Mail Management With Procmail - Lies, Sweet Lies (
Page 5 of 8 )
You might remember, from the previous page, that I said
that once procmail executes the action line of a recipe, it stops processing
further recipes and moves on to the next message.
Well...ummm...that was
kinda a little white lie.
You see, it is possible to have procmail
process a message as per the action line within a recipe, and then, instead of
exiting, continue to process subsequent recipes to see if further matches exist.
This is accomplished by adding the "c" flag (for "carbon copy") to the first
line of a recipe. When procmail encounters this flag, it will first generate a
copy of the email message; this copy is then processed as per the recipe, while
the original message is passed on to subsequent recipes.
In order to
better understand how this works, consider the following variant of the very
first recipe in this article, which not only forwards a copy of every incoming
message to another email address, but also backs it up to a mailbox named
"BACKUP":
:0 c
BACKUP
:0
!my.other.email.address@some.other.host
In this case, every message
intercepted by procmail first gets transferred to the "BACKUP" mailbox. Since
the "c" flag is present on that recipe, procmail will also create a copy of the
message and continue processing it. This message copy will then match the second
recipe, and will get forwarded to the specified email address.
In case
you'd prefer to have incoming mail stored in your local spool and also forwarded
to another email address, try the following simple variant:
:0 c
!my.other.email.address@some.other.host
In this case, incoming messages
will get automatically forwarded to the specified email address, and procmail
will also generate an extra copy because of the special "c" flag. Since the
".procmailrc" file contains only a single recipe, no further matches will exist
and so the copy will be handled in the default manner - that is, delivery to the
user's local mail spool. The end result: incoming messages are both stored
locally and forwarded out of the system.
There are a number of other
flags that can be used to alter procmail's default behaviour - take a look at
the procmail manual pages for more information.{mospagebreak title=Canning The
Spam} As you might imagine from the preceding discussion, procmail is a great
tool to use if you're concerned about spam clogging your mailbox. The simplest
solution here is to add a series of recipes to the beginning of your
".procmailrc" file, which can scan incoming email for known spammer addresses
and automatically filter those messages out. As an example, consider the
following set of recipes:
:0
* ^From:.*angie76@spammer.com
SPAM
:0
* ^From:.*@known-bad-domain.com
SPAM
:0
* ^From:.*clouded_mind_99@hotmail.com
SPAM
:0
* ^Subject:.*make money fast
SPAM
As I stated earlier, it's usually a good idea to place these recipes
neat the top of your ".procmailrc" file, so that they are processed
first.
If you get a large amount of spam, the technique above may seem
inconvenient, as your ".procmailrc" file will rapidly grow in size as more and
more spammers add your email address to their database. For convenience, you can
either place these recipes in a separate file and include them into your
".procmailrc" (this technique is discussed a little further down) or you can
create a so-called "black list" of known spammer addresses in a separate file,
and have procmail scan through it looking for a match every time it receives
email. This second technique is a little processor-intensive, but has the
benefit of simplicity - it needs only a single recipe. Take a look:
:0
* ? egrep -is -f /home/me/black-list.txt
SPAM
The file "black-list.txt" is a simple list of email addresses, like
so:
angie76@spammer.com
clouded_mind_99@hotmail.com
o@o.com
In this example, the "egrep" program is called by procmail to see
if the message headers contain a known spammer's email address. If a match is
found, the message is moved to the "SPAM" mailbox. This is a much simpler
approach than the one described previously, as all you need to do is update your
black list on a regular basis.
Another technique of dealing with spam is
so-called "reverse filtering", which uses a "white list" of known addresses. In
this case, mail is only delivered to your mailbox if it matches an address in
the white list; all non-matching email is treated as spam and either transferred
to a spam folder for later review, or summarily deleted. The following example
demonstrates:
:0
* !? egrep -is -f /home/me/white-list.txt
SPAM
