Re: Spam, exim, .forward vs. procmail
On (03/10/03 23:12), Clive Menzies wrote:
>
> On (03/10/03 21:06), Paul Mackinney wrote:
> > I've been reading the various spam threads, I'm certainly
> > getting my share of hits from the various worms going
> > around. Clearly I can do better can people provide some
> > clear recommendations?
> >
> > Currently I'm using exim, receiving w/fetchmail and
> > sending to smarthost. I've learned how to write and
> > test an exim-compatible .forward file that works
> > fairly well, although I keep having to add more rules
> > as the attributions for the fake MS updates keep changing
> > (really I have to go back to the docs and see if I can
> > filter out any message with a *.exe or *.pif attachment.)
> >
> > So one question is: does procmail really work better or
> > provide more features than .forward? Is it worth
> > investing the time and energy to learn how to write
> > procmail filters?
> >
> > A second question is: I understand that if you install
> > and configure the mailfilter package, that you can use
> > mutt to initiate your pop connections and filter mail
> > at the server. I have broadband, do I really care about
> > this option? I'd always understood that having mutt
> > run your pop connections was basically an option for
> > people running PPP.
> Hi Paul
>
> I'm just starting out on this road coming from getmail, exim, mutt to
> mailfilter, fetchmail, procmail, spamassassin, exim, mutt.
> It's taken some time but I've now got preconnect "mailfilter" in my
> fetchmailrc with the following:
>
> DENY=^From:.*Microsoft \(Network\|Security\|Corporation\|Security\|Message\|Internet\|Customer\|Support\)*
> DENY=^From:.*MS \(Network\|Security\|Corporation\|Security\|Internet\|Customer\|Support\)*
> DENY=^From:.*Customer Bulletin
> DENY=^From:.*Internet \(Email\|Service\|System\)*
> DENY=^From:.*Security Department
> DENY=^From:.*Email \(Delivery\|Service\)*
> DENY=^From:.*CyberAtlas
>
> DENY=^To:.*net recipient
> DENY=^To:.*Inet \(Client\|Recipient\)*
> DENY=^To:.*Network \(Recipient\|Receiver\)*
> DENY=^To:.*Mail \(Recipient\|Receiver\)*
> DENY=^To:.*Commercial \(Client\|Consumer\)*
For words like Mail, Network (ie common ones that could appear in
legitimate emails) I've substituted /+ for * at the end of each line
Regards
Clive
>
> I've only just set this up but it seems to be effective at stopping
> Swen. I'm also on ADSL but object to tying up resources for unnecessary
> downloads. I am going to use procmail/spamassassin to deal with the
> other crap and for fine tuning. Although I can call fetchmail from mutt
> I run it through crontab every 5 minutes. Other people have used the
> file size c. 150000 K to block Swen but I didn't want to take the risk
> of deleting something important.
>
> This only deals with part of your question but I hope it helps ;)
>
> Regards
>
> Clive
>
> > Finally: I'm poised to start running a 24x7 server for
> > the first time, I'm contemplating making it a true
> > mailserver for incoming and outgoing. I'm sure I'll be
> > learning all about spamassassin, do people have any
> > advice about gotchas, must-have packages, or best
> > books?
>
> --
> http://www.clivemenzies.co.uk
> strategies for business
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
http://www.clivemenzies.co.uk
strategies for business
Reply to: