LOGFILE="${HOME}/PROCMAIL.LOG" VERBOSE="on" LOGABSTRACT="all" # # Handle e-mail from a daemon. # ############################################################################### # # Variables: # LIST=false DAEMON=false KNOWN=true LOCAL=false KILL=false # ############################################################################### # # Set LIST if the message is from a known mailing list, else it is # reset; by definition, e-mail from a mailing list is from a daemon. # # Set KNOWN if the message is from someone that is known, i.e., in a # "white list", else it is reset; by definition, e-mail from known # sources can never be discarded. # # Set LOCAL if the message is from someone in the local domain, else # it is resent; by definition, e-mail from local sources can never be # discarded. # # Set KILL if the message is from someone, or a domain, that is # "black listed"; by definition, messages from these daemons can # be discarded, unless from specific administrative accounts. # # DAEMON will be set if the message is from a daemon, reset if not, # potentially allowing the message to be discarded, unless from # specific administrative accounts. # # . # . # . # ############################################################################### # # Message from a daemon? # # Daemon macro is based on the original ^MAILER_DAEMON macro from the # bottom of "man(1) procmailrc(5)," with additions for RFC822 # paragraph 6.3, and, RFC2142 paragraphs 2-6, which define standard # required accounts: billing, mailer-daemon, nobody, and, root added; # ftp, info, marketing, news, sales, usenet, uucp, webmaster and, www # omitted. # # Additions for mailing list traffic from RFC2369 paragraph 3, and, # RFC2919, standard required headers: list, mailing-list and # x-mailing-list added, none omitted: # :0 * 1^0 (^(((x-)?mailing-)?list(-(archive|help|id|name|owner|post|(un)?subscribe))?:|\ beenthere:|precedence:.*(junk|bulk|list)|(to|cc):[ ]+multiple[ ]+recipients[ ]+of |\ (((resent-)?(reply|from|sender)|(return-receipt|errors|reply)-to|\ (return-)?path|x-envelope-from):|>?from )([^>]*[^(.%@a-z0-9])?(post(ma?(st(e?r)?|n)|office)|\ (send)?mail(er)?|daemon|m(mdf|ajordomo)|n?uucp|list(serv|proc)|n(etserv|obody|oc)|\ o(wner|ps)|r(e(quest|sponse)|oot)|b(ounce|bs\.smtp|illing)|echo|mirror|\ s(erv(ices?|er)|mtp(error)?|ystem)|abuse|hostmaster|s(ecurity|upport)|\ a(dmin(istrator)?|mmgr|utoanswer))(([^).!:a-z0-9][-_a-z0-9]*)?[%@>\t ][^<)]*(\(.*\).*)?)?$([^>]|$))) * 1^0 ^return-path:[ ]+[<] *[>] { DAEMON=true } # :0 E * ^x-audit-log:[ ]+message[ ]+from[ ]+a[ ]+daemon { DAEMON=true } # ############################################################################### # # . # . # . # ############################################################################### # :0 * DAEMON ?? true { :0 * LIST ?? false { # # Attempt to differentiate unknown mailing list or # administrative traffic, from spam-which often uses variants # of the word "mail", etc., as a return address: # :0 * KILL ?? true * KNOWN ?? false * LOCAL ?? false * !^((reply|errors)-to:|from:?|(return-)?path:|return-receipt-to:|\ sender:|resent-(from:|reply-to:|sender:)|\ x-delivered-(sender|from|path):|\ x-env-from:)[ ]+(.*[^-0-9a-z._+=?])*(abuse|billing|no(c|body)|\ (post|host)master|root|s(upport|ecurity)|mailer-daemon|\ [-0-9a-z._+=?]+-request)@[-0-9a-z._+=]+ * !^((x-)?mailing-)?list(-(archive|help|id|name|owner|post|\ (un)?subscribe))?:|(x-)?beenthere: * !^return-path:[ ]+[<] *[>] * !^x-audit-log:[ ]+message[ ]+from[ ]+a[ ]+daemon * !^return-path-incoming:[ ]+[<] *[>] { # # Logic: # # Exempt administrative messages, (as per RFC822 paragraph # 6.3, and, RFC2142 paragraphs 2-6, which define standard # required accounts: billing, mailer-daemon, nobody, and, # root added; ftp, info, marketing, news, sales, usenet, # uucp, webmaster and, www omitted): # # abuse@ # billing@ # hostmaster@ # mailer-daemon@ # nobody@ # noc@ # postmaster@ # root@ # security@ # support@ # .*-request@ # # Exempt messages from mailing lists, (as per RFC2369 # paragraph 3, and, RFC2919, which defines standard # required headers for mailing lists: list, mailing-list # and x-mailing-list added, none omitted): # # list: # list-archive: # list-help: # list-owner: # list-post: # list-subscribe: # list-unsubscribe: # list-id: # mailing-list: # x-mailing-list: # # And, exempt messages with null return-path: records as # per RFC1123, paragraph 5.3.3: # # In other words: # # DAEMON can be reset, if, and only if, the message is NOT # from a known LIST, AND, KILL is set by the message # originating from an address that is in # ~/.procmail.kill.ips OR ~/.procmail.kill.addresses, AND, # it is not from a KNOWN address, AND, it is not from a # LOCAL address, AND, is NOT from a required address # defined in RFC822/RFC2142, AND, is NOT from a mailing # list address which has headers defined in # RFC2142/RFC2369/RFC2919: # # Meaning that the message is known to be killed, and not # from any known address, or list, and does not have a # standards compliant mailing list identifier, or from a # standard account-it is probably low risk to declare the # message to be from an account other than a daemon: # DAEMON=false } # :0 E { :0 wfh * !^x-audit-log:[ ]+message[ ]+from[ ]+a[ ]+daemon | formail -A "X-Audit-Log: Message from a daemon" } } } # ###################################################################### # # A license is hereby granted to reproduce this software for personal, # non-commercial use. # # THIS PROGRAM IS PROVIDED "AS IS". THE AUTHOR PROVIDES NO WARRANTIES # WHATSOEVER, EXPRESSED OR IMPLIED, INCLUDING WARRANTIES OF # MERCHANTABILITY, TITLE, OR FITNESS FOR ANY PARTICULAR PURPOSE. THE # AUTHOR DOES NOT WARRANT THAT USE OF THIS PROGRAM DOES NOT INFRINGE THE # INTELLECTUAL PROPERTY RIGHTS OF ANY THIRD PARTY IN ANY COUNTRY. # # So there. # # Copyright (c) 1992-2005, John Conover, , All # Rights Reserved. # # $Revision: 1.0 $ # $Date: 2005/03/11 08:33:13 $ # $Id: howto-daemon.txt,v 1.0 2005/03/11 08:33:13 conover Exp $ # $Log: howto-daemon.txt,v $ # Revision 1.0 2005/03/11 08:33:13 conover # Initial revision #