Loading
Stop Forwarding Spam
Advice from LJ 's technical manager about how to use a local user account to stop forwarding spam and viruses.
Do you have entries in your /etc/aliases file that look like:
totally_bogus_user: somebody_else@someplace.com
forwarding incoming e-mail to totally_bogus_user back out to somebody_else?
In this new spammy viral age, are you getting complaints from somebody_else about undesired e-mail you're forwarding?
Here's help. Even without setting up a user login for totally_bogus_user, you can filter these kinds of forwards. I describe here how to do it using Postfix and procmail. It can be done with other MTAs, such as Exim, Qmail or Sendmail, but the details are different.
Set up a local user account with minimal privileges. You can re-use this account for many different forwarding mail filters. The account here for these things belongs to a user named forwards. Give forwards some directories:
/home/forwards/
/home/forwards/Mail/
/home/forwards/Mail/virus/
with the usual permissions.
Next, make the directory /etc/procmailrcs/ and set it to be owned and writable only to root, readable and searchable by anybody:
ls -ld /etc/procmailrcs
drwxr-xr-x 2 root root 4096 Mar 11 16:46 /etc/procmailrcs/
In that directory put a file named bogus that contains your favorite procmail recipe. For example:
# ------------- Begin /etc/procmailrcs/bogus ----------- # Useful definitions VERBOSE=no LOGFILE=$HOME/Mail/procmail-log SPAMFILE=/dev/null COMSAT=no # Invoke YAVR, http://agriroot.aua.gr/~nikant/nkvir/ # which may sideline and save the mail in the # /home/forwards/Mail/virus/ # directory MAILDIR=$HOME/Mail INCLUDERC=/home/share/filter/nkvir-rc # Filter mail through SpamAssassin's spamc client # using spamd on host "alligator" as the spamd server :0fw | spamc -d alligator # If the mail now has a header that says # X-Spam-Status: Yes, spamfile it. If the # pattern here matches, procmail stops and does # not go on to forward the mail. :0 * ^X-Spam-Status: Yes $SPAMFILE # If it survived all that, forward the mail :0 !somebody_else@someplace.com # ------------- End of /etc/procmailrcs/bogus -----------
This file should be owned by forwards:
ls -ld /etc/procmailrcs/forwards
-rw-r--r-- 1 forwards forwards 812 Mar 11 09:35 bogus
Now, an /etc/aliases entry such as:
totally_bogus_user: "|usr/bin/procmail -m /etc/procmailrcs/bogus"
lets you forward e-mail without forwarding so many of the viruses or spam.
Don't forget to rebuild the aliases database:
postalias /etc/aliases
after changing /etc/aliases.
You can set up as many forwarding recipes as you like, all using the same forwards user but having different entries in /etc/aliases and different files in /etc/procmailrcs. Be sure to set up one that directs the mail to your attention, as the headers in the outgoing mail forwarded by this method include:
Return-Path: <forwards@yourdomain.com>
which may cause some mail to be directed to the forwards user. The /etc/aliases entry would look like:
forwards: "|usr/bin/procmail -m /etc/procmailrcs/forwards"
and /etc/procmailrcs/forwards will be similar to /etc/procmailrcs/bogus. Replace somebody_else@someplace.com with your e-mail address.
______________________
- Fun with ethtool
- Parallel Programming with NVIDIA CUDA
- Readers' Choice Awards 2011
- 100% disappointed with the decision to go all digital.
- Linux-Based X Terminals with XDMCP
- Validate an E-Mail Address with PHP, the Right Way
- You Need A Budget
- The Linux powered LAN Gaming House
- Why Python?
- Python for Android
- Employment Posters
5 hours 37 min ago - Sure the best distro is
6 hours 58 min ago - BeOS was the best
9 hours 41 min ago - I use Wireshark on a daily
14 hours 12 min ago - buena información
19 hours 18 min ago - One important "bucket" that I didn't note (désolé si qqun deja d
20 hours 19 min ago - Gnome3 is such a POS. No one
1 day 5 hours ago - Gnome 3 is the biggest POS
1 day 5 hours ago - I didn't knew this thing by
1 day 12 hours ago - Author's reply
1 day 15 hours ago
Comments
Actually, make it easier on yourself
Why make a different procmail file for every forwarded address? Just do this in /etc/aliases:
totally_bogus_user: "|procmail -m /etc/procmailforwards bogus@foo.com"some_other_user: "|procmail -m /etc/procmailforwards some_other_user@example.com"Then, in /etc/procmailforwards, after your spam check, just do this:
:0# forward to the intended recipient
! $1
The
$1is a parameter to procmail, and it will function for either recipient.Re: Stop Forwarding Spam
You really shouldn't need to create a user account for this. Just have root own the files in /etc/procmailrcs.
We have a generic procmailrc that we use whenever setting up an alias.
# Add this to /etc/aliases:
# user: "|procmail -m /etc/procmailrcs/user"
# INCLUDERC needed to run global system rc file - do not delete
INCLUDERC=/etc/procmailrc
# Uncomment recipe and replace user@remotehost with forwarding address
#:0
#! user@remotehost