Procmail example for UUCP connections

[ home --> spam --> procmail example ]

Procmail rules!

As a first line of defense, I use procmail. This happens to be installed on my ISP's system. My official account (evoncken@iaehv.nl) is on that system, and I normally forward all incoming mail to an address on my machine at home (behind the UUCP connection).

Procmail has a set of rules, and either accepts or rejects incoming email based on these rules. Mail can be rejected for various reasons. I have chosen the following criteria:

1. The mail originates from a known spammer or spam-haven
If this applies, the mail is stored in a special folder for later review.
2. Mail size exceeds a certain limit
If this applies, a standard reply (toolargereply) is sent and mail is discarded.
One of the nicest features of this particular solution is that the list of banned addresses, a.k.a. "The Hall Of Shame" is read from a file HallOfShame. Normally, one would have to construct a rather large and ugly regular expression in the .procmailrc file. Thanks to Nathan Waddoup for this idea!

The .forward file

First, set up a .forward file with contents like this:
"|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #evoncken"
Make sure that you include the double quotes. The path to procmail should be correct (check this!!!) and the comment (#evoncken) should contain your own account name (this prevents some obscure problem with mail not being delivered).

Note: the .forward file is not necessary if procmail is the default local mailer on your system (as on my Linux boxen at home).

All incoming mail will now be filtered by procmail, according to the set of rules that you provide in the .procmailrc file.

The .procmailrc file

The rules for procmail are stored in your home-directory (where your .forward file is stored as well) in a file named .procmailrc. You should set up a set of rules, like the following example:

.procmailrc (click to view or save)

This wraps things up, technically: incoming email is forwarded to procmail. Procmail examines the mail and only forwards the mail to my real account if certain criteria are met.

The Hall Of Shame

All you need now, is a list of banned domains, a.k.a. The Hall Of Shame.

This file is a simple list of (partial) domain-names, one on a line. Well, here's an example: 

agis.net
answerme.com
babeview.com
cyberpromo.com
erols.com
honeys.com
hotgrrls.com
hotmail.com
pleaseread.com
prodigy.com
worldnet.att.net
capella.net
cybertimes.org
mailloop.com
megd.com
quantcom.com
StarshipInternet.Com
superhoneys.com
seductress.com
the-money-mall.com
My current HallOfShame is way too large to be included in this document (that, in itself, says quite enough). Instead, click HallOfShame to view or save the list.

Note: the .procmailrc file looks for the HallOfShame file in a specific location; most data files for my filter are stored in a subdirectory 'mailfilter' off my home directory. All this can be changed to your liking of course.

Form letters

If procmail decides to reject a certain mail, a standard reply is sent explaining the action taken. This does not apply to spam-filtering rules, since the chance of undeliverable mail or fake addresses is way too high. My reply to very large email messages (click here to view or save as text): 
 ** This message was automatically generated **

Sorry, your message was too large. Therefore it has not been delivered.
Please keep message size within reasonable limits (usually < 200 kBytes)
as my system connects to the Internet over a slow modem-link.

If you plan on using email for UU-encoded file-transmission, please
consider splitting the data in manageable chunks. Your email-client
usually provides that sort of functionality.

Contact your postmaster or administrator for more information on sending
large messages.

top$Id: procmail_example.m4,v 1.2 1999/04/26 12:23:55 ed Exp $

Sending unsolicited (commercial) email
to any address on these pages strictly prohibited!
Caught in a frame? Go to http://www.iaehv.nl/users/evoncken/index.html
Questions? Remarks? Contact Ed Voncken evoncken@iaehv.nl