At 18:03 2009-05-18 -0700, Alex Rodriguez wrote:
A while ago I implemented a simple rule to flag those messages which their
destination matched their supposed sender; just a simple but effective
recipe to take care of those spam messages pretending to be sent from the
user that it is receiving it.
Snippet of each user s .procmailrc file
EACH? This is something you're implementing on a server for other users?
If you're doing this for all (or a predictable subset) of your users, you
could accomplish it within the global procmailrc file. Nominally, you
could have a text file mapping usernames to public email addresses, and
grep the username to get the string to check for in the From: header.
Here's an example of how to use a group membership as a method of opting in
or out of a globally-managed feature (this doesn't allow the USER to toggle
their own state, but it's an easy way to centrally manage it):
# if user is a member of the webmail group, do something.
:0
* ? groups $LOGNAME | grep -q \\\<webmail\\\>
{
# do something here.
}
######################################
#Send message from "myself" to /dev/null
:0:
* ^From:.*<email-address-here>$
/dev/null
There are times where this is entirely valid - I'll send myself "reminders"
from time to time.
You could check to see if it was originated on an authorized mail server
for the domain (I would assume it is your mailhost where the accounts are),
though some users may send messages from other servers from time to
time. The message-id field is a useful comparator here - in most cases,
locally originated messages will bear the local domain (or mailhost) on the
"domain portion" of the messageid. Forgeries tend not to.
# Accept all the rest to your default mailbox
:0:
${DEFAULT}
This needn't be expressly done at the bottom of the rcfile - it'll happen
automatically if you haven't delivered the message otherwise.
:0:
* ^(From|Reply-To):.*<email-address-here>$
/dev/null
Yes, this would basically work for your revised situation. I'd be more
prone to insert a flag into the message headers, or file it into a separate
mailbox though.
[snip]
Wow, that's some .sig. Perhaps you could put all of that on a webpage and
then put one url in your sig?
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail