Procmail Recipes

[ ܸ | English ]


About Procmail

Please visit Procmail.org.


Related links about spam killer:

junkfilter
The SpamBouncer
Panix Help System and their recipe
SpamAssassin
Vipul's razor
SpamProbe


My Sample

# Sample Recipe
# #-line is a comment line.
SHELL=/usr/bin/sh
PATH=/usr/local/bin:/usr/bin:/bin
ADDRESS=myaccount@mydomain.jp
SENDMAIL=/usr/lib/sendmail
LOGFILE=$HOME/tmp/procmail.log
MAILDIR=$HOME/Mail
MLDIR=$MAILDIR/ML
TMPFILE=$HOME/tmp/subjects.txt
DEFAULT=/var/mail/myaccount
INBOX=$MAILDIR/inbox
MISC=$MAILDIR/misc
#VERBOSE = ON
# Fake or group addresses (Maybe SPAM)
# For example, my account is "fjt."
# Spamers send SPAMs to fjt*, *fjt, fjs*...@somedomain.
# "Group address" means an alias which includes my address and others.
:0 
* 9876543210^0 ^(Cc:|To:).*myaccount[^@]*@(geocities|msn|hotmail)
* 9876543210^0 ^(Cc:|To:).*(Valued.Clients?|Future.Investors?|Undisclosed.Recipients?|All.foreign.Residents?)@mydomain
* 9876543210^0 ^From:.*yahoo\.com\.
/dev/null
# This recipe is an idea of fleet@teachout.org refined by Dallman Ross
# Checking "Fake Message-ID"
:0 
* ^Message-ID:[ 	]*<.*(\$.*-|-.*\$).*@
$MAILDIR/trash/.
# NGWORD (Eliminate Messages Including No Good Words in Subjects)
# The idea of using sed is presented by Hiromatsu .
# "nkf -meZ2" decodes MIME and generalize Japanese-code.
NGWORD=$HOME/.ngwords
:0
* ^Subject: *\/.*
{
	:0
	* ^Subject:.*iso-2022-jp
	DECODED=|echo "$MATCH"|nkf -meZ2

	:0 E
	DECODED=|echo "$MATCH"|nkf -eZ2

	SUBCHECK = `echo "$DECODED" | sed 's/[[:space:][:punct:]]//g'`

	:0
	*$ ? test -s $NGWORD
	* ? echo "$SUBCHECK" | fgrep -iqf $NGWORD
	/dev/null

	# Most Famous Subjects meaning SPAM in Japan
	:0
	* ? echo "$SUBCHECK" | egrep '̤[|\*]|!!'
	/dev/null
}

My sample .ngwords file is here.

# NGWORD2
# The original recipe is posted to the procmail-ml by Udi Mottelo (2003/8/28).
# This version is improved one which discards needless logs :)
:0 cw
* < 20000
{
	:0 bf
	| sed -n '/<[hH][tT][mM][lL]>/,$p' | lynx -stdin -dump -width=20000

	:0 B
	* 9876543210^0 (Get|Generic|Herbal) Viagra
	* 9876543210^0 (Get|Introducing) VP-RX
	{ EXITCODE=1 }

	LOGFILE=/dev/null
	HOST
}
:0 e
/dev/null
# Blacklist
BLACKLIST=$HOME/.blacklist
:0
*$ ? test -s $BLACKLIST
* ? (formail -x From: -x Reply-To: -x Sender: -x From | fgrep -iqf $BLACKLIST)
/dev/null

My sample .blaklist file is here. This is only a sample. An actual file is more bigger.

This simple recipe is very effective. Wise companies shouldn't use silly "info@" :p
...Clever recipients will choose not "/dev/null" but your trash box.

# info@
:0
* ^From: info@.*\.(net|com)
$MAILDIR/trash/.
# Virus Check (Eliminate Executable Attachments)
# from procmail-ml
# author: Philip Guenther modified by Sergiy Zhuk
ext = '\.(scr|vbs|shs|bat|com|exe|pif)'
ws = '[ 	]*($[ 	]+)*'
dotstar = '.*($[ 	].*)*'
dq = '"'
:0 B
* $ ^Content-(Type|Disposition)*:${dotstar}name${ws}=${ws}${dq}.*${ext}${dq}
/dev/null
# Access Log of My Web Page Send by Cron
# I Don't Want To Log These Subjects
:0 
* ^Subject: access log
* $ ^From:.*$ADDRESS
$MAILDIR/http_log/.
# ML
:0
{
# For Japanese Subjects...already defined ?
#	:0
#	* ^Subject:.*iso-2022-jp
#	DECODED=|echo "$MATCH"|nkf -me
#	:0 E
#	DECODED=|echo "$MATCH"

	# Procmail-ML
	:0
	* ^(To|Cc):.*procmail
	{
		:0 c
		| echo PROCMAIL-ML Subject:"$DECODED" >> $TMPFILE
		:0
		$MLDIR/procmail/.
	}

	# SECURITY-FOCUS
	:0
	* ^(To|Cc):.*focus-linux
	{
		:0 c
		| echo SECURITY-FOCUS Subject:"$DECODED" >> $TMPFILE
		:0
		$MLDIR/security/.
	}

	:0 c
	| echo Subject: "$DECODED" >> $TMPFILE
}
# Forward to My PDA
:0
* ^Subject: forward me
* $ To: .*$ADDRESS
! otheraccount@other.domain.jp

# Absence
# The Messages Might Be Important
#:0 c
#! otheraccount@other.domain.jp
# From My Friends
FRIENDS=$HOME/.friends
:0
{
	:0
	*$ ? test -s $FRIENDS
	* ? (formail -x From: -x To: | fgrep -iqf $FRIENDS)
	$MAILDIR/friends/.

# I Don't Know Why .friends Not Found
# (This recipe is only a sample.)
	:0 e
	* $ ^(From|To):.*(bestfriend@domain|goodfriend@domain|badfriend@domain)
	$MAILDIR/friends/.
}

# To Me
:0 
* $ ^(To|Cc):.*$ADDRESS
$INBOX/.

# Check Later
:0 
$MISC/.

Back