Procmail Filter

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
procmail-filter.txt____________________________________________________________
Invoked by sendmail, or a .forward  mechanism,  procmail is a  powerful tool
to
use in the task of sorting and filtering mail either system- wide or
customized
for and by each individual user.               Using "procmail" to filter
email
Dec 11, 2004                   Based on the FILTERING MAIL FAQ by Nancy
McGough 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

(DEMO ONE) NON-PRIVILEGED SHELL USER:  Procmail + Pine
```````````````````````````````````````````````````````````
Typical system shell account user may use procmail to sort email for viewing
with pine.  This also works for mutt and other email applications with a few
minor adjustments to the default paths.

By default pine will view messages directly from the spool/mail unless a local
'mbox' has been created (touch ~/mbox).  If mbox exists then pine transfers
messages from spool/mail to ~/mbox for viewing.

In pine create directors to have email sorted to automatically.  (L) for
folder list and (A) to add folder.  For this example create a folder with the
name 'sample' for email from sample@yahoo.com.

Back to the shell prompt create a folder inside $HOME/mail called 'mbox' and
create a symbolic link to it from $HOME so that...

  touch ~/mbox
  ln -s ~/mail/mbox ~/mbox

This satisfies pine to find mbox where it expects it to be and satisfies our
procmail script to find mbox in a more logical location.

Under user home 'touch .procmailrc' and 'touch .forward', ensure permissions
are set 644.  Now 'vi .forward' and insert the following line:

  "|IFS=' ' && p=/usr/bin/procmail && test -f $p && exec $p -Yf- || exit 75
#username"

observing the correct path to 'procmail' (find it 'locate procmail|grep bin')
if you have to.  observe that after the pound character change 'username' to
the actual shell user.

Edit 'vi .procmailrc' and insert:

  PATH=$HOME/bin:/usr/bin:/usr/ucb:/bin:/usr/local/bin:.
  MAILDIR=$HOME/mail      # You'd better make sure it exists
  DEFAULT=$MAILDIR/mbox
  LOGFILE=$HOME/maillog
  LOCKFILE=$HOME/.lockmail

  :0                              
  * ^From.*sample@*yahoo.com
  $MAILDIR/sample 

Ok, now your regular mail goes to pine mbox and anything from sample@yahoo.com
is sorted and placed in the pine mail folder 'sample'.
note that :0 is colon + zero (if your term zero and letter O visibly alike)


(DEMO TWO) PROCMAIL RULE CONFIGURATION: sample procmail filter rules
```````````````````````````````````````````````````````````
example 1: to make all mail from kit@notes.unl.edu go into pine's kit folder.

  :0:
  * ^From:.kit@notes.unl.edu
  $MAILDIR/kit

example 2: anyone who has the text string 'lisa' as any part of the email
address will go into the alllisa folder.

  :0:
  * ^From:.*lisa
  $MAILDIR/alllisa 

example 3: you are on a maillist were all messages say they are To:
'listmembers@linuxchix.org' and sort them into pine's linuxchix folder.

  :0:
  * ^To:.*linuxchix
  $MAILDIR/linuxchix

example 4: there are various text stings that may appear in spam, one I see a
lot is "mortgage" as in "lower your mortgage rate" and I want anything that
mentions 'mortgage' in the Subject line to go into pine's spambox folder.

  :0:
  * ^Subject:.*mortgage
  $MAILDIR/spambox

example 5: anything from people at uunet will go to pine's uunetbox folder

  :0                 
  * ^From.*@uunet
  $MAILDIR/uunetbox


(DEMO THREE) NON-PRIVILEGED SHELL USER:  Procmail Whitelisting
```````````````````````````````````````````````````````````
Whitelist mail filtering works by considering anything (sender) that is not in
your list bulk email or spam.  Put your friends and family in your white list
so that their messages go to your inbox while anything else goes into a bulk
mail folder because it is likely spam.  Then on a rainy day you can speed
glance though the bulk mail folder and zap most of it, perhaps only stopping
on occasion to look in a message that could potentially be something you want
or a forgotten friend that you need to add to the white list.

This example the white-list is read by procmail.  Whitelist contains only
addresses you want in the inbox, everything else sent to bulkmail.

  # filter mail against current whitelist
  FROM=`formail -XFrom: | formail -r -xTo: | tr -d ' '`
  :0
  * ! ? grep -F -i -x -q "$FROM" $HOME/.whitelist
  $MAILDIR/bulkmail

An additional mechanism should be added to notify individuals sending messages
with a response option for the white list. (visit: white list spam)


(ADDITIONAL INFORMATION) PROCMAIL RELATED: Comments on using procmail
```````````````````````````````````````````````````````````
Determine your version of procmail by executing 'procmail -v'.  If something
provided here does not work, check to see how _old_ your procmail version is.

There are man pages provided for procmail, procmailex, procmailrc, procmailsc,
and formail with most linux distributions.  You can learn a lot by reading the
man pages before seeking help on various forums and annoying people because
you are asking a question that could be answered by reading the man pages.

Procmail is not an SMTP agent (it's a LDA, Local Delivery Agent) and cannot be 
used to 'reject' spam during the SMTP transaction.  Although possible to 
bounce potential spam with procmail, it would be illadvised.  Spam headers are 
almost always forged, and the bounce would go to either the wrong place or 
nothingness causing errors in your SMTP agent logs.

Apparently, the '.forward' file is only necessary if procmail is not
configured as the LDA in sendmail or equivalent.


(ADDITIONAL INFORMATION) MAIL FILTERING AND SPAM:  Worth Mentioning
```````````````````````````````````````````````````````````
In regards to spam and mail filtering, however, outside the scope of this
document, none-the-less worth mentioning...

Gray-listing is a technique now becoming popular.  Consider it a method with
the advantages of white-listing but without its short-comings.
White-listing's
shortcomings manifest when applied to businesses that rely on email.
(recommendation:  research 'gray listing' with 'spam')

Spamassassin email filtering is very popular in business usage.  It supports
automatic training, forged message header rejecting, and works using a score
based approach.
(recommendation: visit http://spamassassin.apache.org/)

Procmail was created by Stephen R. van den Berg and the procmail web site is
at the address http://www.procmail.org/ .

_______________________________________________________________________________
spam filtering with procmail is distributed by the Star City Linux User Group.
By LazyGirl & Roach.  Sources mentioned in article.  Contribute Documentation!