On (14/10/03 11:45), Andrew Hayes wrote:
> Jeff Elkins wrote:
> >Well, hell.
> >
> >I set up a new address (for family) on my server and inadvertently used it
> >Sunday in a reply to debian-user. It's now being flooded with email
> >viruses and spam.
>
> You aren't the only one, since signing up I've been blasted like
> buggering regardless of Mozillas spam filters, no offense but screw this
> for a game of soldiers.
If you search the archive over the last month there have been acres of
posts on this subject and many different ideas for dealing with it.
I was finding it virtually impossible to work because of the volume of
these MS Swen virus emails. So I installed mailfilter (woody) and
fetchmail, set up my mailfilterrc as per the attached sample and invoke
mailfilter from fetchmail using preconnect="mailfilter". My daily
intake of spam is back to more managable levels and I intend to move on
to using something like spamassassin to deal with the balance.
I suggest you uncomment the SHOWHeaders and TEST lines to make sure it
works as you want before using it in earnest.
HTH
Clive
--
http://www.clivemenzies.co.uk
strategies for business
# -----------------------------------------------------------
# Clive's RC file from example rcfile in the INSTALL document
# -----------------------------------------------------------
# -----------------------------------------------------------
# Logile path (be sure you have write permission in this
# directory; you MUST specify a logfile)
LOGFILE=/home/your-home_dir/.mailfilter.log
# -----------------------------------------------------------
# Level of verbosity
VERBOSE=3
# -----------------------------------------------------------
# POP3 server list (do not change the order of the fields!)
# Note: Port 110 is usually the port POP3 servers use.
# Currently only POP3 is supported.
SERVER=whatever.net
USER=your_username
PASS=your_password
PROTOCOL=pop3
PORT=110
SERVER=another_whatever.net
USER=another_username
PASS=another_password
PROTOCOL=pop3
PORT=110
# -----------------------------------------------------------
# Do you want case sensitive e-mail filters? { yes | no }
REG_CASE=no
# -----------------------------------------------------------
# Sets the type of Regular Expression used { extended | basic }
#
# (The default is 'basic', don't change unless you know what you
# are doing. Extended REs are more complex to set up.)
REG_TYPE=basic
# -----------------------------------------------------------
# Maximum e-mail size in bytes that should not be exceeded.
# MAXSIZE_DENY=1000000
# -----------------------------------------------------------
# Set maximum line length of any field in the message header
# (default is 998 characters per line; 0 to disable option)
# MAXLENGTH=998
# ----------------------------------------------------------
# Filter rules for detecting spam (each rule must be placed
# in a seperate line)
# These filters detect certain unpleasant e-mail subjects:
DENY=^Subject:.*Network \(Critical\|Patch\|Security\|Upgrade\|Update\|Pack\)\+
DENY=^Subject:.*Net \(Critical\|Patch\|Security\|Upgrade\|Update\|Pack\)\+
DENY=^Subject:.*Security \(Critical\|Patch\|Security\|Upgrade\|Update\|Pack\)\+
DENY=^Subject:.*Latest \(Critical\|Internet\|Patch\|Security\|Upgrade\|Update\|Pack\)\+
DENY=^Subject:.*Abort \(Announcement\|Report\)*
DENY=^Subject:.*Current \(Internet\|Security\|Microsoft\|Pack\|Update\)*
DENY=^Subject:.*Error Letter
DENY=^Subject:.*Bug Letter
DENY=^Subject:.*New Pack
DENY=^Subject:.*viagra
DENY=^Subject:.*\(penis\|Dick\)\+
DENY=^Subject:.*home loan
DENY=^Subject:.*\(Phentermine\|Valium\|Vicodin\|Xanax\)\+
DENY=^Subject:.*Medications
DENY=^Subject:.*Online Pharmacy
DENY=^Subject:.*DISCREET OVERNIGHT PHARMACY
DENY=^Subject:.*Lowest Rates
DENY=^Subject:.*hey there\.\.\.
DENY=^From:.*Microsoft
\(Network\|Security\|Corporation\|Email\|Inet\|Mail\|Service\|Message\|Internet\|Customer\|Public\|Support\)*
DENY=^From:.*MS
\(Net\|Network\|Security\|Corporation\|Mail\|Service\|Message\|Internet\|Customer\|Support\)*
DENY=^From:.*Customer Bulletin
DENY=^From:.*Internet
\(Delivery\|Email\|Service\|System\|Mail\|Message\|Storage\|Upgrade\)\+
DENY=^From:.*Net
\(Delivery\|Email\|Service\|System\|Mail\|Message\|Storage\|Upgrade\)\+
DENY=^From:.*Delivery Service
DENY=^From:.*Security Department
DENY=^From:.*Email \(Delivery\|Service\)\+
DENY=^From:.*Storage \(Service\|System\)*
DENY=^From:.*Network \(Client\|Mail\|Storage\|System\|Security\|Service\)\+
DENY=^From:.*Technical \(Assistance\)\+
DENY=^From:.*Public Services
DENY=^From:.*CyberAtlas
DENY=^From:.*youask4it
DENY=^To:.*Net \(Client\|Consumer\|Recipient\|Receiver\|User\)\+
DENY=^To:.*Inet \(Client\|Recipient\)*
DENY=^To:.*Internet \(Client\|Consumer\|Recipient\|Receiver\|User\)\+
DENY=^To:.*Network \(Client\|Consumer\|Recipient\|Receiver\|User\)\+
DENY=^To:.*Mail \(Client\|Consumer\|Recipient\|Receiver\|User\)\+
DENY=^To:.*Email \(Client\|Consumer\|Recipient\|Receiver\|User\)\+
DENY=^To:.*Commercial \(Client\|Customer\|Consumer\|User\)*
DENY=^To:.*Microsoft \(Client\|Customer\|Consumer\|User\)*
DENY=^To:.*Customer
DENY=^To:.*Client
# This one filters mail from everyone at a certain organisation:
DENY=^From:[EMAIL PROTECTED]
# We don't want any of those 'LEGAL' messages either
# while stuff with 'legal' in the subject still interests us:
DENY_CASE=^Subject:.*LEGAL
# -----------------------------------------------------------
# Normalises the subject strings before parsing, e.g.
# ',L.E-G,A.L; ,C.A-B`L`E, +.B-O`X` ;D`E`S,C;R,A.MB;L,E.R-]'
# becomes 'LEGAL CABLE BOX DESCRAMBLER' which can be filtered.
#
# If NORMAL is switched on, Mailfilter tries to apply filters
# to both the normalised and the original subject.
NORMAL=yes
# -----------------------------------------------------------
# The maximum e-mail size in bytes that messages from friends
# should not exceed. Set this to 0 if all your friends (ALLOW)
# can send messages as long as they want.
MAXSIZE_ALLOW=0
# ----------------------------------------------------------
# Set list of friends that always pass, if they do not
# exceed the message length of MAXSIZE_ALLOW
# This rule allows all mail from a friend who was unlucky enough
# to have signed up with a spam organisation. With DENY we
# block everyone else from that domain though! See above!
ALLOW=^From:[EMAIL PROTECTED]
ALLOW=^From:[EMAIL PROTECTED]
# Of course we allow e-mail from anyone who has something to say about
# mailfilter:
ALLOW=^Subject:.*mailfilter
# We also let our girlfriend send any e-mail she wants:
ALLOW=^From:[EMAIL PROTECTED]
# SHOW_HEADERS =yes
# TEST =yes
