# .procmailrc by Julian Stacey jhs@berklix
# VERBOSE=YES	# For debugging only else Rapidly grows
	# commenting:
		# I indent the # as mush as possible, toward the text,
		# so I can easier search for eg "^I[a-z]" as they are
		# generally mistakes that should be preceded by a "*"
# Bug to analyes JJLATER:
	# this works		~mk/procmailrc.spam@ -> ../jhs/.procmailrc.spam
	# But I cannot use	~mk/.procmailrc -> ../jhs/.procmailrc
	# http://berklix.com/~jhs/dots/.procmailrc
	# http://berklix.com/~jhs/dots/.procmailrc.spam
	# http://berklix.com/~jhs/dots/.procmailrc.spam.phrases
	# http://berklix.com/~jhs/dots/Makefile
	# man procmail
	# man 5 procmailrc
	# man 5 procmailex
	# man 1 egrep
# This & some, but not all, included files are on web, so:
	# - Does not contain passwords.
	# - Does not contain full email strings to avoid crawlers for spammers.
	# - I let star completion do the job for procmail,
	#   while not providing quite enough for spammer harvester robots
# ag@muc 15 Oct 1998:
#   |> Ich bekomme noch mals dass Probleme wohin meine emails sind ungewunscht
#   |> zusammen gestoessen, mit nur 4 mal Control A inzwischen.
#   Ctrl-A sind Trennzeichen bei MMDF-Mails, und auch bei Mail-Digests.
#   Wir stellen Mails nicht im MMDF-Format zu.
#   Mail ueber UUCP wird bei uns nicht gebuendelt.
# Strategies for spam filtering:
	# - http://www.cs.helsinki.fi/~wirzeniu/mailfilter.html
	# - http://www.ii.com/internet/robots/procmail (per CT mag 7.97)
	# - http://mops.vix.com/rbl (or nops) black hole list against spammers
# Action Notes:
	# ! Forwards to all the specified mail addresses.
	# | Starts the specified program,
	# example/.
		# delivers numeric files into directories, without updating files,
	# | $RCVSTORE +example ; tri_mail
		# edits the ~/mail/_folders_/.mh_sequences unseen: fields
		# however I hashed out tri_mail as I got a dup of everything in Inbox
	# cw
		# I dropped the w(ait)
		# on many, as if a sym link to an archive dir. is not in place,
		# I dont want my Inbox to flood with dups or errs.
	# Similarly I reduced many "0 w$" to "0"
	# I don''t currently want this functionality, but keep syntax for interest:
		# To get rid of the duplicates, put this in your .procmailrc:
		# # Avoid messages with duplicate Message-ID
		# :0 W: msgid.lock
		# | formail -D 65536 msgid.cache
# -----------------------------------------------------------------------------
PATH=/bin:/usr/bin:/usr/local/bin
MAILDIR=$HOME/mail
DEFAULT=$MAILDIR/Inbox/.
# LOGFILE=$MAILDIR/procfile.log
	# Try sometime LOCKFILE=$MAILDIR/lockfile.mine
	# LOGFILE=$MAILDIR/../log/procmail.log
	# LOGFILE will also contain any error or diagnostic messages from procmail
	# or other programs started by procmail. If this file not specified,
	# any diagnostics or error messages will be mailed back to the sender.
INBOX_HTML_NO_PLAIN=Inbox.d/Inbox.html-plain
INBOX_HTML_WITH_PLAIN=Inbox.d/Inbox.html+plain
# -----------------------------------------------------------------------------
	# SQUEEZE="formail -I Received: |"
	# Msg-Protect=0644
RCVSTORE=/usr/local/libexec/nmh/rcvstore
# -----------------------------------------------------------------------------
	# Spam Policy Switchable Here, If:
	# - One suspects occasional loss of valid mail.
	# - One suspect spammers are flooding,
	#   which though automatically deleted, wastes bandwidth & CPU,
	# - Spam autopsy desired, eg to analyse IPs of major offenders.
SPAM_NULL_NO_RCVSTORE=/dev/null
	# Discard spam forever (& maybe lose an odd valid mail?).
	# Note when rcvstore was used with this (which I now avoid)
	# it used to complain: unable to change directory to /dev/null
	# SPAM_NULL_NO_RCVSTORE=$MAILDIR/.null
	# Append to invisible file for rescue/ debug. Truncate manually.
## SPAM_NULL_NO_RCVSTORE=$MAILDIR/spam/Null/.
	# Save each spam in a seperate file for checking.
	# Capital N to make it near first, to realise special.
	# Note, noy filled by $RCVSTORE so EXMH does not turn blue.
SPAM_USER_SUSPENDED=spam/user_suspended/.
	# SPAM_USER_SUSPENDED=$SPAM_NULL_NO_RCVSTORE
SPAM_NULL_NO_ACCESS=$SPAM_NULL_NO_RCVSTORE
	# usually masquerading spammers, unless eg SASL goes wrong.
	# SPAM_NULL_NO_ACCESS=spam/no_access/.
PRI_MAIL=$HOME/txt/mail
PRI_MAIL_SYSTEMS=$PRI_MAIL/systems
:0 H # ------------------------------------------------------------------------
* ^Subject:.*majordomo_backup
	{
		# Early divert monster 60M backups, else they have to be
		# parsed by every rule in this file & then every rule in the
		# spam file, which was agonising when my main host had
		# failed & I was on a slower fallback system
	:0 B # ----------------------------------------------------------------
	* ^begin 644 majordomo.200
		# I would like to store it here with this:
		#	| $RCVSTORE +/usr/backup/host/list/usr/local/majordomo
		# But I have no write permission as rdist can leave mode of
		#	/usr/backup/host/list/usr/local/majordomo
		#	drwxr-xr-x   root  wheel
		# So just ensure its caught, & manually move it later.
	| $RCVSTORE +owner/majordomo
		# I could save disc space by adding a | uudecode
		# but first check if a rooted path could be a security risk.
	}
# -----------------------------------------------------------------------------
# Man procmail* refers to egrep
# man egrep lists some meta characters.
# man procmailex lists more meta characters eg () as in (optional)
# Assume all of these are special & need delimiting:
	# ! # $ & '' ( ) * + . < > ? [ \ ] ^ `` { | }
	# the `` & '' are duplicated above to satisfy brackets.c
# Assume these do not need delimiting:
	# @ = : ; % ~
# I have restored \ before these pattern lines beginning with '*':
	# ! # $ & '' ( ) * + . < > ? [ \ ] ^ `` { | }
	# the '' & `` are duplicated above to satisfy brackets.c
# -----------------------------------------------------------------------------
# INCLUDERC:
	# 2 level nested/ cascading includes work, ie with .procmailrc including
	# .procmailrc.private, & .procmailrc.private including .procmailrc.spam
	# Non nested also works.
	# Some of files below for mk@ are dummies, but all are valid for jhs@
INCLUDERC = $HOME/.procmailrc.divert	# Diverter with a non public string
INCLUDERC = $HOME/.procmailrc.lists	# Mail lists normal recipient.
INCLUDERC = $HOME/.procmailrc.system.logs	# System logs to keep.
				# Before .procmailrc.spam
				# As security logs lists rejected mail hosts.
				# Before .procmailrc.private.keep
				# To avoid logs being archived to julian/
INCLUDERC = $HOME/.procmailrc.private.keep	# Family & business enquiries,
				# After .procmailrc.lists as mk@ postings
				# to gea@ & friday@ are not personal.
INCLUDERC = $HOME/.procmailrc.private.dump	# Kill list, Offensive people,
				# After .procmailrc.lists,
				# As may be less offensive there.
INCLUDERC = $HOME/.procmailrc.web_form
				# Before .procmailrc.spam (I review)
				# As some automaticly discardable.
INCLUDERC = $HOME/.procmailrc.owner.dump	# Masqueraded spam bounces,
				# To postmaster & lists & domo owner.
# INCLUDERC = $HOME/.procmailrc.white	# Known people. Before .procmailrc.spam
				# JJLATER need to create maintenance tools/
				# eg buttons within EXMH or search nmh &
				# anti spam tools etc.
INCLUDERC = $HOME/.procmailrc.fonts	# Generic spam, eg foreign fonts.
INCLUDERC = $HOME/.procmailrc.spam	# Specific spam phrases & domains,
				# Late as possible as:
				# - Waste of machine time: 68K rule lines.
				# - Waste of human time: I take a quick
				#   glance at list of senders & block cursor
				#   scroll delete.
INCLUDERC = $HOME/.procmailrc.multi	# Multi Line Combination Spam
				# After single line spam phrases
INCLUDERC = $HOME/.procmailrc.errors	# Mail system errors,
				# After spam phrases; Many sites stupidly
				# bounce to me, victim of masquerading spammers.
INCLUDERC = $HOME/.procmailrc.owner.keep # List & domo stuff to keep.
				# After .procmailrc.spam as spammers
				# target owner@ as well as jhs@
INCLUDERC = $HOME/.procmailrc.private.self	# Self archived copies.
				# As spammers masquerade as me sending to me.
				# Include after spammer filtering
INCLUDERC = $HOME/.procmailrc.3d # 99.5% spam, but some friends.
				# Include this after spam phrases.
:0 B # No Body ----------------------------------------------------------------
* ![a-z0-9]
	{
	# No body. Likely spam unless message in subject line only
	# which happens occasionaly.
	# Above, I do not use ![[:print:]] but ![a-z0-9], as:
		# - If there's just puntuation or parity high foreign char
		#   set junk it's not legible & wanted for me.
		# - Other rules often FAIL on [[:print:]]
	:0 H
	* !^Subject:
		# No subject either.  Perhaps probes from virused PCs ?
	| $RCVSTORE +spam/empty
	:0 # ------------------------------------------------------------------
	| $RCVSTORE +Inbox.d/Inbox.no_body
	}
:0 H # No subject line. From someone in a rush ? ----------------------------
* !^Subject:
| $RCVSTORE +Inbox.d/Inbox.no_subject
:0 H #  Nearly empty subject line. From someone in a rush ? -----------------
	# These rules fail to detect a completely empty line:
		# JJLATER FAILS * !^Subject:[[:blank:]]*$
		# JJLATER FAILS * !^Subject:[[:print:]]
		# JJLATER FAILS * !^Subject:[[:print:]]
* !^Subject:.*[a-z0-9\-]
| $RCVSTORE +Inbox.d/Inbox.subject_empty
:0 H # ------------------------------------------------------------------------
* ^MIME-Version:
	{
	:0 H # ----------------------------------------------------------------
	* ^Content-Type: multipart
		# multipart/related
		# multipart/mixed; From majordomo-users-owner@greatcircle
		# multipart/alternative; From mk@work & other MS.
		{
		:0 B # --------------------------------------------------------
		* ^Content-Type: text/html
			# Various valid senders are incompetent &
			# send HTML, & are too ignorant to
			# understand let alone change mailer settings.
			{
			:0 B # ------------------------------------------------
			* !^Content-Type: text/plain
			# Spammers are more likely to avoid plain text filters.
			# Avoid catching friends who send plain + html + pics.
				{
				:0 B # ----------------------------------------
				* ^Content-Transfer-Encoding: base64
					{
					# An enclosure containing
					# HTML & base64 in same
					# enclosure would almost
					# certainly be spam, but no
					# idea if in same enclosure,
					# so But do not send to
					# $SPAM_NULL_NO_RCVSTORE
					# However as also no plain
					# text, is likely spam.
					:0 H # --------------------------------
					* may be forged
					$SPAM_NULL_NO_RCVSTORE
					:0 H # --------------------------------
					# JJLATER likely would FAIL: * ^Subject:[[:blank:]]*[[:print:]]+ gave me this link
					* ^Subject:.*[a-z0-9\-]+ gave me this link
					| $RCVSTORE +spam/phrases.egrep
					# -------------------------------------
					:0 # Probably spam, 
					# unless a friend sent HTML, no plain, + pics
					| $RCVSTORE +spam/base64html
					}
				:0 H # ----------------------------------------
				* ^Content-Type: text/html
				# HTML From Spammers & Incompetents.
				| $RCVSTORE +$INBOX_HTML_NO_PLAIN
				}
			}
		}
	#===============
INCLUDERC = $HOME/.procmailrc.mime
	#===============
	:0 w # --------------------------------------------------------
	| $RCVSTORE +Inbox.d/Inbox.mime
	}
:0 HB # -----------------------------------------------------------------------
* ^Content-Transfer-Encoding: base64
	# Mostly spam, But pictures from friends too ?
	# Non Spams have included:
		# Content-Type: application/x-pkcs7-signature
		# Content-Type: application/pdf
| $RCVSTORE +Inbox.d/Inbox.base64
:0 H # ------------------------------------------------------------------------
* ^To:.*undisclosed-recipients:
# Probably a spammer (though Geoff used to use it too).
# Divert it, so it does not ring my inbox bell.
| $RCVSTORE +Inbox.d/Inbox.undisclosed
:0 H # ------------------------------------------------------------------------
* ^Cc: recipient list not shown:
# Probably a spammer. Might be a aperson who does no want friends to see
# each other's addresses.
# Divert it, so it does not ring my inbox bell.
| $RCVSTORE +Inbox.d/Inbox.undisclosed
:0 H # ------------------------------------------------------------------------
# Trap spammers using wrong name eg To: "Santos" <jhs@berklix.n*>
# (unfortunately will also trap genuine mis-spellers)
# totalregistrations addresses me as "jhs@mx.berk
# Do not catch addresses without double quotes eg 'Julian Stacey <jhs@berk'
# Do not catch people who just send to jhs@ without a name
# I dont know how to catch eg: "To some.other@place,\nJulian"
* ^To:.*\"[a-z ]+\" \<jhs@
* !To:.*\Julian
* !To:.*Stacey
* !To:.*\"jhs@
#	"	brackets.c compensator
* !To:.*\"\<jhs@
| $RCVSTORE +spam/name_wrong
:0 B # ------------------------------------------------------------------------
* Status: 5\.2\.2 \(mailbox full\)
| $RCVSTORE +error/full
:0 B # ------------------------------------------------------------------------
* ^Attached is your scanned document
| $RCVSTORE +Scan
:0 B # ------------------------------------------------------------------------
* \<DIV\>
* \<STRONG\>
| $RCVSTORE +$INBOX_HTML_NO_PLAIN
:0 B # ------------------------------------------------------------------------
* \<DIV\>
* \&nbsp;
| $RCVSTORE +$INBOX_HTML_NO_PLAIN
:0 B # ------------------------------------------------------------------------
* \<STRONG\>
* \&nbsp;
| $RCVSTORE +$INBOX_HTML_NO_PLAIN
:0 H # ------------------------------------------------------------------------
#    (mmds-216-19-11-135.tbm.az.commspeed.net [216.19.11.135] (may be forged))
#	satisfy brackets.c (
# JJLATER might FAIL:	* \[[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+\] \(may be forged\)\)
#	(	brackets.c compensator
* \[[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\] \(may be forged\)\)
* !Received: from js.berklix.net \(p[0-9]+.dip.t-dialin.net
#	) brackets.c matcher
| $RCVSTORE +spam/forged
:0 B # ------------------------------------------------------------------------
	# Trap mail with font to avoid ringing my bell, likely spam
* \<font size=
| $RCVSTORE +Inbox.d/Inbox.font
:0 B # ------------------------------------------------------------------------
# Intercept random text (eg eye catching nwspaper headline type junk,
# accompanying unlabelled web ref (to a spammer site)).
# a few friends will be caught like this, tough, at least M won't
# as filtered earlier.
* http://
| $RCVSTORE +Inbox.d/Inbox.http
#	This even traps stuff I send others where I cc myself.
#	Maybe I need to add some rule like Not if cc jhs@
# -----------------------------------------------------------------------------
	# Msg-Protect=0600
:0 wc # -----------------------------------------------------------------------
	# Store rest & get it to change colour in EXMH with rcvstore.
| $RCVSTORE +Inbox
:0 c # ------------------------------------------------------------------------
	# Keep a copy of last 100 personal mails see "man 5 procmailex"
	# dot at beginning makes it invisible to exmh.
.Recent
:0 ic # -----------------------------------------------------------------------
| cd .Recent && rm -f dummy `ls -t msg.* | sed -e 1,100d`
	# Example of directory content:
	# -rw-------   1 jhs  staff 1440 Mar 17 15:12 msg.-a_J
	# ... 98 lines deleted ...
	# -rw-------   1 jhs  staff  972 Mar 19 00:02 msg.zc_J
	# JJLATER I should perhaps keep last few days 
	# $SPAM_NULL_NO_RCVSTORE spams.
:0 # So bell will ring with eg: xbiff -file /usr/home/jhs/mail/.xbiff # -------
$MAILDIR/.xbiff
	# man procmailrc:
	# If processing falls off the end of the rcfile,
	# procmail will deliver the mail to $DEFAULT
	# So Why, as the .xbiff line above has no "c" do I get duplicates ?
	# So see if anything gets here
		# :0
		# | $RCVSTORE +error/dups
		# end
	# No, nothing received.