[Techtalk] simple mail filtering via whitelist - SOLVED!

Travis Casey efindel at earthlink.net
Sat Mar 6 18:35:57 EST 2004 

On Saturday 06 March 2004 08:51, Telsa Gwynne wrote:

> It probably is easy with procmail. If you have used procmail
> before and set up procmail rules before. The syntax is a
> little (okay, hugely!) off-putting the first time.

Yeah, which was my problem:  I've never used procmail before.  And the 
"recipes" that I could find online seemed to keep whitelists as part of the 
procmail configuration.  I'd rather have it in a separate file, so my 
non-techie wife can add entries easily, without having to worry about 
leaving out some punctuation and breaking things.

(Not that I'm even sure that would be a problem with procmail... but just a 
list of addresses in a file would be ideal.)

> I tried to come up with a set of recipes in procmail for
> this and realised a problem: it would have to be based
> on "if it comes from this email address".
>
> Viruses and spams often make up or copy email addresses
> in the hope of being read. And pretend to be addresses from
> an infected computer's address book.

I'm not too worried about that yet; it's a very limited set of people who 
are going to be sending her email, and I'm not using Outlook or Outlook 
Express for her email client -- I'm using The Bat! instead, which doesn't 
do dumb things like automatically run attachments.

If it does become an issue, I'll probably set up spamassassin and/or an 
antivirus, but that's a future worry.


For right now, I decided to go check the exim website... and discovered that 
exim has its own filtering language built-in, which can be used either to 
create system-level filters or in .forward files.  After a bit of reading 
and experimenting, I created this .forward for her:

-------------------
# Exim filter

if ("${lookup{$sender_address} lsearch {/home/rhianna/white.list}{$value}}" 
is "
OK") then
  finish
else
  deliver efindel at earthlink.net
endif
--------------------

The white.list file is a set of lines, like so:

--------------------
goodaddress1 at whereever.org:OK
goodaddress2 at somewhereelse.com:OK
--------------------

From what I could figure out in the hour or so I spent on it, Exim doesn't 
have a good way to just look in a file and see if a string is in it -- its 
lookups are meant more for translation tables and the like.  Hence the :OK 
after each address.

And that's it.  The "finish" ends the script without delivering anything... 
in which case Exim just does normal delivery.  If the sender isn't in the 
list, then it'll send the mail on to my email.  Nice and simple, and I 
didn't have to install anything new.  :-)

It'd be nice if I didn't need the :OK on each address, but that's not really 
a huge problem.  Worst thing that should happen, if my wife or I puts in 
one and forgets the :OK, is that the mail will still go to me.

Well... thanks to everyone who made suggestions... it was digging through 
the "how to set this up with Exim" for something else that made me go look 
at Exim's site and find out about its own filtering, so it was helpful!

--
       |\      _,,,---,,_     Travis S. Casey  <efindel at earthlink.net>
 ZZzz  /,`.-'`'    -.  ;-;;,_   No one agrees with me.  Not even me.
      |,4-  ) )-,_..;\ (  `'-' 
     '---''(_/--'  `-'\_)

More information about the Techtalk mailing list