Commit | Line | Data |
---|---|---|
e0f3765a PH |
1 | Date: Sat, 4 Apr 1998 07:23:39 +0200 (GMT+0200) |
2 | From: "F. Jacot Guillarmod" <Jacot@ru.ac.za> | |
3 | ||
4 | Here's four checks installed in our system wide filter that knock out | |
5 | a lot of otherwise hard to detect rubbish - and would handle the above | |
6 | example. The most interesting one is the hotmail.com "validity check". | |
7 | ||
8 | # =========================================================================== | |
9 | # authenticated sender, but not from pegasus | |
10 | #------------------------------------------- | |
11 | elif "$h_comments" contains "authenticated sender" and | |
12 | "$h_x-mailer" does not contain "pegasus" then | |
13 | ||
14 | log "$tod_log $message_id SPAMAUTHS: sender=$sender_address \ | |
15 | subject=$header_subject: recipients_count=$recipients_count \ | |
16 | recipients=$recipients" | |
17 | save /usr/local/lib/mail/spam | |
18 | ||
19 | # claims to be from hotmail.com | |
20 | #------------------------------ | |
21 | elif "$h_from" contains "hotmail.com" and | |
22 | "${if !def:header_x-originating-ip {nospam}}" is nospam then | |
23 | ||
24 | log "$tod_log $message_id SPAMHOTMAIL: sender=$sender_address \ | |
25 | subject=$header_subject: recipients_count=$recipients_count \ | |
26 | recipients=$recipients" | |
27 | save /usr/local/lib/mail/spam | |
28 | ||
29 | # claims to be from juno.com | |
30 | #------------------------------ | |
31 | elif "$h_from" contains "juno.com" and | |
32 | "${if def:header_x-mailer {juno} {spam}}" is spam then | |
33 | ||
34 | log "$tod_log $message_id SPAMJUNO: sender=$sender_address \ | |
35 | subject=$header_subject: recipients_count=$recipients_count \ | |
36 | recipients=$recipients" | |
37 | save /usr/local/lib/mail/spam | |
38 | ||
39 | # spam X-UIDL header found | |
40 | # ------------------------ | |
41 | elif "${if def:header_x-uidl {spam}}" is spam then | |
42 | ||
43 | log "$tod_log $message_id SPAM-X-UIDL: sender=$sender_address \ | |
44 | subject=$header_subject: recipients_count=$recipients_count \ | |
45 | recipients=$recipients" | |
46 | save /usr/local/lib/mail/spam | |
47 | # =========================================================================== | |
48 | ||
49 | ||
50 | The following rule seems to work (but I don't use it): | |
51 | ||
52 | # either To: is contained in From: or there is no To: line | |
53 | # -------------------------------------------------------- | |
54 | elif $h_from contains $h_to then | |
55 | ||
56 | log "$tod_log $message_id SPAM-TOEQFRM: sender=$sender_address \ | |
57 | subject=$header_subject: recipients_count=$recipients_count \ | |
58 | recipients=$recipients" | |
59 | save /usr/local/lib/mail/spam | |
60 | # -------------------------------------------------------- | |
61 | ||
62 | ||
63 | ||
64 | Here's parts of my personal .forward file - I'm relying on the system wide exim | |
65 | configs to zap spam, and only do the old fashioned stuff to whatever gets | |
66 | through: | |
67 | ||
68 | #========================================================================== | |
69 | # Exim filter <<== do not edit or remove this line | |
70 | ||
71 | if error_message then finish endif | |
72 | ||
73 | logfile $home/eximfilter.log | |
74 | ||
75 | # Mail from support system | |
76 | if $header_subject contains "[Help #" | |
77 | then | |
78 | save $home/Mail/in.support | |
79 | ||
80 | # Mail from squid mailing list to local newsgroup | |
81 | elif $header_subject contains "squid-users-digest" | |
82 | then | |
83 | deliver "<ru-list-squid@quagga.ru.ac.za>" | |
84 | ||
85 | # Mail from exim-users mailing list to local newsgroup | |
86 | elif $return_path contains "exim-users-request" | |
87 | then | |
88 | deliver "<ru-list-exim-users@quagga.ru.ac.za>" | |
89 | ||
90 | # Stuff to be thrown away | |
91 | if $header_subject contains "Warning From uucp" | |
92 | then | |
93 | seen finish | |
94 | endif | |
95 | ||
96 | #========================================================================== | |
97 |