OT: Procmail help
Herman Oosthuysen
Herman at WirelessNetworksInc.com
Fri Feb 7 16:58:41 CET 2003
My blacklist recipe uses formail to add stuff to the subject line. An
alternative is to add a new header line as in the whitelist recipe.
Watch out for line wrapping in the e-mail below. You'll have to find
and remove all the problematic carriage returns. Procmail is very
sensitve to that.
---
FORMAIL=/usr/bin/formail
CRUDSUBJECT=""
# First of all, save the message subject
# This is used by all other filter files
:0 f
{ CRUDSUBJECT=`${FORMAIL} -xSubject:` }
# Blacklist recipe.
# Append an offender to the blacklist: # echo bastard at spamhaus.com >>
/etc/procmail/blacklist
# Ensure that there are NO empty lines in this file, or fgrep will
ALWAYS match and trash ALL mail.
# Fgrep (grep -F) treats the blacklist file as a list of fixed
expressions to compare with the mail.
# Grep treats the blacklist file as a list of regular expressions to
compare with the mail.
# See 'man grep' for details on regular expressions.
# A good expression will help if a spammer keeps changing his address a
little all the time, in
# an effort to avoid blacklisting, so "grep" is better than "fgrep" for
this situation.
# Gotchas: Beware of hyphens in the e-mail address, make them a dot instead.
# Delete all empty lines at the end of the file.
# Do not try to put comments in the blacklist file
FGREP=/bin/grep
BLACKLIST=/etc/procmail/blacklist
FROM=`$FORMAIL -x"From" -x"From:" -x"Reply-To:" -x"Received:"
-x"Return-Path:"`
:0f
* ? (echo "$FROM" | $FGREP -i -f $BLACKLIST)
| $FORMAIL -I "Subject: Blacklist 0001 Undelivered: $CRUDSUBJECT"
# Whitelist recipe.
# Append good guys to the whitelistlist: # echo wendy at house.com >>
/etc/procmail/whitelist
# Ensure that there are NO empty lines in this file, or fgrep will
ALWAYS match and accept ALL mail.
# Fgrep (grep -F) treats the whitelist file as a list of fixed
expressions to compare with the mail.
# Grep treats the whitelist file as a list of regular expressions to
compare with the mail.
# See 'man grep' for details on regular expressions.
# Gotchas: Beware of hyphens in the e-mail address, make them a dot instead.
# Delete all empty lines at the end of the file.
# Do not try to put comments in the whitelist file
# Adds a new mail header: "X-Class: whitelist" if in the whitelist
FGREP=/bin/grep
WHITELIST=/etc/procmail/whitelist
FROM=`$FORMAIL -x"From" -x"From:" -x"Reply-To:"`
:0f
* ? (echo "$FROM" | $FGREP -i -f $WHITELIST)
| $FORMAIL -A "X-Class: Whitelist"
---
Nick Simicich wrote:
> At 01:14 PM 2003-02-06 -0800, Peter Loron wrote:
>
>> Sorry for the OT post.
>>
>> I'd like to create (or borrow) a Procmail recipe that will add a bit
>> of text to the beginning of certain Subject headers. Specifically, I
>> get some mailinglists that prefix their messages with something like
>> "[listname]", and some that don't. I want to add those prefixes.
>>
>> I did some looking in Google, but either got back waaaaay too many
>> hits or nothing, depending on my keywords.
>>
>> Can somebody point me to a recipe? I know this wheel has been invented
>> before...
>
>
> If you do not understand procmail well enough to write recipes easily,
> may I suggest a more radical solution? There is a mail filter program
> called "maildrop". It uses a vaguely C like language to do the things
> that procmail does. I got to the point that I could not understand my
> recipes pretty quickly. I installed maildrop, and I was much happier.
>
> xfilter replaces the contents of the message with the output of the
> command. reformail is a command that comes with maildrop and allows you
> to alter headers. Headers are already folded conceptually to one line.
>
> I simplifed this a lot, I use it with about 20 lists (and I do not use
> it to add subject tags, I use it to optionally run the lists through
> demime to remove html and to add reply-to. I run bogofilter from
> maildrop as well, strip out broken PGP signatures (and change
> multipart/signed to multipart/mixed, and application/pgp to text/plain).
>
> and so forth.
>
> As you can see, adding something like removing a
> Disposition-notification-to headers is actually straightforward, and, in
> my opinion, readable. They do a couple different things with regular
> expressions. For example, ! is used to separate the match into sections,
> and the \ for continuations, and the grouping with the isolated { } are
> in the syntax, to simplify the parser. But all this is not as weird as
> procmail, and it can be understood. And it fails safe - if you make a
> syntax error, it returns TEMPFAIL so that you do not lose mail.
>
> I consider this to be related to bogofilter because many people will
> drive bogofilter out of maildrop or procmail.
>
> I use -u on bogofilter - then I apply whitelists and overrides (this is
> spam even when bogofilter says it is not, for example, when there are
> three postmasters mentioned in the headers) and then run bogofilter -S
> or -N if the spam is reclassified. I am not sure I *could* do this from
> procmail. But it was no harder than writing the pseudo C code to handle
> the logic (a couple of state variables, some tests, an if) to handle
> this in maildrop. And all this stuff just works.
>
>
> if ( /^Sender:.*!bogofilter!.*@!aotto\.com/ || \
> /^Sender:.*!courier-maildrop!-admin@!lists\.sourceforge\.net/ || \
> /^Sender: !discuss!.*@!mandrakesecure\.net/)
> {
> ltalk=$MATCH2
> domain=$MATCH4
> if ( (! /^Subject:.*\[$ltalk\]/) &&
> /^Subject:[:space:]*!.*[^:space:]![:space:]*$/)
> xfilter "/usr/local/bin/reformail -I'Subject:
> [$ltalk] $MATCH2'"
> }
> if ( /^content-type:[:space:].*html/ || \
> /^content-type:[:space:].*multi/ || \
> /^content-type:[:space:].*rich/ || \
> /^content-type:[:space:].*application/ || \
> /^X-MS-Attachment/ || \
> /^[:space:]+winmail[0-9]?.dat/:b || \
> /\*This message was transferred with a trial version of
> CommuniGate
> \(tm\) Pro\*/:b || \
> /^begin[:space:]+[:digit:]+[:space:]+winmail.dat/:b || \
> /^begin\s+[0-7]+[:space:]+[:graph:]+[:space:]*$/:b)
> {
> log "$ltalk@$domain message demimed: $MATCH"
> xfilter $DEMIMEFILTER
> }
> if ( ! /^Reply-to:/)
> {
> log "$ltalk@$domain message having Reply-To:
> $ltalk@$domain added."
> xfilter "/usr/local/bin/reformail -A'Reply-To:
> $ltalk@$domain'"
> }
> if (/^Disposition-Notification-To:/)
> {
> log "$ltalk@$domain message having
> Disposition-Notification-To: removed."
> xfilter "/usr/local/bin/reformail
> -I'Disposition-Notification-To:\'"
> }
> }
>
> See: http://www.flounder.net/~mrsam/maildrop/README.html
>
>
>> Thanks.
>>
>> -Pete
>>
>>
>> ---------------------------------------------------------------------
>> FAQ: http://bogofilter.sourceforge.net/bogofilter-faq.html
>> To unsubscribe, e-mail: bogofilter-unsubscribe at aotto.com
>> For summary digest subscription: bogofilter-digest-subscribe at aotto.com
>> For more commands, e-mail: bogofilter-help at aotto.com
>>
>>
>>
>
> --
> SPAM: Trademark for spiced, chopped ham manufactured by Hormel.
> spam: Unsolicited, Bulk E-mail, where e-mail can be interpreted
> generally to mean electronic messages designed to be read by an
> individual, and it can include Usenet, SMS, AIM, etc. But if it is not
> all three of Unsolicited, Bulk, and E-mail, it simply is not spam.
> Misusing the term plays into the hands of the spammers, since it causes
> confusion, and spammers thrive on confusion. Spam is not speech, it is
> an action, like theft, or vandalism. If you were not confused, would you
> patronize a spammer?
> Nick Simicich - njs at scifi.squawk.com - http://scifi.squawk.com/njs.html
> Stop by and light up the world!
>
>
> ------------------------------------------------------------------------
>
> ---------------------------------------------------------------------
> FAQ: http://bogofilter.sourceforge.net/bogofilter-faq.html
> To unsubscribe, e-mail: bogofilter-unsubscribe at aotto.com
> For summary digest subscription: bogofilter-digest-subscribe at aotto.com
> For more commands, e-mail: bogofilter-help at aotto.com
--
Herman Oosthuysen
B.Eng.(E), Member of IEEE
Wireless Networks Inc.
http://www.WirelessNetworksInc.com
E-mail: Herman at WirelessNetworksInc.com
Phone: 1.403.569-5687, Fax: 1.403.235-3965
More information about the Bogofilter
mailing list