[Techtalk] simple mail filtering via whitelist - suggestions?

John Clarke johnc+linuxchix at kirriwa.net
Mon Mar 8 11:49:47 EST 2004


On Sat, Mar 06, 2004 at 10:58:50AM -0500, Travis Casey wrote:

> I've googled already, and found a ton of stuff on blocking spam with
> procmail... but nothing that showed how to simply do *just* a whitelist.

I sent this from home yesterday but it seems to have disappeared
somewhere between there and the list ...

How about something like this as a starting point:

    # any address in ~/.whitelist is OK
    :0:
    * ? (formail -cx From: | grep -iqwf ~/.whitelist)
    $DEFAULT

    # forward anything else to Dad for filtering (replace 'dad' with
    # your local email address)
    :0
    ! dad

Note: I haven't tested these rules.

Procmail processes each rule in order until the mail is delivered by a
rule, at which point procmail exits.  The first rule uses the exit code
of the formail+grep to determine whether to deliver the mail to
$DEFAULT, (/var/spool/mail/$LOGNAME).  If formail+grep returns 0, the
message is delivered and processing stops.  If formail+grep returns
non-zero, the message is passed to the second rule, which
unconditionally forwards it to 'dad'.

The formail command extracts (-x) the 'From:' header from the message,
concatenating (-c) any continuation lines into one.  It then pipes the
header into grep, which does a quiet (-q), case-insensitive (-i) full
word (-w) match against strings in the file (-f) ~/.whitelist.  If a
match is found, grep returns 0, and so the message is delivered into
$DEFAULT.

Cheers,

John
-- 
> WOOHOO!! I knew perth.wa.au was remote, but now I have proof.
Well, it's certainly neither local, network, batch nor dialup
so obviously it's remote.
            -- David P. Murphy


More information about the Techtalk mailing list