On (24/09/03 04:22), Pigeon wrote:
> I've just found getting mailfilter up on woody to be a suitable
> means of passing the time while microwaving pizzas. It's dead easy:
I think my pizza would be crisped by now ;) but thanks for this.
Coincidentally, I was trying to confilgure mailfilter last night to
find, I couldn't invoke it from getmail and so downloaded fetchmail. So
your posting is timely ;)
>
> 1) apt-get install mailfilter - it only depends on libc, libstdc++ and
> debconf, so no baddies there. :-)
Installed through dselect - no problem
> 2) modify ~/.fetchmailrc with the 'preconnect "mailfilter"' line,
> which goes in a slightly non-obvious place, as in my example
> (attached); only one 'preconnect' line is needed to check multiple
> mailboxes, as mailfilter gets the info on which boxes to check from
> its own .rc, not from fetchmail.
Have done this but want to avoid wiping mails off the server for two
days (what I currently do with getmail). Haven't cracked how to do this
yet ... so using mailfilter alone in "TEST" mode
>
> 3) modify my attached ~/.mailfilterrc with your POP3 username and
> password details. The DENY rules to filter out viral crap are
> translated from posts by Greg Lehey and David Lloyd on the LinuxSA
> list. The ALLOW lines are to cope with the possibility of list
> traffic arriving with large log files attached which would
> otherwise be knocked out by the MAXSIZE limit. You must have the
> log file. You can add a line 'TEST=yes' to run in 'dummy' mode
> without actually deleting everything. The DENY and ALLOW lines must
> not contain line breaks.
I've used your filters only (having commented out the example ones
supplied) but when I look at mailfilter.log it seems to have deleted
everything (in TEST mode luckily). I can send the log file if needed;
meanwhile I attach my mailfilterrc file. Can you tell me what I've done
wrong?
>
> The one thing mailfilter does seem to lack is an option to filter
> based on the output of some external program, so you could link it
> with some Bayesian engine to avoid manually tweaking the rules.
Manual filtering would be a start given the volume of spam, I currently
receive ;)
[I've cracked actually adding a signature, which was so simple, I can't
imagine why it took me so long - I am currently looking the GPG
documentation but this spate of spam has rather got in the way]
Regards
Clive
--
http://www.clivemenzies.co.uk
strategies for business
# -----------------------------------------------------------
# Taken from example rcfile from the INSTALL document and
# combined with rcfile from pigeon
# -----------------------------------------------------------
# -----------------------------------------------------------
# Logile path (be sure you have write permission in this
# directory; you MUST specify a logfile)
LOGFILE=/home/clive/mailfilter.log
# -----------------------------------------------------------
# Level of verbosity
VERBOSE=2
# -----------------------------------------------------------
# POP3 server list (do not change the order of the fields!)
# Note: Port 110 is usually the port POP3 servers use.
# Currently only POP3 is supported.
SERVER=mail.plus.net
USER=xxxxxxxxxxxxxxxxxx
PASS=xxxxx
PROTOCOL=pop3
PORT=110
SERVER=mail.plus.net
USER=xxxxxxxxxxxx
PASS=xxxxxxxx
PROTOCOL=pop3
PORT=110
SERVER=mailgate.ftech.net
USER=xxxxx
PASS=xxxxxx
PROTOCOL=pop3
PORT=110
SERVER=pop1.mail.lhr1.globix.net
USER=xxxxxx
PASS=xxxxxx
PROTOCOL=pop3
PORT=110
# -----------------------------------------------------------
# Do you want case sensitive e-mail filters? { yes | no }
REG_CASE=yes
# -----------------------------------------------------------
# Sets the type of Regular Expression used { extended | basic }
#
# (The default is 'basic', don't change unless you know what you
# are doing. Extended REs are more complex to set up.)
REG_TYPE=extended
# -----------------------------------------------------------
# Maximum e-mail size in bytes that should not be exceeded.
MAXSIZE_DENY=1000000
# -----------------------------------------------------------
# Set maximum line length of any field in the message header
# (default is 998 characters per line; 0 to disable option)
MAXLENGTH=998
# ----------------------------------------------------------
# Filter rules for detecting spam (each rule must be placed
# in a seperate line)
# These filters detect certain unpleasant e-mail subjects:
# DENY=^Subject:.*Get penis enlargement
# DENY=^Subject:.*WIN MONEY
# This one filters mail from a certain person:
# DENY=^From:[EMAIL PROTECTED]
# This one filters mail from everyone at a certain organisation:
# DENY=^From:[EMAIL PROTECTED]
# We don't want any of those 'LEGAL' messages either
# while stuff with 'legal' in the subject still interests us:
# DENY_CASE=^Subject:.*LEGAL
# The following filters are to combat the MS Swen worm etc.
DENY=^Content-(Type|Disposition):.*(file)?name=.*\.(asd|bat|
chm|cmd|com|dll|exe|hlp|hta|js|jse|lnk|ocx|pif|scr|shb|shm|
shs|vb|vbe|vbs|vbx|vxd|wav|wsf|wsh)
DENY=^(Subject|SUBJECT):.*(Latest Net Critical Update|Bug Message|Abort Letter|abort
notice|Failure Message)
DENY=^(From|FROM):.*(Microsoft|MS Email Delivery System|Inet Email|Internet
Message|Inet Mail Service|MS Internet|Net Delivery Service|MS Mail System|internet
email delivery|MS Network Delivery|ms network system|MS Security Services|Inet Mail
Storage System)
ALLOW=^From:[EMAIL PROTECTED]
ALLOW=^From:[EMAIL PROTECTED]
# Normalises the subject strings before parsing, e.g.
# ',L.E-G,A.L; ,C.A-B`L`E, +.B-O`X` ;D`E`S,C;R,A.MB;L,E.R-]'
# becomes 'LEGAL CABLE BOX DESCRAMBLER' which can be filtered.
#
# If NORMAL is switched on, Mailfilter tries to apply filters
# to both the normalised and the original subject.
NORMAL=yes
# -----------------------------------------------------------
# The maximum e-mail size in bytes that messages from friends
# should not exceed. Set this to 0 if all your friends (ALLOW)
# can send messages as long as they want.
MAXSIZE_ALLOW=0
# ----------------------------------------------------------
# Set list of friends that always pass, if they do not
# exceed the message length of MAXSIZE_ALLOW
# This rule allows all mail from a friend who was unlucky enough
# to have signed up with a spam organisation. With DENY we
# block everyone else from that domain though! See above!
# ALLOW=^From:[EMAIL PROTECTED]
# Of course we allow e-mail from anyone who has something to say about
# mailfilter:
# ALLOW=^Subject:.*mailfilter
# We also let our girlfriend send any e-mail she wants:
# ALLOW=^From:[EMAIL PROTECTED]
##If you are new to Regular Expressions and new to Mailfil
##ter, you might want to experiment a bit, before you acci
## dently delete messages for real. For such cases Mailfilter
## provides two keywords. TEST can be used to only simulate
## the deletion of messages and SHOW_HEADERS displays all e-
## mail headers that get scanned by the program.
TEST=yes
SHOW_HEADERS=yes
