* [mdk-re] Re: [JT] procmail goes after spammers
2002-02-14 12:31 ` Michael Shigorin
@ 2002-02-14 14:00 ` Mikhail Zabaluev
0 siblings, 0 replies; 4+ messages in thread
From: Mikhail Zabaluev @ 2002-02-14 14:00 UTC (permalink / raw)
To: mandrake-russian
[-- Attachment #1: Type: text/plain, Size: 855 bytes --]
Hello Michael,
On Thu, Feb 14, 2002 at 11:10:30AM +0200, Michael Shigorin wrote:
>
> On Thu, Feb 14, 2002 at 01:00:33AM +0300, Mikhail Zabaluev wrote:
> > Вот procmail -- это сила. 5 минут назад в очередной раз опустошил папку
> [...]
> > -- чистота :) Плюс к тому: автоматическое уведомление провайдеров
> > особо надоедливых и псевдо-отлупы со смыслом
> > "адресат по указанному адресу не проживает/выбыл/умер/ушла на базу".
> Тезка, я извиняюсь -- а _это_ счастье опакечивается? ;)
Ну (скромно потупившись), оно вряд ли того стоит, да и настроено на
"моих" спаммеров.
Есть как минимум одно "окончательное решение спаммерского вопроса"
в виде procmail-фильтра, доступное на FM/SF.
Могу лишь приложить свои файлы, если кому пригодится.
--
Stay tuned,
MhZ JID: mookid@jabber.org
___________
Do you have lysdexia?
[-- Attachment #2: .procmailrc --]
[-- Type: text/plain, Size: 2879 bytes --]
MAILDIR=$HOME/Mail/
LOGFILE=$HOME/log/procmail
ME=(mhz@(altlinux\.ru|alt-linux\.org|linux\.ru\.net)|mookid@(mu|sigent)\.ru)
SPAMGUISES=@(aol|hotmail|msn|yahoo)\.com
:0 :
* $^X-Loop: $\LOGNAME@$\HOST
$DEFAULT
# Log all bad deliveries
LOGABSTRACT=all
# Rules that bounce with "bad data"
EXITCODE=65
# Trash all huge messages not addressed to me, that are not mailing list
# digests.
:0
* >65536
* !$^TO_$ME
* !(digest|vital)
/dev/null
# Rules that bounce with "no such user"
EXITCODE=67
# Deal with messages that bear nasty signs of spam
:0
* ^X-RBL-Warning:|\
^X-((Bulkmail|CORONNA|CRUNCHERS|IONK|PLATTER):|(EM|SMTPExp)-)|\
^X-Mailer:.*(Caretop|diffondi|em5000|EMailing List Pro|\
GOTO Software Sarbacane|IncrediMail|LK SendIt|Mailtouch|\
NetPIMS Merge & Group Mailer|SoftForum-WebMail|SuperMail-2)
{
:0
* >10000
/dev/null
:0 :
spam
}
# Charsets that mindless Asian spam uses, I have no chance to read them anyway
:0 :
* (charset.+|=\?)(big5|euc-kr|gb2312|iso-2022-jp|ks_c_5601-1987)
spam
# Process my dear frequent posters ;)
:0
* ^From .*seed\.net\.tw
* ^Received:.*\.ethome\.net\.tw
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
antispam@ethome.net.tw
:0
* ^From big6@mailbox\.as
* ^Received:.*\[64\.245\.234
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
abuse@digex.net
:0
* ^Received:.*registeredsite.com \(\[64\.224\.9\.
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
abuse@interland.net
:0
* ^From .*einfodirect\.com
* ^Received:.*iexpect\.com \(\[216\.35
| $HOME/bin/spam-forward -s "[SPAM ALERT] <AUTO> {EAI#289-065}" \
postmaster@iexpect.com abuse@exodus.net
:0
* ^From .*@a-01.com
* ^Received:.*\[209\.52\.29\.18.
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
abuse@smartt.com
:0
* ^Received:.*\[61\.1(79|87)
* $^From .*(longfbusiness@sina\.com|$SPAMGUISES)
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
anti-spam@ns.chinanet.cn.net
:0
* ^From .*jdmgames\.(com|net)
* ^Received:.*\[207\.215\.122
| $HOME/bin/spam-forward -s '[SPAM ALERT] (KMM512879C0KM)' \
abuse@internetive.net abuse@pacbell.net
:0
* $^From .*(buero\.link-m\.de|$SPAMGUISES)
* ^Received:.*\[211\.114\.53\.3[2-9]
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
insystem@kornet.net
:0
* ^From banks111111hk@yahoo\.com\.hk
* ^Received:.*\[212\.161\.14
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
abuse@colt.net
:0
* ^From .*(badajob|genie)\.com
* ^Received:.*\[210\.51
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
tech-group@china-netcom.com
:0
* ^From .*News@MailSRV\.BidBay\.com
* ^Received:.*\.bidbay\.com
| $HOME/bin/spam-forward -s '[SPAM ALERT] Oops, they did it again' \
postmaster@primenet.com
# Normal delivery
LOGABSTRACT=no
EXITCODE=0
[-- Attachment #3: spam-forward --]
[-- Type: text/plain, Size: 859 bytes --]
#!/bin/bash
#
# Procmail helper to bounce spam messages.
#
[ "$SENDMAIL" = "" ] && SENDMAIL=/usr/sbin/sendmail
[ "$SENDMAILFLAGS" = "" ] && SENDMAILFLAGS=-oi
subject='[SPAM ALERT]'
while getopts s: opt; do
subject="$OPTARG"
done
shift $(( $OPTIND - 1 ))
dest="$*"
if [ -z "$dest" ]; then
echo "Usage: $0 [-s subject] recipient ... <message" >&2
exit 1
fi
to_line="${*/%/,}"
to_line="${to_line%,}"
( cat <<EOF
From: $LOGNAME
To: $to_line
Subject: $subject
Precedence: bulk
X-Loop: $LOGNAME@$HOST
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
Hello,
This is an automatically generated spam alert.
Feel free to contact me if you have any issues related to this.
The (partial) listing of the message that triggered it
is included below.
EOF
head -c 8k
cat >/dev/null
) | $SENDMAIL $SENDMAILFLAGS $dest
^ permalink raw reply [flat|nested] 4+ messages in thread