# http://www.berklix.com/~jhs/dots/.procmailrc # ~/.procmailrc by Julian H. Stacey jhs_ERASE_@berklix.com # About procmail: # http://www.procmail.org/ # https://svnweb.freebsd.org/ports/head/mail/procmail/pkg-descr?view=markup # https://mailman.rwth-aachen.de/mailman/listinfo/procmail # man procmail # man procmailrc ## VERBOSE=YES # Enable only for debuging. $LOGFILE Grows Rapidly ! # Commenting: # # I indent the '#' as mush as possible, toward the text, # # so I can easier search for eg "^I[a-z]" as they are # # generally mistakes that should be preceded by a "*" # JJLATER consider specifying rcorder meta keys in all ~/.procmailrc* # to ease checking of include order. Not that I need it. # JJLATER Puzzles: # This works ~mk/.procmailrc_phrases_inc -> ../jhs/.procmailrc_phrases_inc # But I cannot use ~mk/.procmailrc -> ../jhs/.procmailrc # ~/public_html/dots/.procmailrc # ~/public_html/dots/.procmailrc_spam # ~/public_html/dots/.procmailrc_spam_phrases # ~/public_html/public_html/dots/Makefile # man procmail # man 5 procmailrc # man 5 procmailex # man 1 egrep # This & some, but not all, included files are also linked from mk@. # This & some, but not all, included files are on web, so: # - Does not contain passwords. # - Does not contain full email strings to avoid crawlers for spammers. # - I let star completion do the job for procmail, # while not providing quite enough for spammer harvester robots # ag@muc 15 Oct 1998: # |> Ich bekomme noch mals dass Probleme wohin meine emails sind ungewunscht # |> zusammen gestoessen, mit nur 4 mal Control A inzwischen. # Ctrl-A sind Trennzeichen bei MMDF-Mails, und auch bei Mail-Digests. # Wir stellen Mails nicht im MMDF-Format zu. # Mail ueber UUCP wird bei uns nicht gebuendelt. # Strategies for spam filtering: # - http://www.cs.helsinki.fi/~wirzeniu/mailfilter.html # - http://www.ii.com/internet/robots/procmail (per CT mag 7.97) # - http://mops.vix.com/rbl (or nops) black hole list against spammers # Filter notes # man 5 procmailrc # ^ Start of a line. # $ End of a line. # . Any character except a newline. # a* Any sequence of zero or more a''s. # a+ Any sequence of one or more a''s. # a? Either zero or one a. # [^-a-d] Any character which is not either a dash, # a, b, c, d or newline. # de|abc Either the sequence ``de'' or ``abc''. # (abc)* Zero or more times the sequence ``abc''. # \. Matches a single dot; # So Catch eg: From: "=?utf-8?Q?Avionic" # With * ^From: .*Avionics # Action Notes: # ! Forwards to all the specified mail addresses. # | Starts the specified program. # example/. Delivers into directories, without updating files. # | $RCVSTORE +example ; tri_mail # # Edits the ~/mail/_folders_/.mh_sequences unseen: fields # # but I hashed out tri_mail as I got a dup of all in Inbox. # cw # # I dropped the w(ait) # # on many, as if a sym link to an archive dir. is not in place, # # I dont want my Inbox to flood with dups or errs. # Similarly I reduced many "0 w$" to "0" # I do not want this functionality, but keep syntax for interest: # # To get rid of the duplicates, put this in your .procmailrc: # # # Avoid messages with duplicate Message-ID # # :0 W: msgid.lock # # | formail -D 65536 msgid.cache # Potential Security Loopholes: # https://nvd.nist.gov/vuln/detail/CVE-2017-16844 # From: Thierry Thomas # Date: Tue, 18 May 2021 18:48:54 +0200 # To: freebsd-ports@freebsd.org # Le mar. 18 mai 21 à 18:27:09 +0200, Julian H. Stacey # écrivait : # > Dave Horsfall wrote: # > > On Tue, 18 May 2021, Julian H. Stacey wrote: # > > > I''d use /usr/ports/mail/procmail # > > I wouldn''t; it''s an unsupported and obscure scripting language just asking # > > for bugs, and actually has several CVEs against it. # > URLs please ? # > None on https://en.wikipedia.org/wiki/Procmail # > just some obscure FUD # > "a number of security vulnerabilities have been discovered # > since its last release" # > But no URLs to CVEs. BTW It also says: # Maybe this one: # https://nvd.nist.gov/vuln/detail/CVE-2017-16844 # But nobody cares enough to add an entry in VuXML# because the FreeBSD # port is patched. PATH=/bin:/usr/bin:/usr/local/bin MAILDIR=$HOME/mail # MAILDIR is not used directly by .procmailrc* # HEADCMD="head" HEADCMD="tail" # For some weird reason head is failing with eg: # | /usr/bin/head >> $XBIFTWO # procmail: Error while writing to " /usr/bin/head >> $XBIFTWO" # procmail: Assigning "LASTFOLDER= /usr/bin/head >> $XBIFTWO" # (so lots of mail get processed again, putting duplicates in other # directories) yet these { cat tail more } work, eg: # | /usr/bin/tail >> $XBIFTWO # procmail: Executing " /usr/bin/tail >> $XBIFTWO" # procmail: Assigning "LASTFOLDER= /usr/bin/tail >> $XBIFTWO" # So although head -1 would be ideal, live with tail -1, which provides # less info, but still will be sufficient to trigger xbiff HEADFLG="-3" # Without quotes above I see 'procmail: Skipped "-1"' # With a space before fist quote I saw: # procmail: Executing " $HEADCMD $HEADFLG >> $XBIFTWO" # procmail: Error while writing to " $HEADCMD $HEADFLG >> $XBIFTWO" # -2 leaves xbiff2 with just empty lines, so increase to -3 # XBIFTWO is a space saving version of ~/.xbiff # & to still trigger the xbiff X-Windows icon # XBIFTWO=$MAILDIR/.xbiff XBIFTWO=$HOME/.xbiff # fire: printenv MAIL /var/mail/jhs # dell: printenv MAIL /var/mail/jhs # ~/.fvwm/config has xbiff -file ~/mail/.xbiff # fire: ps -laxww| grep xbiff : xbiff -g 50x50+927-0 -file mail/.xbiff -volume 0 INBOX_D=Inbox/auto # INBOX_D is not Inbox, else the xbiff mail icon comes on too often for a lot # of mail that is not truly personal from known people, & some is junk. # INBOX_D is not an archive of mail pending reply or action (That is './Seen'). # INBOX_D has sub directories for categories of unexpected mail. # This command to csh should produce nothing: # cd ~/mail/Inbox_d ; find . -type f -name \[0-9\]\* # If it list any files that are not spam, I need to also add a filter rule. INBOX_KNOWN = Inbox LOGFILE=/home/jhs/.mail.procmail.log # If this is defined, 3 lines go to it for every email received: # From , Subject:, Folder: # Or thousands of lines per mail if debug enabled. Hence put it to a # spare old FS that doesnt matter if it floods, like this: # ln -s /1s4/jhs/mail/procmail.log ~/.mail.procmail.log # & split it before debug with eg: # split -l 1000000 ~/.mail.procmail.log # It is good to leave it defined, at least occasionaly after adding rules, # to pick up procmailrc syntax errors. # LOGFILE will also contain any error or diagnostic messages # from procmail # or other programs started by procmail. If this file not specified, # any diagnostics or error messages will be mailed back to the sender. # Meta Characters # Below, the `` and '' are duplicated above to satisfy brackets.c, # similar for \\ # Man procmail* refers to egrep # man egrep lists some meta characters. # man procmailex lists more meta characters eg () as in (optional) # man procmailrc lists SHELLMETAS as # & * ; < > ? [ | ~ # Brackets balancer: ] # Full ascii list, except 0-9 a-z, (used for alignement of comments adjacent) # ! " # $ % & '' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ `` { | } ~ # Assume all of these are special & need delimiting: # ! # $ & '' ( ) * + - . < > ? [ \\ ] ^ `` { | } # Assume these do not need delimiting: # % : ; = @ ~ # What about: # " # Most meta characters probably apply to match lines. # Some also apply to action lines. # Not listed by man egrep: # ! z z z z z z z z z z z z z z z z z z z z z z z z z z z z z z z z z # Listed by man egrep: # z z z z z z z z z z z z z z z z z z z z z z z z z z z z z z z z z # SQUEEZE="formail -I Received: |" # Msg-Protect=0644 RCVSTORE=/usr/local/libexec/nmh/rcvstore NOUNSEEN="-nounseen" # LOCKFILE=$MAILDIR/lockfile.mine # I tried Enabling this 2009.06.18 while off line, but I then saw # LOGFILE report "No match on" 1 line from my spam list, each maybe 4 # seconds. # Whatever, I cant afford it that slow. # So unless maybe I add some way to change times, It''s no use # to try to avoid flood of procmail processes eating much CPU, # when first connecting after off line during night. # man procmail: # When delivering to directories, MH folders, or maildir # folders, you do not need to use lockfiles to prevent several # concurrently running procmail programs from messing up. # Delivering to MH folders is slightly more time consuming # than deliver- ing to normal directories or mailboxes, because # procmail has to search for the next available number # (instead of having the filename immedi- ately available). INBOX_HTML_PLAIN=$INBOX_D/html-plain SWITCH_NULL_NO_RCVSTORE=/dev/null # SWITCH_NULL_NO_RCVSTORE=$MAILDIR/error/null/. # Spam Policy Switchable Here, If: # - One suspects occasional loss of valid mail. # - One suspect spammers are flooding, # which though automatically deleted, wastes bandwidth & CPU, # - Spam autopsy desired, eg to analyse IPs of major offenders. SPAM_NULL_NO_RCVSTORE=/dev/null # SPAM_NULL_NO_RCVSTORE=$MAILDIR/spam/null/. # Save each spam in a seperate file for checking. # Note, not filled by $RCVSTORE so EXMH does not turn blue. # .procmailrc_errors # .procmailrc_fonts # .procmailrc_last # .procmailrc_lists # .procmailrc_private_lists_toytown # .procmailrc_owner_dump # .procmailrc_owner_keep # .procmailrc_private_dump_after # .procmailrc_private_dump_before # .procmailrc_system_logs # Discard spam forever (& maybe lose an odd valid mail?). # Note when rcvstore was used with this (which I now avoid) # it used to complain: unable to change directory to /dev/null # SPAM_NULL_NO_RCVSTORE=$MAILDIR/.null # Append to invisible file for rescue/ debug. Truncate manually. SPAM_USER_SUSPENDED=spam/user_suspended/. # SPAM_USER_SUSPENDED=$SPAM_NULL_NO_RCVSTORE SPAM_NULL_NO_ACCESS=$SPAM_NULL_NO_RCVSTORE # SPAM_NULL_NO_ACCESS=spam/no_access/. # usually masquerading spammers, unless eg SASL goes wrong. ARC_PRI=archive/pri PUB_MAIL=/pub/mail PUB_MAIL_LIST=$PUB_MAIL/list # fire pre 2020-09-10 PUB_FREEBSD_MAIL=/pub/FreeBSD/mail # /usr/ftp/pub/FreeBSD/mail -> ../../../../1s4/ftp/pub/freebsd/mail # lapr post 2020-09-10 PUB_FREEBSD_MAIL=/pub/mail/freebsd PUB_FREEBSD_MAIL=$PUB_MAIL/freebsd # man procmailrc: # h Feed the header to the pipe, file or mail destination (default). # b Feed the body to the pipe, file or mail destination (default). # What it doesnt say but should is: # you get both header + body by default without specifying either, # but if you specify only one & not the other you only get header # or body. # This can be proven by inserting a # "| tee /tmp/tee" before a "| $RCVSTORE +$INBOX_KNOWN" NOMIME="/usr/local/bin/demime+emil+delatt" # ~/public_html/bin/.sh/demime+emil+delatt NOMIME_FORCE="/usr/local/bin/demime+emil+delatt -f" # JJLATER I will a add a force flag (to discard enclosures) # or variant of demime+emil+delatt NOMIME_CAT="cat" # This is for rules that ueed to use NOMIME_FORCE, # which was then found to break URLS, eg in .procmailrc_lists newstatesman # | $NOMIME | $RCVSTORE +list/quiet/brexit/newstatesman # NOMIME_FORCE broke long URLs, eg # Content-Type: text/plain; charset=utf-8 # Content-Transfer-Encoding: quoted-printable # http:/= # /go.pardot.com/webmail/509131/308516477/e4377c11edee9c2b7cfddedb6cbd7aef5a9= # bea2bcb65a4baf95087d562b0be71 # The above was displayed OK by EXMH as # http://go.pardot.com/webmail/509131/308516477/e4377c11edee9c2b7cfddedb6cbd7aef5a9bea2bcb65a4baf95087d562b0be71 # but was mangled by $NOMIME_FORCE to # http://go.pardot.com/webmail/509131/308516477/e4377c11edee9c2b7cfddedb6cbd7ae # f5a9bea2bcb65a4baf95087d562b0be71 # JJLATER # Consider passing all mail that gets past spam phrases through a # NOMIME + assert some new Berklix_forced_demime flag to stop it recursing # Allow a trace diagnostic: # ~/public_html/src/bsd/jhs/bin/local/mail/header_add ZZZ_HEADER_ADD="/usr/local/bin/header_add X-Berklix: header_add `date -u +%Y-%m-%dT%H:%M:%SZ` " # Must assert some text to right of colon # otherwise demime will discard the header line. # normaly I append a .procmailrc file name and line number # Before that I also add a bug warning about space stripping. ZZZ_MY_SENDMAIL_PROCESS="$SENDMAIL -i $LOGNAME" # Warning: Above $SENDMAIL went recursive, repeatedly adding a header line, # In a case where I forgot to precede $ZZZ_HEADER_ADD with # :0 Hw # * !^X-Berklix: # To avoid chance of recursion, save it to a file ZZZ_MY_SENDMAIL_FILE="$RCVSTORE +$INBOX_D/my_sendmail" # For Debugging Action Of $ZZZ_HEADER_ADD # DEBUGABC="debugA debugB debugC" # :0 H # * ^Subject: debug1 debug2 debug3 # * !^X-Berklix: header_add .+ debugA debugB debugC # { # :0 c # | $ZZZ_HEADER_ADD .procmailrc 318 $DEBUGABC > \ # /home/jhs/tmp/procmail.debug # # :0 # | $ZZZ_HEADER_ADD .procmailrc 321 $DEBUGABC | $ZZZ_MY_SENDMAIL_PROCESS # } # "-t" # Problem: '-t' sent the mail round again, back to the gate, back to # the remote server, & back to me again, inefficient. # Also if other recipients were in header probably they got a copy too ? # -i $LOGNAME # Looped with repeated: # X-Berklix: http://www.berklix.com/~jhs/dots/.procmailrc_last 395 # Received: from fire.js.berklix.net (localhost [127.0.0.1]) by # fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s2KNElMM067856 for # ; Fri, 21 Mar 2014 00:14:47 +0100 (CET) # (envelope-from jhs@fire.js.berklix.net) # Received: (from jhs@localhost) by fire.js.berklix.net # (8.14.7/8.14.7/Submit) id s2KNElrs067855 for jhs; Fri, 21 Mar 2014 # 00:14:47 +0100 (CET) (envelope-from jhs) # X-Berklix: http://www.berklix.com/~jhs/dots/.procmailrc_last 395 # No -X /var/log/header_add.log # Because I found (by using a test Makefile) it produces these error lines: # WARNING: RunAsUser for MSP ignored, check group ids (egid=20, want=25) # can not chdir(/var/spool/clientmqueue/): Permission denied # Program mode requires special privileges, e.g., root or TrustedUser. # & /var/log/header_add.log : # can not chdir(/var/spool/clientmqueue/): Permission denied # & data was not sent to mail system, # & if the rule that calls sendmail had a 'w' (as in ':0 Hw'), # procmail see the rule as failing, & passes the mail on to the next rule. # Warning do not add macros for condition lines, as procmail will not use them. # Archive before filtering, the last 200 emails in ~/mail/.backup/original # A copy for debug, taken from man procmailex # Caution it will fill fast, what with ctms & spam & mailman weekly archives # etc. :0 c .backup/original # directory name is not visible, filenames are not mh compliant :0 ic | cd .backup/original && rm -f dummy `ls -t msg.* | sed -e 1,200d` # See Also: ~/mail/.backup/filtered in all of # .procmailrc_last # .procmailrc_lists # .procmailrc_people_inc # .procmailrc_private_keep # :0 H # * ^Subject: majordomo_transmit\.sh # # No need to also filter on To: jhs-list@slim, list_backup@(\land|\slim) # { # # majordomo_backup from ~/public_html/bin/.sh/majordomo_transmit.sh # # Divert monster backups, before many spam detect rules slow system. # # No longer a monster data size, now just a reminder to ftp, # # so I could move this rule. # :0 H # * ^Subject: majordomo_transmit\.sh fetch # | $RCVSTORE +cron/majordomo_fetch # :0 B # * ^begin 644 majordomo.20 # # 20 is first part of year eg 2009. # # | $RCVSTORE +owner/backup # | /home/jhs/bin/.sh/majordomo_receive.sh # } #Temporary Rule JJLATER remove # :0 H # * ^Subject:.+Test that freebsd-ctm-bld@berklix____ can send CTM deltas # | $RCVSTORE +tech/ctm/tests :0 H * ^Subject: mailman_transmit\.sh # No need to also filter on To: jhs-list@slim, list_backup@(\land|\slim) { # mailman_backup from ~/public_html/bin/.sh/mailman_transmit.sh # Divert monster backups, before many spam detect rules slow system. # No longer a monster data size, now just a reminder to ftp, # so I could move this rule. :0 H * ^Subject: mailman_transmit\.sh | $RCVSTORE +cron/mailman_fetch :0 B * ^begin 644 20[0-9][0-9]\-[0-9][0-9]\-[0-9][0-9]\-[0-9][0-9] # 20 is first part of year eg 2009. # | $RCVSTORE +owner/backup | /home/jhs/bin/.sh/mailman_receive.sh } # :0 H # -- Above starts the shell, below collects shell output # * ^Subject:.*majordomo_receive.sh # | $RCVSTORE +cron/majordomo_receive # :0 H # -- Above starts the shell, below collects shell output # * ^Subject:.*majordomo_receive.sh # | $RCVSTORE +cron/mailman_receive # :0 H # # Catch big archives requested from majordomo by eg: # # get bg-org bg-org.archive.1009 # # before CPU chokes on lots of anti spam greps. # # Subject: Majordomo file: list 'bg-org' file 'bg-org.archive.1009' # * ^Subject: Majordomo file: list \'[a-z0-9\-]+\' file \'[a-z0-9\-]+\.archive\.[0-9]+\' # | $RCVSTORE +list/archive # :0 H # * ^Subject: pc532_archive # | $RCVSTORE +pc532 :0 H # Catch big archives requested from mailman by eg: # get bg-org bg-org.archive.1009 # before CPU chokes on lots of anti spam greps. # Subject: mailman file: list 'bg-org' file 'bg-org.archive.1009' * ^Subject: mailman file: list \'[a-z0-9\-]+\' file \'[a-z0-9\-]+\.archive\.[0-9]+\' | $RCVSTORE +list/archive # OWNER_MAJORDOMO=owner/majordomo/. # Used by both .procmailrc_owner_dump & .procmailrc_owner_keep # INCLUDERC: # 2 level nested/ cascading includes work, ie with .procmailrc # including .procmailrc_private, & .procmailrc_private # including .procmailrc_phrases_inc # Non nested also works. # Keep all string defines before any INCLUDERC # else if I later shuffle the order of INCLUDERC # some macro names may not be defined in time. # ---- # Some of files below for mk@ are dummies, but all are valid for jhs@ # each time I add one I should add a dummy for mk@ # When I have a tap on for graham to fast response registrar confirmations # divert to avoid clutter. :0 H # To: info@surfacevision.com * (To|cc): .+@surfacevision.com | $RCVSTORE +berklix/surface INCLUDERC = $HOME/.procmailrc_private_divert # Diverter for bulk pics, with non public string. INCLUDERC = $HOME/.procmailrc_owner_keep # mailman & majordomo to keep. # Before .procmailrc_berklix, so "list created" to owner/. # Intercept password reminders before they go to local copy of mail # list archives. # Rules for Mailman { :0 B * ^You, or someone posing as you, has requested a password reminder * ^You are subscribed with the address: * ^Your .+ password is: | $RCVSTORE +$INBOX_D/passwords :0 B * ^You must know your password to change your options \(including changing * ^the password, itself\) or to unsubscribe without confirmation. It is: | $RCVSTORE +$INBOX_D/passwords :0 B * this information in a secure place and do not share your password # kent.netcommunity1.com | $RCVSTORE +$INBOX_D/passwords # } INCLUDERC = $HOME/.procmailrc_berklix # Lists normal recipient, from berklix. # After .procmailrc_owner_keep, so "list created" to owner// INCLUDERC = $HOME/.procmailrc_private_dump_before # Wasters # Dump anything whether personal to me or to a public list. # One whose name i had forgotten, posted a list, # so I tried to help & he again became a pain, # people like that are moved here from # .procmailrc_private_dump_after . INCLUDERC = $HOME/.procmailrc_private_keep # Private File. Hand Built. Family & business enquiries, # Individual directories per sender. # Conundrum: Competing requirements: # .procmailrc_private_keep to be After .procmailrc_lists # as Melanie postings to bg-org are not personal. # .procmailrc_private_keep to be before .procmailrc_lists # to allow Joy to forward me lists she is subscribed to INCLUDERC = $HOME/.procmailrc_lists # Lists where I am a normal public recipient, # not berklix lists where I have extra organiser work. #{---------------- :0 B # This rule was removed from .procmailrc_owner_keep as there it came before # .procmailrc_lists , so mail from xe.com got dumped in error. # & wrongly # JJLATER might FAIL: (th[[:alpha:]]+|your) list * (remove|unsubscribe|un\-subscribe) (me |)(from|ab) (th[a-z]+|your|ihre|deine) ((e|)mail |)(list|liste|verteiler) { :0 H * ^(To|cc): .+@(|.+\.)berklix. # |CC as I sometime CC myself a copy of errors # I send to other list admins. { :0 w # EXMH blue to get attention # | $RCVSTORE +$OWNER_MAILMAN_NORMAL # Leave exmh black to be zapped later $OWNER_MAILMAN_NORMAL/. # Respond, advise them to use the robot. # :0 wi # | cd /tmp && /usr/home/jhs/bin/.sh/use_robot } :0 # Silently discard spam relayed from non Berklix lists. $SPAM_NULL_NO_RCVSTORE } :0 wB # JJLATER might FAIL: (th[[:alpha:]]+|your) list * (add|subscribe|include) (me |)(on |)(an |to |)(th[a-z]+|your|ihre|deine) ((e|)mail )(list|liste|verteiler) { :0 cw # Next line turns EXMH blue to grab attention | $RCVSTORE +$OWNER_MAILMAN_NORMAL } :0 wB * (bitte|please) unsubscribe { :0 cw # | $RCVSTORE +$OWNER_MAILMAN_NORMAL $OWNER_MAILMAN_NORMAL/. # $SPAM_NULL_NO_RCVSTORE } #----------------} INCLUDERC = $HOME/.procmailrc_system_logs # System logs to keep. # mk@ also includes this to divert # fetchmail.sh bounces. # Before .procmailrc_phrases_inc # As security logs lists rejected mail hosts. # Before .procmailrc_private_keep # To avoid logs being archived to julian/ INCLUDERC = $HOME/.procmailrc_private_router_logs # Router logs to keep. # = $HOME/.procmailrc_private_router_priority # NOT USED JJLATER prune # :0 Hw # * ^DEBUGtestingXX:file=procmailrc:debug=before_private_keep # | $RCVSTORE +test # :0 Hw # * ^DEBUGtestingXX:file=procmailrc:debug=after_private_keep # | $RCVSTORE +test INCLUDERC = $HOME/.procmailrc_private_dump_after # Wasters # After .procmailrc_lists, for people who may be OK # in public on lists, but not in private. # See also .procmailrc_private_dump_before INCLUDERC = $HOME/.procmailrc_web_form # Ski Bookings # Before .procmailrc_phrases_inc # to catch spam from robots dumped into ski comment box. INCLUDERC = $HOME/.procmailrc_people_inc # Private file. AUtomaticaly Built by ~/public_html/dots/Makefile PEOPLE_INC # Built from .procmailrc_people_src # # ~/public_html/dots/Makefile PEOPLE_SRC # White list to accept. INCLUDERC = $HOME/.procmailrc_owner_dump # Bounces of masqueraded spam # To postmaster & lists & domo owner. # :0 Hw # ( # * ^DEBUGtestingXX:file=procmailrc:debug=before_phrases_inc # | $RCVSTORE +test # As .procmailrc_phrases_inc is a generated file # & cannot be checked with brackets.c, # Debugs are here before & after to help chase errrors # in ~/.mail.procmail.log , eg: "Missing closing brace" # ) # Calendar { :0 wH * ^From: ("Reminder Service" <(jhs|mk|jhsmk|mkjhs|ak)@|(jhs|mk|jhsmk|mkjhs|ak)@.+ \(Reminder Service\)) # 9.2 & 12.3-RELEASE From: "Reminder Service" # 6.4-RELEASE From: jhs@berklix . com (Reminder Service) * ^Subject: (Monday|Tuesday|Wednesday|Thursday|Friday|Saturday|Sunday)(|, [0-9](|[0-9]) (January|February|March|April|May|June|July|August|September|October|November|December) 20[0-9][0-9])\'s Calendar # 9.2 & 12.3-RELEASE Subject: Friday, 29 July 2022's Calendar # 6.4-RELEASE Subject: Friday's Calendar | $RCVSTORE +$INBOX_KNOWN :0 wH # Old may be obsolete * From: (jhs|mk|jhsmk|mkjhs|ak)@berklix.com \(Cron Daemon\) * ^Subject: Cron <(jhs|mk|jhsmk|mkjhs|ak)@[a-z][a-z][a-z][a-z]> calendar | $RCVSTORE +$INBOX_KNOWN :0 wH * ^From: Cron Daemon <(jhs|mk|jhsmk|mkjhs|ak)@|(jhs|mk|jhsmk|mkjhs|ak)@berklix.com> * ^To: (jhs|mk|jhsmk|mkjhs|ak)@|(jhs|mk|jhsmk|mkjhs|ak)@berklix.com * ^Subject: Cron <(jhs|mk|jhsmk|mkjhs|ak)@|(jhs|mk|jhsmk|mkjhs|ak)@(dell|lapr|fire)> calendar | $RCVSTORE +$INBOX_KNOWN # } INCLUDERC = $HOME/.procmailrc_phrases_inc # ~/public_html/dots/Makefile PHRASES_INC # Many Specific single line spam phrases & domains, # If we''re just discarding unread: # Early as possible, as # other rules might save junk thinking errors to analyse # when its just later results of masquerading spammers. # If we''re saving spam to browse through: # ( because we''re paranoid we might lose something # or want a harvest of spam to train a new filter with) # then Late as possible as: # Much machine time consumed with so many rules, # so let simpler rules first try to discard or file. # :0 Hw # ( # * ^DEBUGtestingXX:file=procmailrc:debug=after_phrases_inc # | $RCVSTORE +test # ) INCLUDERC = $HOME/.procmailrc_errors # Mail system errors, # .procmailrc_errors used to be After .procmailrc_phrases_inc # as domains were masqueraded by spammers with subsequent # bounces. However, with log files of 2 Meg, scanning each # log for all spam phrases is very CPU wasteful, especially # if a remote host was off for a fortnight then re-enabled, # & a flood of logs inbound log error soaks my X display PC # CPU for a day. # 2020-07-12 I again moved .procmailrc_errors # after .procmailrc_phrases_inc # .procmailrc_phrases_src # ~/public_html/dots/Makefile PHRASES_SRC makes PHRASES_SHRUNK # vi -c/.procmailrc_phrases_shrunk \ # ~/mail/Makefile \ # ~/public_html/bin/.sh/grepspam \ # ~/public_html/dots/.procmailrc \ # ~/public_html/dots/Makefile # PHRASES_SHRUNK makes PHRASES_INC INCLUDERC = $HOME/.procmailrc_multi # Multi Line Combination Spam # After .procmailrc_phrases_inc INCLUDERC = $HOME/.procmailrc_fonts # Foreign spam, with fonts. # This used to precede .procmailrc_phrases_inc # but that meant I kep getting polish spam to analyse, # even though I had already added lots of polish spam phrases # to .procmailrc_phrases_inc, # so 2018-04-30 I moved this after .procmailrc_phrases_inc :0 Bw # See Also /home/jhs/bin/.sh/sedc2a0 # Occasionally spam is received where exmh display inter word spaces normaly, # but vi shows each space as string of 2 bytes # " " # of hex value C2 A0, # so vi display as 2 x 4 chars : # "\xc2\xa0" # man ascii shows if high bit is dropped, C2 A0 becomes 42 20 = "B " # Assume if a line contains more than 5, its spam. # Caution: If some ascii tools like tab notail notrail are used to clean # this .procmailrc they might accidentally strip the high bits, # leaving a rule that will match all mail ! * [a-z]+ [a-z]+ [a-z]+ [a-z]+ [a-z]+  | $RCVSTORE +spam/spaces_Xc2Xa0 :0 Hw # Trap bulky pictures & power point, etc # After: .procmailrc_people_inc # Till 2013_12_30 Before: .procmailrc_phrases_inc # Purpose: # To avoid later degrading machine performance running # thousands of checks for spam phrases sequentialy, # possibly on numerous emails in parallel, if someone has # singly sent numerous mails each with one picture. # We cannot rely on all incoming bulk from friends having # already been filtered by .procmailrc_people_inc as: # - Friends may send from a new address not yet listed # - Spammers may also send bulk junk. # 2013_12_30 Now After .procmailrc_phrases_inc # As again I''m being annoyed by lots of spam with smallish # pictures, so I''ve switched preference to again lose cpu # cycles scanning pictures for spam phrases, but at least I # will not see the spam. # Idea to look for or ask for or write: # An enhancement to procmail to skip phrase scanning # inside image attachments ? # Note there is also code pre-existing, that also handles image/ in: # .procmailrc_owner_dump # .procmailrc_owner_keep * ^MIME-Version: * ^Content-Type: multipart * boundary= # Content-Type: multipart/related; # boundary="----_=_NextPart_001_01CC2C08.C16BB4F5"; # type="multipart/alternative" # Content-Type: multipart/mixed; # boundary="----_=_NextPart_001_01CC2B34.653E6803" # 2014_04_10 I changed from storing mail before, to now demiming it, # so no longer can crap logos from companies I dont know, # achieve a by-pass, now their text, which may have been HTML etc # crap, gets demimed, giving a 2nd chance for it to # be detected & rejected by $HOME/.procmailrc_phrases_inc { :0 Bw # * ^This is a multi-part message in MIME format. # Above was in from liselotte # But from pamela''s { X-Mailer: YahooMailClassic/14.0.1 # YahooMailWebService/0.8.111.303096 } # However now friends get white listed before this. * ^Content-Transfer-Encoding: base64 { :0 Bw # from @gmail.com: filename="20170211_150906.jpg" * (|file)name=\".+\.jp(|e)g\" { :0 Bw * ^Content\-Type: image/jp(|e)g; { :0 H # JJLATER no_mime_strip should go in # a private file. * !^Subject: no_mime_strip # Any normal spammer or non white listed person # gets stripped, & If I really want # the jpg attachment I must manually # recover it from ~/mail/.backup/original * !^X-Berklix: header_add | $ZZZ_HEADER_ADD .procmailrc 738 | \ $NOMIME_FORCE | $ZZZ_MY_SENDMAIL_PROCESS # 2nd time round, it will now have a header of ^X-Berklix: # so case above will fail, & case below will catch it :0 # If it is me sending myself mime attachements # eg from webmail while testing, then I must # set no_mime_strip to preserve the attachment. | $RCVSTORE +$INBOX_D/image/jpg } :0 Bw * ^Content\-Disposition: inline; { :0 H * !^Subject: no_mime_strip * !^X-Berklix: header_add | $ZZZ_HEADER_ADD .procmailrc 759 | \ $NOMIME_FORCE | $ZZZ_MY_SENDMAIL_PROCESS :0 | $RCVSTORE +$INBOX_D/image/jpg } } :0 Bw * ^Content-Type: application/vnd.ms-powerpoint; * name=".+\.pps" { :0 H * !^Subject: no_mime_strip * !^X-Berklix: header_add | $ZZZ_HEADER_ADD .procmailrc 775 | \ $NOMIME_FORCE | $ZZZ_MY_SENDMAIL_PROCESS : 0 | $RCVSTORE +$INBOX_D/image/pps } :0 Bw # Content-Description: =?iso-8859-2?Q?IDEALNA_=AEENSKA=2Ewmv?= * ^Content-Type: video/x-ms-wmv; # name="=?iso-8859-2?Q?IDEALNA_=AEENSKA=2Ewmv?=" # See above, name may be quoted printable so would not match: # name=\".+\.wmv\" { :0 H * !^Subject: no_mime_strip * !^X-Berklix: header_add | $ZZZ_HEADER_ADD .procmailrc 793 | \ $NOMIME_FORCE | $ZZZ_MY_SENDMAIL_PROCESS :0 | $RCVSTORE +$INBOX_D/image/wmv } :0 Bw * ^Content-Type: application/pdf; # | $RCVSTORE +$INBOX_D/image/pdf { :0 Hw * !^X-Berklix: header_add | $ZZZ_HEADER_ADD .procmailrc 807 | \ $NOMIME_FORCE | $ZZZ_MY_SENDMAIL_PROCESS :0 Hw | $RCVSTORE +$INBOX_D/image/pdf } :0 Bw * name=\".+\.pdf\" { :0 H * !^Subject: no_mime_strip * !^X-Berklix: header_add | $ZZZ_HEADER_ADD .procmailrc 821 | \ $NOMIME_FORCE | $ZZZ_MY_SENDMAIL_PROCESS :0 | $RCVSTORE +$INBOX_D/image/pdf } :0 Bw * ^Content-Disposition: attachment; * filename=\".+\.pps\" { :0 H * !^Subject: no_mime_strip * !^X-Berklix: header_add | $ZZZ_HEADER_ADD .procmailrc 836 | \ $NOMIME_FORCE | $ZZZ_MY_SENDMAIL_PROCESS :0 | $RCVSTORE +$INBOX_D/image/pps } # Do not catch any more default with eg # :0 Bw # | $RCVSTORE +$INBOX_D/image/other # as it would also catch spam such as: # Content-Transfer-Encoding: base64 # Content-Disposition: attachment; # filename="Business Proposal.html" } } INCLUDERC = $HOME/.procmailrc_private_self # ~/public_html/dots/Makefile PROCM # Self archived copies. # After spam filtering as spammers masquerade as me sending to me. # However, when I send myself large test mails with enclosures, # procmail runs for hours on all the spam phrases, so to avoid that # remember to send mail with the secret # string in $HOME/.procmailrc_private_divert INCLUDERC = $HOME/.procmailrc_3d # nearly all spam. After .procmailrc_phrases_inc. # .procmailrc_domains2block_src: # ref''d by ~/public_html/dots/Makefile & # bin/.sh/grepspam but not but by .procmailrc INCLUDERC = $HOME/.procmailrc_last # This ~/.procmailrc was split at this point, because when # debugging, making my own ~/.procmailrc_debug with `cd ~/mail # ; make debug` I want to include all the macro definitions # above, then all the files refered to above, before I finaly # include the filters now in .procmailrc_last that used to # be appended below this point. # SAMPLE IDEA NOT YET USED # Date: Mon, 1 Jun 2015 06:35:38 -0500 (CDT) # From: shanew@@@shanew.net # X-X-Sender: shanew@@@asimov # To: "@lbutlr" # Subject: Re: Time-based filtering in Procmail # List-Id: discussion of the procmail program # # I''m no procmail expert, so others may have way better solutions, but # here''s snippets of something I wrote so that my work mail will forward # to an account that I actually get on my phone, but only on weekends # and only when I''m likely to be awake. An ugly regexp for sure, but it # gets the job done without any outside processing. Oh, and those blank # areas are a "space + tab", not just a bunch of spaces. # --------------------------------------------------------------------- # # DATE_BIN is defined in top-level .procmailrc and points to date binary # WEEKDAYHOUR = `$DATE_BIN +%u:%H` # # Don''t do anything unless it''s a weekend # :0 # #* ^From [^ ]+[ ]+(Sat|Sun) ... .. ([0][89]|1[0-9]|20):[0-5][0-9]:[0-5][0-9]* WEEKDAYHOUR ?? [67]:(0[89]|1[0-9]|20) # { # :0 # Some other check # and some action # } # -------------------------------------------------------------- # Hope that helps. # On Fri, 29 May 2015, @lbutlr wrote: # > Wondering if anyone has done anything with procmail # and time based filtering. # > For example, doing something different if a message # arrive between midnight and 6am. # > It’s just some regex and the top Received # line, but I’d rather not duplicate work. # > # > Anyone?