From: Mikhail Zabaluev <mhz@alt-linux.org>
To: mandrake-russian@altlinux.ru
Subject: [mdk-re] Re: [JT] procmail goes after spammers
Date: Thu Feb 14 14:00:12 2002
Message-ID: <20020214110659.GA4211@mhz.mikhail.zabaluev.name> (raw)
In-Reply-To: <20020214091030.GM1572@lic145.kiev.ua>
[-- Attachment #1: Type: text/plain, Size: 855 bytes --]
Hello Michael,
On Thu, Feb 14, 2002 at 11:10:30AM +0200, Michael Shigorin wrote:
>
> On Thu, Feb 14, 2002 at 01:00:33AM +0300, Mikhail Zabaluev wrote:
> > Вот procmail -- это сила. 5 минут назад в очередной раз опустошил папку
> [...]
> > -- чистота :) Плюс к тому: автоматическое уведомление провайдеров
> > особо надоедливых и псевдо-отлупы со смыслом
> > "адресат по указанному адресу не проживает/выбыл/умер/ушла на базу".
> Тезка, я извиняюсь -- а _это_ счастье опакечивается? ;)
Ну (скромно потупившись), оно вряд ли того стоит, да и настроено на
"моих" спаммеров.
Есть как минимум одно "окончательное решение спаммерского вопроса"
в виде procmail-фильтра, доступное на FM/SF.
Могу лишь приложить свои файлы, если кому пригодится.
--
Stay tuned,
MhZ JID: mookid@jabber.org
___________
Do you have lysdexia?
[-- Attachment #2: .procmailrc --]
[-- Type: text/plain, Size: 2879 bytes --]
MAILDIR=$HOME/Mail/
LOGFILE=$HOME/log/procmail
ME=(mhz@(altlinux\.ru|alt-linux\.org|linux\.ru\.net)|mookid@(mu|sigent)\.ru)
SPAMGUISES=@(aol|hotmail|msn|yahoo)\.com
:0 :
* $^X-Loop: $\LOGNAME@$\HOST
$DEFAULT
# Log all bad deliveries
LOGABSTRACT=all
# Rules that bounce with "bad data"
EXITCODE=65
# Trash all huge messages not addressed to me, that are not mailing list
# digests.
:0
* >65536
* !$^TO_$ME
* !(digest|vital)
/dev/null
# Rules that bounce with "no such user"
EXITCODE=67
# Deal with messages that bear nasty signs of spam
:0
* ^X-RBL-Warning:|\
^X-((Bulkmail|CORONNA|CRUNCHERS|IONK|PLATTER):|(EM|SMTPExp)-)|\
^X-Mailer:.*(Caretop|diffondi|em5000|EMailing List Pro|\
GOTO Software Sarbacane|IncrediMail|LK SendIt|Mailtouch|\
NetPIMS Merge & Group Mailer|SoftForum-WebMail|SuperMail-2)
{
:0
* >10000
/dev/null
:0 :
spam
}
# Charsets that mindless Asian spam uses, I have no chance to read them anyway
:0 :
* (charset.+|=\?)(big5|euc-kr|gb2312|iso-2022-jp|ks_c_5601-1987)
spam
# Process my dear frequent posters ;)
:0
* ^From .*seed\.net\.tw
* ^Received:.*\.ethome\.net\.tw
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
antispam@ethome.net.tw
:0
* ^From big6@mailbox\.as
* ^Received:.*\[64\.245\.234
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
abuse@digex.net
:0
* ^Received:.*registeredsite.com \(\[64\.224\.9\.
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
abuse@interland.net
:0
* ^From .*einfodirect\.com
* ^Received:.*iexpect\.com \(\[216\.35
| $HOME/bin/spam-forward -s "[SPAM ALERT] <AUTO> {EAI#289-065}" \
postmaster@iexpect.com abuse@exodus.net
:0
* ^From .*@a-01.com
* ^Received:.*\[209\.52\.29\.18.
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
abuse@smartt.com
:0
* ^Received:.*\[61\.1(79|87)
* $^From .*(longfbusiness@sina\.com|$SPAMGUISES)
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
anti-spam@ns.chinanet.cn.net
:0
* ^From .*jdmgames\.(com|net)
* ^Received:.*\[207\.215\.122
| $HOME/bin/spam-forward -s '[SPAM ALERT] (KMM512879C0KM)' \
abuse@internetive.net abuse@pacbell.net
:0
* $^From .*(buero\.link-m\.de|$SPAMGUISES)
* ^Received:.*\[211\.114\.53\.3[2-9]
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
insystem@kornet.net
:0
* ^From banks111111hk@yahoo\.com\.hk
* ^Received:.*\[212\.161\.14
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
abuse@colt.net
:0
* ^From .*(badajob|genie)\.com
* ^Received:.*\[210\.51
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
tech-group@china-netcom.com
:0
* ^From .*News@MailSRV\.BidBay\.com
* ^Received:.*\.bidbay\.com
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
postmaster@primenet.com
# Normal delivery
LOGABSTRACT=no
EXITCODE=0
[-- Attachment #3: spam-forward --]
[-- Type: text/plain, Size: 859 bytes --]
#!/bin/bash
#
# Procmail helper to bounce spam messages.
#
[ "$SENDMAIL" = "" ] && SENDMAIL=/usr/sbin/sendmail
[ "$SENDMAILFLAGS" = "" ] && SENDMAILFLAGS=-oi
subject='[SPAM ALERT]'
while getopts s: opt; do
subject="$OPTARG"
done
shift $(( $OPTIND - 1 ))
dest="$*"
if [ -z "$dest" ]; then
echo "Usage: $0 [-s subject] recipient ... <message" >&2
exit 1
fi
to_line="${*/%/,}"
to_line="${to_line%,}"
( cat <<EOF
From: $LOGNAME
To: $to_line
Subject: $subject
Precedence: bulk
X-Loop: $LOGNAME@$HOST
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
Hello,
This is an automatically generated spam alert.
Feel free to contact me if you have any issues related to this.
The (partial) listing of the message that triggered it
is included below.
EOF
head -c 8k
cat >/dev/null
) | $SENDMAIL $SENDMAILFLAGS $dest
prev parent reply other threads:[~2002-02-14 14:00 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-02-13 18:38 [mdk-re] [JT] /. : FTC " Michael Shigorin
2002-02-14 0:54 ` [mdk-re] Re: [JT] procmail " Mikhail Zabaluev
2002-02-14 12:31 ` Michael Shigorin
2002-02-14 14:00 ` Mikhail Zabaluev [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020214110659.GA4211@mhz.mikhail.zabaluev.name \
--to=mhz@alt-linux.org \
--cc=mandrake-russian@altlinux.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git