deliver, then processing continues here.
#----------------------------------------------------------
:0
# if the FQDN part of the Message-ID is equal to the HELO
*$ MID2 ?? ^^$\R1_HOST^^
# and there are 10 (or more) gif-attachments
* -9^0
*$ 1^1 B ?? ^--$\H_CTB\
^Content-Type: image/gif;\
^$b+name=\"[0-9]+\.gif\"$
# then deliver
$GIFBOX/
}
#------------------------------------------------------------
:0
# if the number of Received header fields is 2 or 3
* N_RCVD ?? ^^(2|3)^^
# and the MIME boundary matches /[[:xdigit:]]+/
*$ H_CTB ?? ^^$x+^^
# and the FQDN part of the Message-ID ends in the domain part
# of the Envelope-From
*$ MID2 ?? ()$\ENV_DOMAIN^^
# and the From: header field has an unquoted name, followed
# by <user-part(_at_)domain-part-of-the-Envelope-From>
*$ ^From: [^\"<]+ <[^(_at_)]+@$\ENV_DOMAIN>$
# and part of the message body matches some regex
*$ B ?? ^--$\H_CTB\
^Content-Type: image/gif;\
^$b+name=\"[^\"]+\.gif\"\
(^Content-Transfer-Encoding: base64)?\
^Content-ID: <$x+(_at_)$\ENV_DOMAIN>$
# then deliver
$GIFBOX
#------------------------------------------------------------
#
#
:0 Hh
* ^TOsally(_at_)testdrop(_dot_)teamhendricks(_dot_)com
* !^FROM_DAEMON
* !^X-Loop: sally(_at_)testdrop(_dot_)teamhendricks(_dot_)com
| ($FORMAIL -rtb -I"Precedence: junk" \
-I"From: xxx.com Autoresponder
<sally(_at_)testdrop(_dot_)teamhendricks(_dot_)com>" \
-A"X-Loop: sally(_at_)testdrop(_dot_)teamhendricks(_dot_)com"; \
cat $HOME/.procmailrecipes/testdrop/AUTOmembership.txt \
) | $SENDMAIL -oi -t
$AUTORESPOND
#
#:0 Hh
#* ^TOmemberships(_at_)xxx(_dot_)com
#* !^FROM_DAEMON
#* !^X-Loop: memberships(_at_)xxx(_dot_)com
# | (formail -rtb -I"Precedence: junk" \
# -I"From: xxx.com Autoresponder <autoresponder(_at_)xxx(_dot_)com>" \
# -A"X-Loop: membership(_at_)xxx(_dot_)com"; \
# cat $HOME/.procmailrecipes/eosgrad/AUTOmembership.txt \
# ) | $SENDMAIL -oi -t
#
#:0 Hh
#* ^TObian(_at_)xxx(_dot_)com
#* !^FROM_DAEMON
#* !^X-Loop: bian(_at_)xxx(_dot_)com
# | (formail -rtb -I"Precedence: junk" \
# -I"From: xxx.com Autoresponder <autoresponder(_at_)xxx(_dot_)com>" \
# -A"X-Loop: membership(_at_)xxx(_dot_)com"; \
# cat $HOME/.procmailrecipes/eosgrad/AUTObiannualoff.txt \
# ) | $SENDMAIL -oi -t
#
#
:0:
* ^TO_(_dot_)troubleform(_at_)xxx\(_dot_)com
$DEFAULT
:0 fw
* < 256000
| spamassassin
:0:
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*
.almost-certainly-spam/new
:0 A:
$DEFAULT
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail