2 # User configuration file for procmail
10 SHELL=/bin/sh #Shell used to run procmail. Be sure this points to
11 #your system's copy of sh. DO NOT substitute a
12 #different shell unless you really know Unix
14 LINEBUF=4096 #Needed to keep Procmail from choking on long
15 #"recipes", or instructions on what to do with
16 #particular kinds of email.
18 PATH=$HOME/bin:$HOME/mail/bin:/bin:/usr/bin:/usr/local/bin
19 #Path for your programs -- this is probably best
22 VERBOSE=off #Change this to "on" when you try a new recipe
23 #so that Procmail will log literally every step
24 #it takes. DO NOT LEAVE IT ON, though, because
25 #it creates huge logfiles.
27 # Default Program & file locations
29 MAILDIR=${HOME}/Mail #you'd better make sure this directory exists
31 #ORGMAIL=/var/spool/mail/phd
34 LOGFILE=${MAILDIR}/procmail.log #Logs message disposition. Recommended -- otherwise
35 #errors are emailed to you. :/
37 SENDMAIL=/usr/sbin/sendmail #useful for autoreply recipes.
38 FORMAIL=/usr/bin/formail #useful for autoreply recipes.
41 MYEMAIL=${HOME}/mail/misc/.myemail #Tells Procmail where your MYEMAIL
42 #file is located, a text file containing all the
43 #email addresses you use.
45 ADMINFOLDER=${MAILDIR}/admin #for bounced mail, mail from root,
46 #postmaster, abuse, etc.
48 BLOCKFOLDER=${MAILDIR}/block #for suspicious mail, but possibly not spam
50 BULKFOLDER=${MAILDIR}/bulk #for bulk mail which appears legitimate, such
51 #as mail from mailing lists or mail sent using
54 SPAMFOLDER=${MAILDIR}/spam #change this to SPAMFOLDER=/dev/null
55 #to delete spam entirely.
57 VIRUSFOLDER=/dev/null #Set this variable to /dev/null to delete
58 #all viruses. You don't want to take chances with a virus,
59 #and the false positive rate on the virus filters is near zero.
64 # Create a backup cache of 2000 most recent messages in case of mistakes
69 | cd backup && rm -f dummy `ls -t msg.* | sed -e 1,2000d`
71 # Regenerate "From" lines to make sure they are valid
73 | ${FORMAIL} -I "From " -a "From "
76 # *CLOSED (only subscribers can write)* MAILING LISTS
77 # No need to filter them for spam
80 * ^List-Id: Moscow Linux User Group <mlug\.UnixCenter\.RU>
84 * ^(From|To|Cc|Reply-To): .*((mlug@unixcenter\.ru)|@altlinux\.ru)
88 * ^(To|Cc|Reply-To|Resent-To|X-BeenThere): .*(-list@(python\.org|cwi\.nl))
92 * ^Sender: python-list-admin@python\.org
96 * ^Newsgroups: .*comp\.lang\.python
100 * ^List-Id: Python core developers <python-dev\.python\.org>
104 * ^List-Id: "Python 3000 process, design, development" <python-3000\.python\.org>
108 * ^List-Id: Discussions of speculative Python language ideas.*<python-ideas\.python\.org>
112 * ^Sender: "Email-SIG" <email-sig-bounces\+phd=phdru\.name@python\.org>
116 * ^Sender: mimelib-devel-admin@lists\.sourceforge\.net
120 * ^List-Id: Discussion of the Quixote Web development framework.*<quixote-users\.mems-exchange\.org>
124 * ^List-Id: Discussion of the Durus object database.*<durus-users\.mems-exchange\.org>
128 * ^From: sitelist-bounces@lists\.sourceforge\.net
129 * ^To: sqlobject-discuss-owner@lists\.sourceforge\.net
130 * ^Subject: Uncaught bounce notification
134 * ^From: sqlobject-cvs-bounces@lists\.sourceforge\.net
135 * ^To: sqlobject-cvs-owner@lists\.sourceforge\.net
136 * ^Subject: Auto-discard notification
140 * ^List-Id: .+<sqlobject-(discuss|cvs)\.lists\.sourceforge\.net>
144 * ^To: "(\[sqlobject:bugs\] )|(Ticket [0-9]+)" <[0-9]+@bugs\.sqlobject\.p\.re\.sf\.net>
145 * ^Reply-To: "?(\\?\[sqlobject:bugs\\?\] )|(Ticket [0-9]+)"? <[0-9]+@bugs\.sqlobject\.p\.re\.sf\.net>
146 * ^Subject: (\[SQL-CVS\] )?\[sqlobject:bugs\] (Re: )?\#[0-9]+
150 * ^Sender: ppa-qps-devel-admin@lists\.sourceforge\.net
154 * ^Sender: pysqlite-bounces@lists\.initd\.org
158 * ^List-Id: <parsedatetime-dev\.googlegroups\.com>
162 * ^(To|Cc|Reply-To|Resent-To|Sender): .*(zope.*@zope\.(org|net|com))|(zip@eevolute\.com)
170 * ^Content-Transfer-Encoding: base64
171 * name( ?)=.*\.(com|exe|bat|scr|pif)
172 | ${FORMAIL} -A"X-Note: Klez" -A"X-Folder: Virus" >${VIRUSFOLDER}
176 * ^Subject: Re: (Movie|Application)$
177 * ^Content-Transfer-Encoding: base64
178 * ^Content-Disposition: attachment;
179 * filename=.your_details\.zip
180 | ${FORMAIL} -A"X-Note: Sobig.E" -A"X-Folder: Virus" >${VIRUSFOLDER}
184 * ^Subject: .*(Thank you!|Your application|That movie|Approved|Details|My details|Your details|Wicked screensaver)$
185 * ^X-MailScanner: Found to be clean$
186 | ${FORMAIL} -A"X-Note: Sobig.F" -A"X-Folder: Virus" >${VIRUSFOLDER}
191 * ^Subject: (test|hi|hello|Mail Delivery System|Mail Transaction Failed|Server Report|Status|Error|)$
192 * ^Content-type: application/octet-stream;
193 * (file)?name="(document|readme|doc|text|file|data|test|message|body)\.(pif|scr|exe|cmd|bat|zip)
194 | ${FORMAIL} -A"X-Note: MyDoom" -A"X-Folder: Virus" >${VIRUSFOLDER}
200 * ^Subject:[ ]*(hi|hello|read it immediately|\
201 something for you|warning|information|stolen|fake|unknown)
202 * B ?? ^(anything ok\?|what does it mean?|ok|\
203 i'm waiting|read the details\.|here is the document\.|\
204 read it immediately\!|my hero|\
205 here|is that true?|is that your name?|is that your account?|\
206 i wait for a reply\!|is that from you?|you are a bad writer|\
207 I have your password\!|something about you\!|\
208 kill the writer of this document\!|i hope it is not true\!|\
209 your name is wrong|i found this document about you|\
210 yes, really\?|that is bad|here it is|see you|\
211 greetings|stuff about you\?|something is going wrong!|\
212 information about you|about me|from the chatter|\
213 here, the serials|here, the introduction|here, the cheats|\
214 that's funny|do you\?|reply|take it easy|why\?|\
215 thats wrong|misc|you earn money|you feel the same|\
216 you try to steal|you are bad|something is going wrong|\
218 * B ?? ^(Content-Disposition:[ ]*attachment;)?[ ]*(file)?name="?(document|msg|doc|talk|message|creditcard|\
219 details|attachment|me|stuff|posting|textfile|concert|\
220 information|note|bill|swimmingpool|product|\
221 topseller|ps|shower|aboutyou|nomoney| found|\
222 story|mails|website|friend|jokes|location|\
223 final|release|dinner|ranking|object|mail2|part2|\
224 disco|party|misc)\..*(zip|exe|scr|com|pif)"?$
225 | ${FORMAIL} -A"X-Note: Netsky" -A"X-Folder: Virus" >${VIRUSFOLDER}
229 * ^Subject:(.*E-mail account disabling warning)|\
230 (.*E-mail account security warning)|\
231 (.*Email account utilization warning)|\
232 (.*Important notify about your e-mail account)|\
233 (.*Notify about using the e-mail account)|\
234 (.*Notify about your e-mail account utilization)|\
235 (.*Warning about your e-mail account)
236 * B ?? ^Content-Type: application/octet-stream;
237 * B ?? ^Content-Transfer-Encoding: base64
238 * B ?? ^Content-Disposition: attachment;
239 | ${FORMAIL} -A"X-Note: Bagle.J" -A"X-Folder: Virus" >${VIRUSFOLDER}
242 # From http://www.internetguru.com.au/igblog-102.html
244 # Redirect common virus attachments inc. zipped versions
246 * name=.*(document|readme|doc|text|file|data|test|message|body)\.(vbs\"|wsf\"|vbe\"|wsh\"|hta\"|scr\"|pif\"|exe\"|shs\"|bat\"|bas\"|cmd\"|zip\")
249 | ${FORMAIL} -A"X-Note: executable attachment virus" -A"X-Folder: Virus" >>${VIRUSFOLDER}
252 # Some more common virus attachments inc. zipped versions
254 * name=.*(Attach|Information|Readme|Document|Info|TextDocument|Textfile|MoreInfo|Message)\.(pif\"|zip\")
257 | ${FORMAIL} -A"X-Note: executable attachment virus" -A"X-Folder: Virus" >>${VIRUSFOLDER}
260 # Redirect windows executables (note - haven't included exe and com
262 * name=.*\.(vbs\"|wsf\"|vbe\"|wsh\"|hta\"|scr\"|pif\"|shs\"|bat\"|bas\"|scr\"|dll\")
265 | ${FORMAIL} -A"X-Note: executable attachment virus" -A"X-Folder: Virus" >>${VIRUSFOLDER}
268 # This one finds them annoying Custom Logo spams that seem to get past most filters
270 * .*out\.php\?email\=(sales|info)\@
273 | ${FORMAIL} -A"X-Note: Custom Logo spam" -A"X-Folder: Spam" >>${SPAMFOLDER}
276 # This catches about 99% of deliberate viagra mispellings ie v1@GRa, v1agr@ etc
278 * ^Subject.*[Vv][1jl\|][aA\@][Gg][Rr][Aa\@]
281 | ${FORMAIL} -A"X-Note: viagra spam" -A"X-Folder: Spam" >/dev/null
285 # Chineese/japaneese/korean spam
288 * ^Content-Type: text/(plain|html); *charset=("?)(big5|gb2312|iso-2022-jp|ks_c_5601-1987|shift_jis)("?)
289 | ${FORMAIL} -A"X-Note: chineese/japaneese/korean charset" -A"X-Folder: Spam" >/dev/null
292 * ^X-RBL-Warning: .*(china|korea) does not seem to care about spam
293 | ${FORMAIL} -A"X-Note: chineese/korean source" -A"X-Folder: Spam" >>${SPAMFOLDER}
296 # SpamAssassin (spamassassin.org)
299 | spamc -U /tmp/spamassassin.sock -s 10240000
301 # Mail with a score of 14 or higher is certainly spam
303 * ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*
304 | ${FORMAIL} -A"X-Note: certainly spam" -A"X-Folder: Spam" >/dev/null
307 * ^X-Spam-Status: Yes
309 | ${FORMAIL} -A"X-Note: oversized spam" -A"X-Folder: Spam" >/dev/null
312 * ^X-Spam-Status: Yes
313 * http://www\.gstinc\.com/
314 | ${FORMAIL} -A"X-Note: gstinc spam" -A"X-Folder: Spam" >/dev/null
317 * ^X-Spam-Status: Yes
318 * (www\.)?sonidom\.ru
319 | ${FORMAIL} -A"X-Note: sonidom spam" -A"X-Folder: Spam" >/dev/null
322 * ^X-Spam-Status: Yes
323 * (www\.)?pos-tel\.ru
324 | ${FORMAIL} -A"X-Note: pos-tel spam" -A"X-Folder: Spam" >/dev/null
327 * ^X-Spam-Status: Yes
329 | ${FORMAIL} -A"X-Note: besttraining spam" -A"X-Folder: Spam" >/dev/null
331 # HTML-only mail is almost certainly spam
333 #* ^Content-Type: text/html
334 #| ${FORMAIL} -A"X-Note: HTML-only mail" -A"X-Folder: Spam" >/dev/null
337 * ^X-Spam-Status: Yes
343 # Filter out mail from all mailing lists you are on. Just duplicate the recipe
344 # for each mailing list you are on, and put the correct address for the list in
345 # the condition statement. (The "* ^TO" part.) If you read mail on shell, you
346 # may find it easier to deliver this mail to separate folders, especially for
347 # busy lists. I do. :)
350 # Block all messages that are too big
353 | ${FORMAIL} -A"X-Note: the message is too big" -A"X-Folder: Block" >>${BLOCKFOLDER}
356 # unfiltered mail marked by exim (using RBL/ORBS/etc)
368 # Sort out mail that really is to you from mail Bcc'd to you, or mail
369 # which doesn't have any of your email addresses on the To: or Cc: line.
370 # For this to work properly, you must create a text file named .myemail
371 # in your home directory and enter all email addresses that belong to
372 # you in it, one per line, just as you do with your .nobounce file.
374 # This does =wonders= in keeping spam from appearing in your personal
377 # Substitute your shell account email address, custom domain, and any other email
378 # address you may have for the entries below.
380 * ? test -f ${MYEMAIL} && \
381 (${FORMAIL} -zxTo: -zxCc: |\
382 fgrep -i -f ${MYEMAIL})
383 | ${FORMAIL} -A"X-Folder: Default" >>${DEFAULT}
385 # Deliver email which passed spam filtering, but which wasn't sent to
386 # a recognizable personal email address of yours, to your "bulk mail"
387 # folder, for reading on a less-urgent basis.
389 | ${FORMAIL} -A"X-Folder: Bulk" >>${BULKFOLDER}
392 # Vacation - modified version of procmail example from "man procmailex"
396 #| ${FORMAIL} -D 65536 msgid.cache
398 #:0 Whc: vacation.lock
402 #* !^X-Loop: phd@phdru.name
403 #* !^X-Loop: phd@iskra.aviel.ru
404 #* !^From: .* <lj_notify@livejournal\.com>
405 #| ${FORMAIL} -rD 65536 vacation.cache
407 #:0 ehc # if the name was not in the cache - reply
408 #| (egrep -v '^From phd|^Return-Path: phd' | \
409 # ${FORMAIL} -r -A"Precedence: junk" \
410 # -A"X-Loop: phd@phdru.name" -A"X-Loop: phd@iskra.aviel.ru" \
411 # -A"Content-Type: text/plain; charset=koi8-r"; \
412 # echo "Hello!"; echo "";\
413 # echo " I am on vacation. This is an auto-generated reply. Your message has been"; \
414 # echo "delivered to my mailbox. Thanks a lot. I will read it after 0th of ."; \
416 # echo "Здравствуйте."; echo ""; \
417 # echo " Я уехал в отпуск. Это автоматический ответ. Ваше сообщение было доставлено."; \
418 # echo "в мой почтовый ящик. Большое спасибо. Я прочту его, когда вернусь 0 ."; \
419 # echo ""; cat $HOME/.signature) | $SENDMAIL -oi -t