This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Date: Thu, 19 Sep 2002 23:06:47 -0700
From: hvrietsc@myrealbox.com
To: svlug@lists.svlug.org
Subject: [svlug] some procmail rules i use to filter virus/spam
Here are some .procmailrc rules i use to filter potential virus
and spam:
VERBOSE=off
MAILDIR=$HOME/mail
LOGFILE=$MAILDIR/.procmaillog
LOGABSTRACT=all
FROM=`formail -rt -xTo:`
SPAMMER=`if grep -i '^From' 2>/dev/null | fgrep -i -f ${MAILDIR}/.SPAMMERS >/dev/null 2>/dev/null ; then echo yes ; else echo no ;fi`
#-------------------------------------------------------------------------------
# remove spammers to SPAM
#-------------------------------------------------------------------------------
:0 H:
* SPAMMER ?? yes
SPAM
#-------------------------------------------------------------------------------
# remove email to Undisclosedrecipient
#-------------------------------------------------------------------------------
:0 H:
* ^TO.*undisclosed.*
SPAM
#-------------------------------------------------------------------------------
# remove email with spam subjects
#-------------------------------------------------------------------------------
:0 H:
* ^Subject*5123*
SPAM
#-------------------------------------------------------------------------------
# remove email with spam subjects
#-------------------------------------------------------------------------------
:0 H:
* ^Subject*2787*
SPAM
#-------------------------------------------------------------------------------
# remove email with .vbs attachements (only viruses)
#-------------------------------------------------------------------------------
:0 H:
* .*name=.*\.vbs.*
SPAM
:0 B:
* .*name=.*\.vbs.*
SPAM
#-------------------------------------------------------------------------------
# remove email with .shs attachements (only viruses)
#-------------------------------------------------------------------------------
:0 H:
* .*name=.*\.shs.*
SPAM
:0 B:
* .*name=.*\.shs.*
SPAM
#-------------------------------------------------------------------------------
# remove email with .scr attachements (only viruses)
#-------------------------------------------------------------------------------
:0 H:
* .*name=.*\.scr.*
SPAM
:0 B:
* .*name=.*\.scr.*
SPAM
#-------------------------------------------------------------------------------
# remove email with .exe attachements (only viruses)
#-------------------------------------------------------------------------------
:0 H:
* .*name=.*\.exe.*
SPAM
:0 B:
* .*name=.*\.exe.*
SPAM
#-------------------------------------------------------------------------------
# remove email with deleted attachement.txt attachements (only viruses)
#-------------------------------------------------------------------------------
:0 H:
* .*name=.*Deleted.attachment\.txt.*
SPAM
:0 B:
* .*name=.*Deleted.attachment\.txt.*
SPAM
:0 B:
* .*name=.*\.vbs.*
SPAM
#-------------------------------------------------------------------------------
# remove dups
#-------------------------------------------------------------------------------
:0 Whc: .msgid.lock
| formail -D 8192 .msgid.cache
:0 a:
SPAM
===