-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, May 03, 2004 at 08:30:30PM -0500, Kyle Hasselbacher wrote:
>>Some auto-responders leave absolutely no indication whatsoever that
>>they are machine generated messages (i.e, Microsoft), and so TMDA has
>>no way to detect and trap these.
>
>Those are the ones I'm trying to detect. I'll muddle along with my own
>analysis. Maybe I should write something to look at this stuff for me...
Well, I looked through a bunch of mails, and I came up with some patterns
that I've been using for a few days. Since putting them in, they've
matched 318 messages, and I've challenged about 500 others.
These are edited for readability, not utility. These patterns are used in
procmail rules like this:
:0fw
* ^Return-Path: <(bounce|confirm)[EMAIL PROTECTED]
| formail -a "X-Local-TMDA-Advice: hold"
Then at the very end of my incoming filter, I have:
headers 'X-Local-TMDA-Advice: hold' hold
I did it this way so that these messages still had a crack at my whitelist
before getting discarded. Note also that the patterns are not applied to
messages that are to tagged addresses (which I expect to pass through
TMDA).
It wouldn't be too hard to put a reason in the 'formail' invocation. If
you had a rule description after the 'hold', it would still be matched by
TMDA, and it would get logged when TMDA processed it. I haven't done that
myself.
^(Reply-To|Return-Path): <?no(reply|response|body|loop)@
^From: (.* )?<?no(reply|response|body|loop)@
^(Reply-To|Return-Path): <?(errors|dev-null|null|spamblocker|sms|viruswall)@
^From: (.* )?<?(spam_notifier|wl2k_spamscreen|mailsweeper|null|
spamblocker|mailerdaemon)@
^Return-Path: <(bounce|confirm)[EMAIL PROTECTED]
^User-Agent: Vacation/
^X-Auto(generated|respond):
^Subject: (Mail )?Delivery( Message)? \((failure )?[^ [EMAIL PROTECTED])$
^Subject: (Failed|Error|Failure) \([^ [EMAIL PROTECTED])$
^Subject: .*( is out of the office\.?|
\(Auto Response\)| requests that you verify your email identity)$
^Subject: (<AUTO> \{MSEMEA\#[0-9]+-[0-9]+\}|This is an autoreply\.\.\.|
WinAntiSPAM Confirmation |Autoreply to |\[Auto-Reply\]|
Out of Office AutoReply:|Majordomo results: )
^Subject: (Mail Delivery Status Notification|
The results of your email commands|
Out of office\. AutoReply|Automated Response|
Auto Response Message|Undelivered Mail Returned to Sender|
Mail could not be delivered|Message rejected|Out of office|
Automatic response to your mail|
Auto Reply to your message( \.\.\.)?)$
I do not necessarily recommend these patterns to everyone (especially the
ones that feature my domain!), but they seem to be working for me.
Suggestions on improvements are welcome.
- --
Kyle Hasselbacher | This .signature has six A's, two B's, three D's, five I's,
[EMAIL PROTECTED] | seventeen S's, three W's, two X's, and some other letters.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAomi810sofiqUxIQRAmfqAKCr9BXGx1QxlbjDL/XWfSs2feGZ7ACg9Lax
qJTFXR/fy9f6yuSFnIB5mWQ=
=vuox
-----END PGP SIGNATURE-----
_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users
