[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Using procmail to deal with backscatter spam

Steve Kemp wrote:
> #
> #  1. Null envelope == bounce.
> #
> :0:
> *(Return-Path:).*(<>)
> .Automated.bounces/
> #
> #  2.  Delivery Status Notifications == bounce too.
> #
> :0 A
> * ^Content-Type:[   ]*multipart/report;[    ]*\/[^  ].*
> * ^Mime-Version:.*1.*\..*0
> * MATCH ?? report-type="?delivery-status"?
> * B ?? ^Content-Type:.*message.*delivery-status
> .Automated.bounces2/
>   This rule contains tabs and spaces.  You can find the file "rc.request"
>  if you "apt-get source procmail" and copy/paste from there if you wish.
>   Additionally, since Moritz asked this is how I handle foreign
>  language mails:
> #
> #  3.a. Define what is "foreign".
> #
> UNREADABLE='[^?"]*big5|iso-2022-jp|ISO-2022-KR|euc-kr|gb2312|ks_c_5601-1987'
> #
> # 3.b.  Foreign spam.
> #
> :0:
> * ^Content-Type:.*multipart
> * !^X-whitelist: yes
> * B ?? $ ^Content-Type:.*^?.*charset="?($UNREADABLE)
> .spam.foreign/

Well, defining that something coming from another language and encoding
that you don't understand can works for YOU, but not for everybody... We
have quite some Asian customers, they wouldn't be happy with these kinds
of rules! Also, the charset used in the mail doesn't tell you FOR SURE
what kind of language is used in the content of the email. I can write
you a mail using the Chinese charset, but with the content in English,
and you would be 100% capable of reading it.

Even more important: it makes no sense at all. Why a mail within an
Asian charset would be more a spam than another? Do not take it badly,
it's not aimed to you, but I consider this fascism... :) Just consider
how many people on the internet are from Asia, and you will agree.

Well, these rules are OK if you are doing them for a single mail
account, but then WHY only write Russian + Asian? These should also be
configured for each account, this cannot be a general rule that works
for every account (don't you worry, I do understand that what you are
doing is a procmail stuff, working differently for each individual
account). Why don't you ban ALL the charset that your account reader
can't read? Don't tell me that it's because there are more spammer in
China. You have in your rules some Japanese charsets, and I really don't
think that spamming is a national sport in Japan.

Last: don't you think there are more efficient ways of filtering?

This was my 2 cents...


Reply to: