[Techtalk] simple mail filtering via whitelist - suggestions?
John Clarke
johnc+linuxchix at kirriwa.net
Sun Mar 7 15:55:02 EST 2004
On Sat, Mar 06, 2004 at 10:58:50 -0500, Travis Casey wrote:
> I've googled already, and found a ton of stuff on blocking spam with
> procmail... but nothing that showed how to simply do *just* a whitelist.
How about something like this as a starting point:
# any address in ~/.whitelist is OK
:0:
* ? (formail -cx From: | grep -iqwf ~/.whitelist)
$DEFAULT
# forward anything else to Dad for filtering (replace 'dad' with
# your local email address)
:0
! dad
Note: I haven't tested these rules.
Procmail processes each rule in order until the mail is delivered by a
rule, at which point procmail exits. The first rule uses the exit code
of the formail+grep to determine whether to deliver the mail to
$DEFAULT, (/var/spool/mail/$LOGNAME). If formail+grep returns 0, the
message is delivered and processing stops. If formail+grep returns
non-zero, the message is passed to the second rule, which
unconditionally forwards it to 'dad'.
The formail command extracts (-x) the 'From:' header from the message,
concatenating (-c) any continuation lines into one. It then pipes the
header into grep, which does a quiet (-q), case-insensitive (-i) full
word (-w) match against strings in the file (-f) ~/.whitelist. If a
match is found, grep returns 0, and so the message is delivered into
$DEFAULT.
Cheers,
John
--
People wonder why the sysadmin is on occasion slightly stressed. Well,
maybe if Mickeysoft stopped treating us like mushrooms we'd be in a
better position to BEAT THEIR BLOODY CORPSES^W^W software into working
properly for a change. -- James Cort
More information about the Techtalk
mailing list