From: gman@infinex.com
(G-man)
Newsgroups: ba.internet
Subject: Re: tired of spam
Date: 24 Feb 1998 18:24:03 GMT
Organization: Infinex Telecom, Inc. at 415-882-9188
trebor@sirius.com
wrote:
: tiles@pyramidtile.com (Bill
Furner) wrote:
: >It seems that there are email filtering programs that
are too hard to
: >utilize, that requires a lot of understanding to set up.
I need one that
: >is user friendly and easy to filter without have to have
a PHD, plus one
: >that is low in cost!
Here's the .procmailrc I use. I like it and its simple. I'm
sure its not
perfect.
It does the following:
1. If the email has a header "Comments: Authenticated sender
is", kill it.
2. If the Received headers contain invalid IPs, kill it.
3. If "nowhere.com" is in any header, kill it.
4. If the Message-Id header exist and is empty, kill it.
5. If any Received headers contain "!", kill it.
6. If X-Advertisement header exists. kill it.
7. If the Return-Path contains a "!". kill it.
8. If the To or Cc fiends contains "Friend@public.com", kill
it!
9. If the To or Cc contains "@domain.com", kill it.
Then if any of the above is true, a email is sent back
(hopefully) saying
Unknown User.
:0
* (^Comments: Authenticated sender is|\
^Received.*\[[0-9\.]*([03-9][0-9][0-9]|2[6-9][0-9]|25[6-9])\][^\.]|\
.*@nowhere.com|\
^Message-Id: <>|\
^Received:.*!|\
^X-Advertisement:.*|\
^Return-Path:.*!|\
^(To|Cc): Friend@public.com|\
^(To|Cc):.*@domain.com)
{
EXITCODE=67
:0 i
/dev/null
}
Use the one below if you don't want e-mail that is directly
sent to you.
This breaks some mailing lists and InterNIC domain
registrations. Make
sure you change YOUR_USERNAME to your username (ie my e-mail
address is
gman@infinex.com so I
would replace YOUR_USERNAME with "gman")
:0 * !^(To|Cc):.*YOUR_USERNAME /dev/null
--
It's nice having Multiple Personalities! gman@infinex.com
http://www.infinex.com/~gman
Keeper of Bay Area
B.A.S.P: Shell
Linux => OS for the Computer-Literate! Providers List
(=E G-man, G-DoG, Archy, LoOoD, Gary B. from E.C and FoG
CiTY
Date: Wed, 08 Jan 1997 21:50:04
Newsgroups: news.admin.net-abuse.email
Subject: Setting procmail to complain to multiple upstream recipients
From: Arthur Wouk at NileNet, Ltd. <awouk@ra.nilenet.com>
In article 5b1ufu$ogc@panix3.panix.com,
Tom Betz Read_the_Mailterms_URL@Bottom_of_my_Post.Please
wrote:
...
!
!My procmail dutifully complained to worldnet.att.net about
this
!spam coming from their system. However, because procmail
exits
!once the first hits appens, it did NOT complain to MCI
about
!spam for ITS customers ncia.com and jjplaza.com.
!
!So while I may succeed in shutting down the throwaway
account,
!it won't hit the real source of the problem, the MCI
sites.
!
!I'd like to instruct procmail to go through the rest of my
!recipes even after it has made its first hit. How can I do
it?
consider the following structure (stolen from someone else,
by the
way)
:0
*^From.*iq-internet.com
*!^X-Loop: awouk@nilenet.com
{
:0 c
| (formail -rk ; cat $HOME/.reject) | $SENDMAIL -oi -t | \
elm -s"Abuse not appreciated" tuvak@troi.iq-internet.com, \
kbbanner@aol.com,abuse@sprintlink.net
:0
spam
}
apparently inside the {} pair each :0 initiates a new
procedure.
this works, i know, because i have used a variant of it for
another
purpose.
--
arthur wouk **********Hail*Dogbert*****
Now and then, an innocent man is sent to the legislature. -
Samuel Clemens