| ||||||||||||||||||||
procmailrc Posted by admin (Graham Ellis), 19 May 2003 We're now filtering all incoming emails on our server - our spam has reached around 9000 emails per month and whilst it's been interesting to see what people are sending out as bulk unsolicited email, it's become something of a nuisance.We're using procmail ... which means that we've got ourselves into the programming / configuration file .procmailrc. Anyone who has any questions / wants any tips (I know several of you use Hurricane as your ISP - they have it included in the package), please post a follow up. Also any good procmail recipes you have? Posted by John_Moylan (jfp), 29 May 2003 I'm a HE.net customer, ans use procmail to forward all incoming email through spamassasin. (an email filter written in Perl)my .procmailrc contains: Code:
Where [spamspamspam] is a file that all spam gets written to. It seems to get about 95% of the unsolicited stuff My worst offenders get "dev/null"ed Code:
I also write all email details to a procmail log Code:
Which writes in the format of Code:
Which is very convinient as I have a perl prog on cronjob that looks at this file every 15 mins, if theres a new entry it send the details of it to my work address. Yes, procmail is very nice, and some of the recipes I've seen are very powerful. But simple can be good too. jfp Posted by admin (Graham Ellis), 2 June 2003 I always suggest to folks that they have a look/see if the software they need is already out there before they write their own ... In hindsite, I think that spamassassin might have been better for me that my roll-my-own procmail recipes .... your suggestion is excellent, jfp ... also like your crontrab and logging approach and I'm considering a switch to this away from the automated bounce.However ... procmail done and configured now. ... and updated over the weekend in the light of experience. I think I have trapped around 80% of the incoming spam (I got up this morning and thought and my mailbox was so light I thought "what has gone wrong" ....) Here's a couple of interesting recipies for procmailers: Bounce any emails to a group of old email addresses: Code:
Bounce emails with certain words in the subject line: Code:
Note on this one - we have a Perl script that replaces %anywhere% with a regular expression made up of 74 common spam words held in a data file ... makes updating easier. Other recipies exclude: - emails that have subjects starting with 39 different words / strings - emails with 31 different patters in the sender - emails that have 10 non-lowercase characters in sucession in the subject - emails that have 5 or more consonants in succession in the subject All bounces have a nice message with them, telling people that adding the word "melksham" makes their email acceptable, and all have an extra header added which we check for to avoid bouncing loops. Posted by admin (Graham Ellis), 7 September 2003 And still the spam increases ... now between 500 and 1000 emails a day arriving at our server ... for two of us!I've re-visited the subject and added spamassassin into our filter chain; I'm also keeping a log via a perl program too ... here's the entries in my procmailrc: Code:
which adds a spam flag header, and also (my mailwash) generates a log, and then further down we bounce the spam, with a message explaining and inviting people to write back with a particular word in the subject line if it really isn't spam .... Code:
Here's "mailwash" - it simply passes through the email, extracting and logging statistics for me! Code:
This page is a thread posted to the opentalk forum
at www.opentalk.org.uk and
archived here for reference. To jump to the archive index please
follow this link.
|
| |||||||||||||||||||
PH: 01144 1225 708225 • FAX: 01144 1225 793803 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho |