On Tue, Sep 23, 2003 at 09:18:48PM -0500, John Hasler wrote: > Wayne writes: > > I guess you could use fetchmail to weed them out but I found that > > spending time on the DENY rules in mailfilter was better spent. > > Fetchmail can be used alone to delete oversize mails on the server. I do > so because I am too lazy to get mailfilter up on Woody.
I've just found getting mailfilter up on woody to be a suitable means of passing the time while microwaving pizzas. It's dead easy: 1) apt-get install mailfilter - it only depends on libc, libstdc++ and debconf, so no baddies there. :-) 2) modify ~/.fetchmailrc with the 'preconnect "mailfilter"' line, which goes in a slightly non-obvious place, as in my example (attached); only one 'preconnect' line is needed to check multiple mailboxes, as mailfilter gets the info on which boxes to check from its own .rc, not from fetchmail. 3) modify my attached ~/.mailfilterrc with your POP3 username and password details. The DENY rules to filter out viral crap are translated from posts by Greg Lehey and David Lloyd on the LinuxSA list. The ALLOW lines are to cope with the possibility of list traffic arriving with large log files attached which would otherwise be knocked out by the MAXSIZE limit. You must have the log file. You can add a line 'TEST=yes' to run in 'dummy' mode without actually deleting everything. The DENY and ALLOW lines must not contain line breaks. The one thing mailfilter does seem to lack is an option to filter based on the output of some external program, so you could link it with some Bayesian engine to avoid manually tweaking the rules. -- Pigeon Be kind to pigeons Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F
# Configuration created Fri Nov 29 01:13:30 2002 by fetchmailconf
set postmaster "postmaster"
poll pop3.ukonline.co.uk with proto POP3
user "jah.pigeon" there with password "something" is [EMAIL PROTECTED] here
preconnect "mailfilter"
poll pop3.ukonline.co.uk with proto POP3
user "my.other.user" there with password "somethingelse" is [EMAIL PROTECTED]
here
LOGFILE=/home/pigeon/mailfilter.log SHOW_HEADERS=yes SERVER=pop3.ukonline.co.uk USER=jah.pigeon PASS=something PROTOCOL=pop3 PORT=110 SERVER=pop3.ukonline.co.uk USER=my.other.user PASS=somethingelse PROTOCOL=pop3 PORT=110 REG_CASE=yes REG_TYPE=extended MAXSIZE_DENY=50000 NORMAL=yes DENY=^Content-(Type|Disposition):.*(file)?name=.*\.(asd|bat|chm|cmd|com|dll|exe|hlp|hta|js|jse|lnk|ocx|pif|scr|shb|shm|shs|vb|vbe|vbs|vbx|vxd|wav|wsf|wsh) DENY=^(Subject|SUBJECT):.*(Latest Net Critical Update|Bug Message|Abort Letter|abort notice|Failure Message) DENY=^(From|FROM):.*(Microsoft|MS Email Delivery System|Inet Email|Internet Message|Inet Mail Service|MS Internet|Net Delivery Service|MS Mail System|internet email delivery|MS Network Delivery|ms network system|MS Security Services|Inet Mail Storage System) ALLOW=^From:[EMAIL PROTECTED] ALLOW=^From:[EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
