1. Basic Recipe for Scotts Test Script

1. Pico ~/.procmailrc:

2. Mkdir /home/username/test

SHELL=/bin/sh

TESTDIR=/home/username/procmail-test

MAILDIR=${TESTDIR}

LOGFILE=${TESTDIR}/Proctest.log

LOG="--- Logging for ${LOGNAME}, "

#Troubleshooting:

VERBOSE=yes

LOGABSTRACT=all

:0

* ? formail -x"From" -x"From:" -x"Reply-To:" | grep -f black.lst

/dev/null

The following is a basic shell script to manually call procmail, tell it what control file to use, and what sample mail message to test against. Under normal operation these control files would get called automagically from the .procmailrc file in your home directory.

#!/bin/sh

#

# You need a test directory.

TESTDIR=/home/your-username/procmail-test

if [ ! -d ${TESTDIR} ] ; then

echo "Directory ${TESTDIR} does not exist; First create it"

exit 0

fi

#Feed an email message to procmail. Apply a control recipe file.

#First prepare a mail.msg email file which you wish to use for the

#testing.

## Using a blacklist

# procmail ${TESTDIR}/proctest-blacklist.rc < mail.msg-blacklist

## Using And

# procmail ${TESTDIR}/proctest-and.rc < mail.msg-and

## Using Or

# procmail ${TESTDIR}/proctest-or.rc < mail.msg-or

## Scoring

# procmail ${TESTDIR}/proctest-scoring.rc < mail.msg-scoring

## Body Scanning

# procmail ${TESTDIR}/proctest-body.rc < mail.msg-body

#

#Show the results.

less ${TESTDIR}/proctest.log

clear

#

#Clean up.

rm -i ${TESTDIR}/proctest.log

 

This example puts the formail program to use in order to extract several fields from an incoming mail message, then looking for a matching pattern in the file black.lst. The file black.lst in this case would contain email addresses or just domains of known senders of spam, one entry on each line. If there is a match in any of the three fields were looking at (From, From:, and Reply-To:) then the email is dropped outright.

When in normal use the variable TESTDIR is not necessary, but here it is set to provide the correct directory for output to the testing shell script.

SHELL=/bin/sh

TESTDIR=/home/stl/procmail-test

LOGFILE=${TESTDIR}/proctest.log

LOG="--- Logging for ${LOGNAME}, "

#Troubleshooting:

VERBOSE=yes

LOGABSTRACT=all

:0

* ? formail -x"From" -x"From:" -x"Reply-To:" | grep -f black.lst

/dev/null

 

A basic control file using the "AND" matching ability of Procmail. The following example requires both statements to be true before the incoming message is dumped. A few key points of this particular control file are the bangs, and a simple regular expression.

The bangs (exclamation points) roughly translate into meaning "NOT". In the first pattern, the control file says, "This pattern returns as true if the message is not addressed to stl@ scc.net, or a subdomain of scc.net." The following line tells Procmail to return a value of true if the message is not being sent from a sender with a scc.net email address. As such, if a spammer from the domain spam.com sends an email to his list which creates a From: address of spammer@spam.com, and the message comes to my box, this script will return true on both patterns and drop the message outright.

SHELL=/bin/sh

TESTDIR=/home/stl/procmail-test

LOGFILE=${TESTDIR}/proctest.log

LOG="--- Logging for ${LOGNAME}, "

#Troubleshooting:

VERBOSE=yes

LOGABSTRACT=all

:0

* ! ^TO_stl@.*scc\.net

* ! ^From:[-a-z0-9_]+*@([-a-z0-9_]+\.)*scc\.net

/dev/null

 

This example actually uses a mix of AND along with OR. The first line checks to see whether the message has been sent to stl@ scc.net or stl@ soundinternet.com. If it was not, then it is instantly dropped. OR allows for a bit more flexibility over the AND example in that I can now easily give the option of allowing mail not directly addressed to me and not coming from a scc.net address to also arrive from soundinternet.com, or whatever else I felt like allowing through.

SHELL=/bin/sh

TESTDIR=/home/stl/procmail-test

MAILDIR=${TESTDIR}

LOGFILE=${TESTDIR}/proctest.log

LOG="--- Logging for ${LOGNAME}, "

#Troubleshooting:

VERBOSE=yes

LOGABSTRACT=all

:0

! ^TO_stl@([-a-z0-9_]+)*.scc\.net|stl@([-a-z0-9_]+)*.soundinternet\.com

! ^From:([-a-z0-9_]+)*@([-a-z0-9_]+\.)*scc\.net|\

^From:([-a-z0-9_]+)*@([-a-z0-9_]+\.)*soundinternet\.com

/dev/null

In this example we are scanning the body of a message for key phrases which typically give away that the incoming mail is junk. A new flag in this control file is B which tells Procmail to scan the message body. The ^ character tells Procmail that it should be looking for the match at the very beginning of a new line, and we use the OR operator just to make the requirements for successfully dropping the message a bit lower.

SHELL=/bin/sh

TESTDIR=/home/stl/procmail-test

MAILDIR=${TESTDIR}

LOGFILE=${TESTDIR}/proctest.log

LOG="--- Logging for ${LOGNAME}, "

#Troubleshooting:

VERBOSE=yes

LOGABSTRACT=all

:0B

* (remove@|removeme@|interested in this offer|\

^With.*bulk e-?mail software|\

^Our research shows.*may be of interest to you|\

^You will not receive any more.*from us|\

\$\$\$|FREE|^click here|40.*40.*40)

/dev/null

 

Scoring allows you to create rules of very fine detail, so an incoming message has a better opportunity of making it through if it is legitimate but containing matching patterns which otherwise would have blocked it. The basic idea of scoring is that when a message receives a final score greater than 0, it is dropped or filed elsewhere. In this example an incoming message is given a starting score of 1, so it needs two points against it to be deleted. A nice feature is that you can start with a score as low as you like, and other patterns can be weighted depending on how important you feel they are. In this example, after the initial score is set, the next line reads in a file containing a list of subject lines, similar to the blacklist file in the domain blocking example. If a subject matches, it receives 1 point, which brings its total score to 0. At this point it would still make it through however. The next line looks to see if it is directly addressed to stl@ scc.net. If not, it receives another point, bringing the total to 1, which means it would now get dumped. If line one and two fail, but it is Chris who is sending me mail, Ive given him a weight of 2 which means it would instantly go over the allowable value of 0 and be dropped.

SHELL=/bin/sh

TESTDIR=/home/stl/procmail-test

MAILDIR=${TESTDIR}

LOGFILE=${TESTDIR}/proctest.log

LOG="--- Logging for ${LOGNAME}, "

#Troubleshooting:

VERBOSE=yes

LOGABSTRACT=all

:0

* -1^0

* 1^0 ? formail -x"Subject:" | grep -f scoring-subjects

* 1^0 ! ^TO_stl@scc\.net

* 2^0 ^From:.cluhman@([-a-z0-9_]+\.)*scc\.net

/dev/null