Thomas Cameron wrote: > :0: > * ^X-Spam-Level:.*\*\*\*\*\*\*\*\*\*\* > /dev/null > > I believe that would match 10 asterisks or more, and redirect the > e-mail to /dev/null. Am I right?
Mostly all okay. However I don't like the ".*" in the front of it. That isn't likely to cause trouble but it is possible that it could on a crafted email message with a lot of garbage cause trouble. And it isn't needed. We know there will always be one space there. So no need for the ".*" there. With /dev/null you don't need the trailing ":" in the ":0:" designating a lockfile. I think procmail special cases /dev/null to avoid the lock file in that case anyway. But just the same I wouldn't put the trailing colon lockfile for /dev/null. Also it is safer to store to a mail folder at least long enough to test your recipe. So just as a general paranoia instead of /dev/null I would at least start with a mail folder and then only after I have convinced myself that it is good to go only then convert it to a real /dev/null. I like maildir folders so will normally use "folder/" to have procmail create a maildir folder format. And maildir folders never need a lockfile. But use what you like. :0 * ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\* devnull/ Since procmail uses Extended Regular Expressions there is one more optimization I would make. I wouldn't list out every star. It gets hard to count. Is there ten there? Or nine? Or eleven? Quick, without counting, how many? See that is hard. But you can use the normal extended regular expression syntax to simply list the number. :0 * ^X-Spam-Level: \*{10} devnull/ That makes the counting quick and easy. For me I don't tend to /dev/null things immediately. I tend to always keep at least a queue of them around so that I can look at them. With maildir format each message is an individual file. Meaning that it is easy to delete them by age from the devnull/* directories. I would keep something like this around for whatever you feel is reasonable. I would probably say ten days. That way if I need to go looking for a potentially very spammy message I could still find it within the time window. I would run this daily from cron. find $HOME/Mail/devnull -type f -mtime +10 -delete HTH, Bob