procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Recipe Suggestion

2007-09-29 04:10:38
from [CT Guy] [Permanent Link] 
Hi All,

I was wondering if you might take a look at this recipe that I have
crafted from different messages on this list.  I am still trying to
get my head around all the procmail flags etc.  Things seem to be
working, with the exception of the SpamAssassin section.  Spam with a
13 score (or whatever the number of stars I put in) is directed to a
folder named devnull (for testing at the moment, in the future it will
go to /dev/null).  The rest of the spam designated does not go into
the spam folder, it by passes and ends up in the Sites folder.  There
is a whole commented out section dealing with myspace mails/form
mails.  I am a technology teacher and need to do some monitoring of
myspace for my school.  Those emails aren't doing what they should be
doing either.

I'm interested in how to get this to be more efficient, if you think
the order of the recipe is right... and any (quite possibly) stupid
errors I made.  Any suggestions would be greatly appreciated.  I get
so many emails I need to get this to work to help me out.

Thanks in advance.

Jamie


# $Id: .procmailrc.anti-gifspam 2006-Nov-18 15:11 $

#  SHELLMETAS                    #  unset, for better error messages
  SHELL       = '/bin/sh'

  LINEBUF     = 4096
  LOGABSTRACT = 'all'
  MAILDIR     = '/home/mrhend/mail/domain.comhere/siteadmin'
  DEFAULT     = 'new'

# disable next line to get procmail's logging on stderr
  LOGFILE     = "$_.log"

  LOG         = '~
'

  GIFBOX                = '.gifbox/'      #  IMAP-oriented, see delivery
  DEVNULL               = '.devnull/'
  BLACKLIST             = '.spam/'
  DISABILITYCENTRAL     = '.disabilitycentral/'
  SITES                 = '.sites/'
  SPAMASSASSIN          = '.spam/'


#------------------------------------------------------------
# set some globals
#------------------------------------------------------------

  t = ' '                       #  only a TAB, like "\t"
  b = "[ $t]"                   #  [[:blank:]]
  n  = '
'                               #  only an LF, like "\n"

  a  = '[0-9A-Za-z]'            #  [[:alnum:]]
  a2 = "$a$a"    a3  = "$a2$a"
  a4 = "$a2$a2"  a6  = "$a4$a2"
  a8 = "$a4$a4"  a12 = "$a8$a4"

  x  = '[0-9A-Fa-f]'            #  [[:xdigit:]]
  x2 = "$x$x"    x3  = "$x2$x"
  x4 = "$x2$x2"  x6  = "$x4$x2"
  x8 = "$x4$x4"  x12 = "$x8$x4"


#------------------------------------------------------------
#  Dump Mail with Word Sexually
#------------------------------------------------------------

  :0
  * ^Subject: .*SEXUALLY.*
  /dev/null


#------------------------------------------------------------
#  Save All Raw Data to a Folder
#------------------------------------------------------------

  :0c
  .raw/


#------------------------------------------------------------
#  dump all blacklisted to addresses
#------------------------------------------------------------
#
#  :0
#  * ?       [ -s $HOME/.procmailrecipes/siteadmin/siteadmin-blacklist.txt ]
#  * ? fgrep -iqf $HOME/.procmailrecipes/siteadmin/siteadmin-blacklist.txt
#  /dev/null
#  .spam

#------------------------------------------------------------
#  collect some message parameters
#------------------------------------------------------------
  :0
  *  ^^(From |Return-Path: <)[^ @]+(_at_)\/[^ >]+
  { ENV_DOMAIN = $MATCH }       #  domain part of the Envelope-From

  :0
  * 1^1 ^Received:
  { } N_RCVD = $=               #  number of Received header fields

  :0
  * ^Received: from \/[^ ]+
  { R1_HOST = $MATCH }

  :0
  * ^Content-Type: multipart/related;.*\
           boundary=(\")?\/[^\"]+
  { H_CTB = $MATCH }  #  primary MIME boundary

  :0
  *  ^Message-ID:.*\/[^ <@]+(_at_)[^>]+
  { H_MID = $MATCH
    :0
    *  H_MID ?? ^^\/[^(_at_)]+
    {  MID1 = $MATCH }          #  volatile part of the Message-ID
    :0
    *  H_MID ?? @\/.+
    {  MID2 = $MATCH }          #  FQDN part of the Message-ID
  }
  LOG = "<${H_MID}> ${N_RCVD}$n"

#------------------------------------------------------------
#  catch gifspam
#------------------------------------------------------------
  :0

# if the number of Received header fields is 1 or 2
  *  N_RCVD ?? ^^(1|2)^^

# and it is a multipart message
  *  ^MIME-Version: 1\.0\
     ^Content-Type: multipart/

# and the MIME boundary matches some regex
  *$ H_CTB  ?? ^^----=_NextPart_000_${x4}_${x8}\.${a8}^^

  {
    :0

  # if the FQDN part of the Message-ID does not contain a dot
  # or ends in the domain part of the Envelope-From
    *$ MID2 ?? (^^[^.]+|$\ENV_DOMAIN)^^

  # and part of the message body matches some regex
    *$ B ?? ^--$\H_CTB\
            ^Content-Type: image/(gif|jpe?g|png);\
            ^${b}+name=\"[^\"]+\.(gif|jpg|png)\"\
           (^Content-Transfer-Encoding: base64)?\
           (^Content-Description:.*)?\
            ^Content-ID: <\
             (${a12}([$]|${a})${a8}([$]|${a})${a8}(_at_)$\MID2\
             |${a12}[$]${a8}[$]${a}+(_at_)${a}+\
             |[^ >(_dot_)(_at_)]+\(_dot_)(gif|jpg|png)@${x8}\.${a8}\
             )>$

  # then deliver
    ${GIFBOX}/

  #----------------------------------------------------------
  # Procmail stops at delivery, so only if the previous
  # recipe did not deliver, then processing continues here.
  #----------------------------------------------------------

    :0

  # if the FQDN part of the Message-ID is equal to the HELO
    *$ MID2 ?? ^^$\R1_HOST^^

  # and there are 10 (or more) gif-attachments
    * -9^0
    *$ 1^1 B ?? ^--$\H_CTB\
                ^Content-Type: image/(gif|jpe?g|png);\
                ^${b}+name=\"[0-9]+\.(gif|jpg|png)\"$

  # then deliver
    ${GIFBOX}/
  }

#------------------------------------------------------------
  :0

# if the number of Received header fields is 2 or 3
  *  N_RCVD ?? ^^(2|3)^^

# and the MIME boundary matches /[[:xdigit:]]+/
  *$ H_CTB  ?? ^^${x}+^^

# and the FQDN part of the Message-ID ends in the domain part
# of the Envelope-From
  *$ MID2   ?? ()$\ENV_DOMAIN^^

# and the From: header field has an unquoted name, followed
# by <user-part(_at_)domain-part-of-the-Envelope-From>
  *$ ^From: [^\"<]+ <[^(_at_)]+@$\ENV_DOMAIN>$

# and part of the message body matches some regex
  *$ B ?? ^--$\H_CTB\
          ^Content-Type: image/(gif|jpe?g|png);\
          ^${b}+name=\"[^\"]+\.(gif|jpg|png)\"\
         (^Content-Transfer-Encoding: base64)?\
         (^Content-Description:.*)?\
          ^Content-ID: <${x}+(_at_)$\ENV_DOMAIN>$

# then deliver
  ${GIFBOX}/

#------------------------------------------------------------
#  Spam Assassin Review and Toss
#------------------------------------------------------------

  :0 fw
  * < 256000
  | spamassassin

  :0
  * ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*
  $DEVNULL

  :0
  * ^X-Spam-Level: \*\*
  $SPAM


#------------------------------------------------------------
#  Send Newsletters to SiteAdmin/News
#------------------------------------------------------------
#
#  :0
#  * ?       [ -s $HOME/.procmailrecipes/siteadmin/siteadmin-newsletters.txt ]
#  * ? fgrep -iqf $HOME/.procmailrecipes/siteadmin/siteadmin-newsletters.txt
#  $NEWSLETTERS
#
#
#------------------------------------------------------------
#  Bounce FormMails/MySpace Out to Other Email Accounts
#------------------------------------------------------------
#
# MATCH   # clear the var
#  :0 fw hi
#  * ^Received:(_dot_)*myspace(_at_)sites\(_dot_)MYDOMAINHERE\(_dot_)com
#  * ^Subject:\/.*
#  | formail -i "Subject: [MYSPACE]$MATCH"
#
#  :0
#  ! richard(_at_)MYDOMAINHERE(_dot_)com
#
#  MATCH   # clear the var
#  :0 fw hi
#  * ^To:(_dot_)*myspace(_at_)sites\(_dot_)MYDOMAINHERE\(_dot_)com
#  * ^Subject:\/.*
#  | formail -i "Subject: [MYSPACE]$MATCH"
#
#  :0
#  ! richard(_at_)MYDOMAINHERE(_dot_)com
#
# MATCH   # clear the var
#  :0 fw hi
#  * ^Received:(_dot_)*form-mail(_at_)MYDOMAINHERE\(_dot_)com
#  * ^Subject:\/.*
#  | formail -i "Subject: [BOUNCED]$MATCH"
#
#  :0
#  ! name(_at_)SCHOOLDOMAINHERE(_dot_)org, 
richard(_at_)PERSONALDOMAINHERE(_dot_)net
#
#  MATCH   # clear the var
#  :0 fw hi
#  * ^To:(_dot_)*form-mail(_at_)MYDOMAINHERE\(_dot_)com
#  * ^Subject:\/.*
#  | formail -i "Subject: [BOUNCED]$MATCH"
#
#  :0
#  ! name(_at_)SCHOOLDOMAIN(_dot_)org, richard(_at_)PERSONALDOMAIN(_dot_)net
#
#
#------------------------------------------------------------
#  Move Good Sites Mail to Sites
#------------------------------------------------------------

  MATCH   # clear the var
  :0 fw hi
  * ^Received:(_dot_)*(_at_)sites\(_dot_)MYDOMAINHERE\(_dot_)com
  * ^Subject:\/.*
  | formail -i "Subject: [SITES]$MATCH"

  :0 A
  $SITES

  MATCH   # clear the var
  :0 fw hi
  * ^To:(_dot_)*(_at_)sites\(_dot_)DOMAINHERE\(_dot_)com
  * ^Subject:\/.*
  | formail -i "Subject: [SITES]$MATCH"

  :0 A
  $SITES


#------------------------------------------------------------
#  Move Good DC mail to DC Folder
#------------------------------------------------------------

 MATCH   # clear the var
  :0 fw hi
  * ^Received:(_dot_)*(_at_)disabilitycentral\(_dot_)com
  * ^Subject:\/.*
  | formail -i "Subject: [DC]$MATCH"

  :0 A
  $SITES

  MATCH   # clear the var
  :0 fw hi
  * ^To:(_dot_)*(_at_)disabilitycentral\(_dot_)org
  * ^Subject:\/.*
  | formail -i "Subject: [DC]$MATCH"

  :0 A
  $DISABILITYCENTRAL
____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Trouble with procmail., Dallman Ross
Next by Date:  Recipe not working, Tolga
Previous by Thread:  Using /dev/null on FBSD-6.2x, Jack Stone
Next by Thread:  RE: Recipe Suggestion, Dallman Ross
Indexes:  [Date] [Thread] [Top] [All Lists]