From 4705970ceedbf50f5160e790549281e4cd628cc3 Mon Sep 17 00:00:00 2001 From: Don Armstrong Date: Tue, 3 Jun 2008 23:24:08 +0000 Subject: [PATCH] * add rules to handle joejobs --- .procmailrc | 144 ++++------------------------------------------------ 1 file changed, 10 insertions(+), 134 deletions(-) diff --git a/.procmailrc b/.procmailrc index 3492f45..ee9f6bd 100644 --- a/.procmailrc +++ b/.procmailrc @@ -23,6 +23,7 @@ $HOME/Mail/temp/ # where to send spam HIGHSPAM=spam/HIGHSPAM/ SPAM=spam/SPAM/ +JOEJOB=spam/JOEJOB/ # A list (one per line) of people I KNOW are spammers :-) # can match any part of name so you can use fred, fred@aol.com or aol.com to @@ -60,6 +61,7 @@ FRIENDS=$HOME/.procmail/friends /dev/null +# Handle delay messages :0 Hc * !Message-Id: .*delay[0-9]+@ * ^TO \/don\+de[^@]+ @@ -71,73 +73,11 @@ $HOME/Mail/delay |/home/don/bin/delay_mail --mailto don@donarmstrong.com --enqueue --email --delay $MATCH -# ========================================================================== -# Correct crap or broken mails using sed -# ========================================================================== -# Correct wrong sig-dashes, ie add a space for lines with only "--" in them: -# from: ^--$ -# to: ^-- $ -#:0 fBw -#* ^--$ -#| sed -e 's/^--$/-- /' - -# preconverts all plain-text mail arriving in certain encoded -# MIME formats into a more compact 8-bit format which can be -# used and displayed more easily by most programs. -#:0 -#* ^Content-Type: *text/plain -#{ -#:0 fbw -#* ^Content-Transfer-Encoding: *quoted-printable -#| mimencode -u -q - -#:0 Afhw -#| formail -I "Content-Transfer-Encoding: 8bit" - -#:0 fbw -#* ^Content-Transfer-Encoding: *base64 -#| mimencode -u -b - -#:0 Afhw -#| formail -I "Content-Transfer-Encoding: 8bit" -#} - -# Convert old-style PGP messages to MIME -:0 -* !^Content-Type: multipart/ -* !^Content-Type: application/pgp -{ - :0 fBw - * ^-----BEGIN PGP MESSAGE----- - * ^-----END PGP MESSAGE----- - | formail \ - -i "Content-Type: application/pgp; format=text; x-action=encrypt" - - :0 fBw - * ^-----BEGIN PGP SIGNED MESSAGE----- - * ^-----BEGIN PGP SIGNATURE----- - * ^-----END PGP SIGNATURE----- - | formail \ - -i "Content-Type: application/pgp; format=text; x-action=sign" -} - -###################################################################### -# Here we search the list of people we always want to get mail from, # -# and deliver the mail if it's from one of them, no matter what. # -# The FRIENDS file is set and described above. # -###################################################################### :0: * ! ? (formail -x From: -x Sender: | fgrep -iqf $FRIENDS) { -# $DEFAULT -# deliver to default mailbox - -#spamassasin is being run sitewide. - -# Mails with a score of 15 or higher are almost certainly spam (with 0.05% -# false positives according to rules/STATISTICS.txt). Let's put them in a -# different mbox. (This one is optional.) +# Mails with a score of 15 or higher are almost certainly spam :0: * ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\* #definetly_spam @@ -155,6 +95,12 @@ $HIGHSPAM $SPAM +# I get joe-jobbed a lot; if a message is from a mailer, but not from +# one of mine, discard it. +:0: +* ^FROM_MAILER +* !^From:.+(ucr|debian|donarmstrong|sndservers|ccin) +$JOEJOB # Work around procmail bug: any output on stderr will cause the "F" in "From" # to be dropped. This will re-add it. @@ -171,63 +117,6 @@ $SPAM -################################################################## -# SPAM filter. I don't like spam. I just don't # -################################################################## - -# Here we search a file with a list of people we _never_ want to -# get anything from, tossing the mail if it's from one of them. -# SPAMMERS is set and described above. -# Note, you can use the following line instead to be even more -# strict, they can't have even relayed it via an adress in the -# spammers file: -# * ? (formail -x From: -x Sender: -x Reply-To: -x Received: | fgrep -iqf $SPAMMERS) -:0: -* ? (formail -x From: -x Sender: -x Reply-To: | fgrep -iqf $SPAMMERS) -| formail -A "X-SPAM-RULE: address found in spammers file" >> $SPAM - -# look for X-Advertisement header or 'advertisement' in the subject, -# accounting for possible sp. error. "Nice" spammers use this header. -:0: -* ^X-Adverti[sz]ement: -| formail -A "X-SPAM-RULE: X-Advertisement header" >> $SPAM - -:0: -* ^Subject:.*adverti[sz]ement -| formail -A "X-SPAM-RULE: Advertisement in subject" >> $SPAM - -# snag the To: and From: headers -TO=`formail -zx To:` -CC=`formail -zx Cc:` -FROM=`formail -zX From: | formail -zrx To:` - -# no To: line AND no Cc: line. You could filter out anything with no To:, -# but there are lots of mailinglist idiots who Cc the list and don't To: -# anyone ;-) -:0: -* TO??^$ -* CC??^$ -| formail -A "X-SPAM-RULE: no To: or Cc: header" >> $SPAM - -# bogus pegasus header, very common with spammers, and I've never -# seen it used by anyone else. -:0: -* ^Comment: Authenticated sender is -* ! ^X-Mailer: Pegasus -| formail -A "X-SPAM-RULE: bogus pegasus header" >> $SPAM - -#large number of spaces then number in subject -:0: -* ^Subject:.*\ \ \ \ \ \ \ \ \ [0-9][0-9]+ -| formail -A "X-SPAM-RULE: too many spaces followed by number in subject" >> $SPAM - -#laser toner cartridges. (I mean, come, on!) -:0: -* ^Subject: laser cartridges -| formail -A "X-SPAM-RULE: laser cartridges suck" >> $SPAM - -} - # Debian role accounts :0: @@ -260,7 +149,7 @@ lists/dragongo/ ################### # Mailing lists # -5B5B################### +################### :0: * X-Mailing-List: <\/[^@]+ @@ -339,19 +228,6 @@ lists/scd/ * ^Sender: (Bugtraq|Incidents Mailing|VULN-DEV) List lists/bugtraq/ -######################################### -# Final SPAM filter, post mailing lists # -######################################### - -# NOTE: This catches like 80% of my SPAM, it really works but make the match -# CORRECT :-) -# -# Not mailing list, but not to me. SPAM. -#:0: -#* !^TO(anylevel.com|donarmstrong.com|donarmstrong.org|oneinfinity.com|donarmstrong.net|pellam.ucr.edu|rzlab.ucr.edu|student.ucr.edu|localhost|Blind\.Copy\.Receiver) -#| formail -A "X-SPAM-RULE: Not to one of my addresses or a mailing list" >> $SPAM - - ##################################### # Last rule: Put mail into mailbox # ##################################### -- 2.39.2