[Techtalk] simple mail filtering via whitelist - suggestions?
johnc+linuxchix at kirriwa.net
Mon Mar 8 11:49:47 EST 2004
On Sat, Mar 06, 2004 at 10:58:50AM -0500, Travis Casey wrote:
> I've googled already, and found a ton of stuff on blocking spam with
> procmail... but nothing that showed how to simply do *just* a whitelist.
I sent this from home yesterday but it seems to have disappeared
somewhere between there and the list ...
How about something like this as a starting point:
# any address in ~/.whitelist is OK
* ? (formail -cx From: | grep -iqwf ~/.whitelist)
# forward anything else to Dad for filtering (replace 'dad' with
# your local email address)
Note: I haven't tested these rules.
Procmail processes each rule in order until the mail is delivered by a
rule, at which point procmail exits. The first rule uses the exit code
of the formail+grep to determine whether to deliver the mail to
$DEFAULT, (/var/spool/mail/$LOGNAME). If formail+grep returns 0, the
message is delivered and processing stops. If formail+grep returns
non-zero, the message is passed to the second rule, which
unconditionally forwards it to 'dad'.
The formail command extracts (-x) the 'From:' header from the message,
concatenating (-c) any continuation lines into one. It then pipes the
header into grep, which does a quiet (-q), case-insensitive (-i) full
word (-w) match against strings in the file (-f) ~/.whitelist. If a
match is found, grep returns 0, and so the message is delivered into
> WOOHOO!! I knew perth.wa.au was remote, but now I have proof.
Well, it's certainly neither local, network, batch nor dialup
so obviously it's remote.
-- David P. Murphy
More information about the Techtalk