On Thu, 29 Nov 2001, Ashley @ Turton wrote:
My main email address has been activate for about 3 years and thus gets a lot of spam. Are there known methods inside Fetchmail or procmail to filter out 'spam' into a separate folder for later viewing?
If not, do people on the list use services to eliminate the spam? There has to be a better way than 'download and delete'.
Procmail recipes get rid of the worst of it for me. Here's the recipe I use (all the other meaty goodness such as automatic list filtering and SMS forwarding deleted, I'll put the whole recipe on a web site at some point, honest).
Oh, and I can't claim the glory for this. It's been around the block a few times, and came to me via a certain slacker currently sunning himself in Australia ;-)
Lob this in your .procmailrc: --- cut here --- # I do not accept responsibility for any mail lost, stolen, deleted, eaten # alive, or otherwise accidentally discarded. Wasn't me, didn't do it, # can't prove anything. PATH=/bin:/usr/bin:/usr/X11R6/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/X11R6/bin
SHELL=/bin/bash
# "VERBOSE=on" is only used for debugging. #VERBOSE=on
# Tweak these for your own local configuration MAILDIR=$HOME/Mail DEFAULT=$MAILDIR/inbox LOGFILE=$HOME/.mail/procmail.log # LOGABSTRACT = "all"
# where to send spam SPAM=spam
# A list (one per line) of people I KNOW are spammers :-) # can match any part of name so you can use fred, fred@aol.com or aol.com to # match a user, mail address or domain. # Note that this file is case-insensitive. SPAMMERS=$HOME/.mail/spammers LISTS=$HOME/.mail/lists
################################################################## # SPAM filter. I don't like spam. I just don't # ##################################################################
# Here we search a file with a list of people we _never_ want to # get anything from, tossing the mail if it's from one of them. # SPAMMERS is set and described above. :0: * ? (formail -x From: -x Sender: -x Reply-To: -x Received: | grep -iqf $SPAMMERS) $SPAM
# look for X-Advertisement header or 'advertisement' in the subject, # accounting for possible sp. error. "Nice" spammers use this header. :0: * ^X-Adverti[sz]ement: $SPAM
:0: * ^Subject:.*adverti[sz]ement $SPAM
# To: friend(s)@public.com or you@wherever.com and the like. Spam. # (arrangements made for those who spell at a 4th grade level as # well, i.e.: freind) :0: * ^TO.*( |<|,)(fr(ie|ei)nd(s)?|you)@ $SPAM
# <Undisclosed Recipients@pop.isp.net> seems common to spam. :0: * ^TO.*[Uu]n(disclosed|listed)(-| )?[Rr]ecipients $SPAM
# snag the To: and From: headers TO=`formail -zx To:` CC=`formail -zx Cc:` FROM=`formail -zX From: | formail -zrx To:`
# So do some mailing lists. Commented out for now. # # spammers love to set their "To:" and "From:" fields to the same # # thing. If this is the case and it's not from you, it's spam. # :0: # * $ TO??$FROM # * !$ ^To:.*$LOGNAME # $SPAM
# no To: line AND no Cc: line. You could filter out anything with no To:, # but there are lots of mailinglist idiots who Cc the list and don't To: # anyone ;-) #:0: #* TO??^$ #* CC??^$ #$SPAM
# no legit From address (formail generates foo@bar in this case) :0: * FROM??^foo@bar$ $SPAM
# purely numeric address. blah. I've never seen this be legit. # Even compuserve addresses have a punctuation mark of some sort. :0: * ^From:.*( |<)[0-9]+@ $SPAM
# bogus pegasus header, very common with spammers, and I've never # seen it used by anyone else. :0: * ^Comment: Authenticated sender is * ! ^X-Mailer: Pegasus $SPAM
# bad message id -- empty or no @host part. :0: * ^Message-Id:.*<[^@]*> $SPAM
#sex spam -- "XXX" in subject (case sensitive, word boundaries) :0 D: * Subject:.*<XXX> $SPAM
# 1-900 in the subject. Yeah, right. :0: * ^Subject:.*1-900 $SPAM
# mlm crap -- MLM in subject (case sensitive) :0 D: * Subject:.*<MLM> $SPAM
# 'dear friend' at the start of a line in the body of message # (in brackets is a tab and a space -- if you edit the file, make # sure you keep them in there -- one tab, one space, in either order) # provisions made for misspelling. :0 B: * ^[ ]*dear fr(ie|ei)nd(s)? $SPAM
# nothing from email blaster etc :0 B: * EMAIL (BLASTER|PLATINUM) $SPAM
# Your research sucks ("our research indicates that you wanted our spam..") :0 B: * (our|my) research indicates $SPAM
# sex spam, "adults only" in subject :0: * ^Subject:.*adults only $SPAM
# popular pyramid scam signature :0 B: * order report #1 $SPAM
# we don't ever wanna hear about mlm (message body) :0 B: * multi(-| )?level marketing $SPAM
# # or abbreviated (message body, case sensitive) # :0 BD # * MLM # $SPAM
# Unfortunately, I know far too many excitable people who use excessive # punctuation ;-) Commented out so I get their mail. # # 2 bangs in subject. spammer hype. # :0 # * ^Subject:.*(!!) # $SPAM
# 2 dollar signs in subject. spammer hype. :0: * ^Subject:.*($$) $SPAM
# don't even want a 1-900 or 1-800 number in the body. :0 B: * 1-[89]00 $SPAM
#large dollar amount in subject line :0: * ^Subject:.*$[0-9]+,000 $SPAM
##################################### # Last rule: Put mail into mailbox # #####################################
:0: $DEFAULT
# End of file