Re: Spam, exim, .forward vs. procmail

To: debian-user@lists.debian.org
Subject: Re: Spam, exim, .forward vs. procmail
From: Clive Menzies <clive@clivemenzies.co.uk>
Date: Fri, 3 Oct 2003 23:12:51 +0100
Message-id: <[🔎] 20031003221251.GN463@apollo>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] W1433019373181321065215191@webmail1>
References: <[🔎] W1433019373181321065215191@webmail1>

On (03/10/03 21:06), Paul Mackinney wrote:
> I've been reading the various spam threads, I'm certainly 
> getting my share of hits from the various worms going 
> around. Clearly I can do better can people provide some 
> clear recommendations?
> 
> Currently I'm using exim, receiving w/fetchmail and 
> sending to smarthost. I've learned how to write and
> test an exim-compatible .forward file that works 
> fairly well, although I keep having to add more rules
> as the attributions for the fake MS updates keep changing 
> (really I have to go back to the docs and see if I can 
> filter out any message with a *.exe or *.pif attachment.)
> 
> So one question is: does procmail really work better or
> provide more features than .forward? Is it worth 
> investing the time and energy to learn how to write 
> procmail filters?
> 
> A second question is: I understand that if you install 
> and configure the mailfilter package, that you can use
> mutt to initiate your pop connections and filter mail
> at the server. I have broadband, do I really care about 
> this option? I'd always understood that having mutt 
> run your pop connections was basically an option for 
> people running PPP.
Hi Paul

I'm just starting out on this road coming from getmail, exim, mutt to
mailfilter, fetchmail, procmail, spamassassin, exim, mutt.
It's taken some time but I've now got preconnect "mailfilter" in my
fetchmailrc with the following:

DENY=^From:.*Microsoft \(Network\|Security\|Corporation\|Security\|Message\|Internet\|Customer\|Support\)*
DENY=^From:.*MS \(Network\|Security\|Corporation\|Security\|Internet\|Customer\|Support\)*
DENY=^From:.*Customer Bulletin
DENY=^From:.*Internet \(Email\|Service\|System\)*
DENY=^From:.*Security Department
DENY=^From:.*Email \(Delivery\|Service\)*
DENY=^From:.*CyberAtlas

DENY=^To:.*net recipient
DENY=^To:.*Inet \(Client\|Recipient\)*
DENY=^To:.*Network \(Recipient\|Receiver\)*
DENY=^To:.*Mail \(Recipient\|Receiver\)*
DENY=^To:.*Commercial \(Client\|Consumer\)*

I've only just set this up but it seems to be effective at stopping
Swen.  I'm also on ADSL but object to tying up resources for unnecessary
downloads.  I am going to use procmail/spamassassin to deal with the
other crap and for fine tuning.  Although I can call fetchmail from mutt
I run it through crontab every 5 minutes.  Other people have used the
file size c. 150000 K to block Swen but I didn't want to take the risk
of deleting something important.

This only deals with part of your question but I hope it helps ;)

Regards

Clive

> Finally: I'm poised to start running a 24x7 server for 
> the first time, I'm contemplating making it a true 
> mailserver for incoming and outgoing. I'm sure I'll be
> learning all about spamassassin, do people have any 
> advice about gotchas, must-have packages, or best 
> books?

-- 
http://www.clivemenzies.co.uk
strategies for business

Reply to:

Follow-Ups:
- Re: Spam, exim, .forward vs. procmail
  - From: Clive Menzies <clive@clivemenzies.co.uk>
- Re: Spam, exim, .forward vs. procmail
  - From: Paul Mackinney <paul@mackinney.net>

References:
- Spam, exim, .forward vs. procmail
  - From: "Paul Mackinney" <pmackinney@speakeasy.net>

Prev by Date: Re: PHP4 in Unstable
Next by Date: Re: Spam, exim, .forward vs. procmail
Previous by thread: Spam, exim, .forward vs. procmail
Next by thread: Re: Spam, exim, .forward vs. procmail
Index(es):
- Date
- Thread