Avoid the spam on the gentoo.org mail with procmail

I use it since a long time, so since it works pretty good for me, I want to share how to handle the spam for your @gentoo.org address with procmail.

First, you need to say that procmail will filter your email(s):
echo "| /usr/bin/procmail" > /home/${USER}/.forward

Then create a simple /home/${USER}/.procmailrc with this content:
:0:
* ^X-Spam-Status: Yes
/dev/null

:0:
* ^X-Spam-Level: \*\*\*
/dev/null/

:0:
* ! ^List-Id
* ^X-Spam-Level: \*\*
/dev/null/

:0:
* ^Subject:.*viagra*
/dev/null

:0:
* ^Subject:.*cialis*
/dev/null

:0:
* ^Subject:.*money*
/dev/null

:0:
* ^Subject:.*rolex*
/dev/null

:0:
* ^Subject:.*scount*
/dev/null

:0:
* ^Subject:.*Viagra*
/dev/null

:0:
* ^Subject:.*Cialis*
/dev/null

:0:
* ^Subject:.*Marketing*
/dev/null

:0:
* ^Subject:.*marketing*
/dev/null

:0:
* ^Subject:.*Money*
/dev/null

:0:
* ^Subject:.*Rolex*
/dev/null

:0:
* ^Subject:.*Scount*
/dev/null

:0:
* ^Subject:.*glxgug*
/dev/null

:0:
* ^Subject:.*offizielle sieger*
/dev/null

:0:
* ^Subject:.*educational*
/dev/null

:0 B:
* $ content-[^:]+:${WS}*.+(\<)*(file)?name${WS}*=${WS}*\/.+\.(pif|scr|com|cpl|vbs|mim|hqx|bhx|uue|uu|b64)\"?$
/dev/null

:0 B:
* ^Content-Type: .*;$[ ]*(file)?name=\"?.*\.(pif|scr|com|cpl|vbs)\"?$
/dev/null

:0 B:
* ^Content-Type: .*; [ ]*(file)?name=\"?.*\.(pif|scr|com|cpl|vbs)\"?$
/dev/null

With the filter for X-Spam-Status and X-Spam-Level you will avoid the majority of the incoming spam.
Some mails that does not have any Spam flag, contains subject like viagra, cialis ( which I absolutely don’t need :D ), rolex and scount.
Yes, I could you the (c|C)ase syntax, but I had problems, so I prefer to write twice the rules instead of have any sort of troubles.
Note: with this email address I’m not subscribed to any newsletter or any sort of offers/catalogs so I filtered scount, markerting, money.

Sometimes I receive mails from people that are not spammer, with the X-Spam-Level flag with one star, so I decided to move these email into a folder, they will be double-checked with naked eye:

:0:
* ^X-Spam-Level: \*
/home/ago/.maildir/.INBOX.pspam/

To avoid confusion I always prefer to use a complete path here.

After a stabilization you will always see the annoying mail from the bugzilla which contains ${arch} stable, so if you want to drop them:

:0 B
* ^*(alpha|amd64|arm|hppa|ia64|m68k|ppc|ppc64|s390|sh|sparc|x86) stable*
/dev/null

Now, if you are using more email clients, on more computers, you may need to set the filters here instead of on all clients you are using, so for example:

:0
* ^From.*bugzilla-daemon@gentoo.org
* ^TO.*amd64@gentoo.org
/home/ago/.maildir/.INBOX.amd64/

And so on….
These, hints obviously are valid on all postfix-based mailserver; if you are using e.g. qmail, you need to move the .procmailrc, but this is still valid.
I hope this will help :)

EDIT:
If you need a particular set of rules, you can write it if you take a look at the source/header of the message, so If for example I don’t like to see the mails from bugzilla of the bugs that I reported:

the header says: X-Bugzilla-Reporter: ago@gentoo.org
so:

:0
* ^From.*bugzilla-daemon@gentoo.org
* ^X-Bugzilla-Reporter.*ago@gentoo.org
/dev/null

8 thoughts on “Avoid the spam on the gentoo.org mail with procmail

  1. Toralf Förster

    Doesn’t procmail evaluated antivirus mail haders from the provider itself ?

    (beside that it seems that the tag [/code] isn't parsed correctly).

    Reply
  2. Christian Ruppert

    Please be careful when redirecting mails to null just because of a “X-Spam-Status: Yes” or “X-Spam-Level: \*\*\*”.
    Our spam filter is far away from being perfect and there might be some false-positives so I would suggest to not do that. Using 4-5 asterisks would be better.

    Reply
    1. ago Post author

      I know, since a long time I have monitored these 2 flags as I’m doing right now with the X-Spam-Level: \* flag. I didn’t see valid mails so, since I use this address for the bugzilla and few services, this is fine as-is.

      Reply
  3. Uwe Scholz

    Hi!

    If you don’t find the time or forget to have a look inside your .INBOX.pspam/ folder from time to time, I may have a solution for you. I wrote this script [1] so send me an overview about new mails in my spam-folder. By adjusting the folders, it should work for you, too.
    I start the script always some seconds after login to my system by:
    sleep 300 && ~/bin/spam_check.sh | mail -E -s “New spam-mails” $USER

    Hope that helps some of you to save some time :-)
    [1]: www-linux.gsi.de/~uscholz/spam_check.sh

    Reply
      1. Uwe Scholz

        Me too.
        The advantage of the command “mail -E …” is, that it will only report possible spam mails in a summary mail, if there really are some. That’s why you can totally skip looking into your folder of possible spam. The script will tell you when there are new messages inside.
        Of course, Thunderbird shows the number of new messages in every mail folder on the left hand side. But if you use mutt(*), this is not the case and the script can save time. :-)
        Regards,
        Uwe
        * real gentoo users do ;-)

        Reply
        1. Steve Long

          The mutt sidebar does show new mails per-folder though, and it’s builtin to Gentoo’s mutt by default.

          See the bottom of the second post here: http://forums.gentoo.org/viewtopic-t-945868.html which is a full configuration of mutt, switching from KMail, while using Maildir format and using procmail to filter.

          Thanks for the post, Ago. I’d be interesting in plugging some of the above into the forum post mentioned: for the moment I’ll just link here from the thread.

          Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>