[rt-users] Procmail???/
J.D. Falk
jdfalk at mail-abuse.org
Wed Mar 21 16:01:54 EST 2001
On 03/19/01, Split infinity Tech Support <jason at splitinfinity.net> wrote:
> I will readily admit that I have not researched this at all yet so if it's
> covered in an FAQ, just point me there please :-)
>
> I want to set up some procmail recipes to filter out spam and viruses from
> my RT queus, has anyone done this before and if so do you have any
> pointers?
Yep, I'm using procmail extensively. Here's how I'm doing it
(Jesse, feel free to add this to contrib if you want.)
In the sendmail aliases file (note that you may need to place
the | inside the quotes, depending on your configuration):
queuename: | "/usr/local/bin/procmail -a queuename -d rt"
Procmail's -a flag lets us specify the contents of the $1
variable; -d lets you specify the user procmail will become
before attempting delivery.
Then, in ~rt/.procmailrc we have a bunch of log file config
and then the all-important line:
INCLUDERC=/path/to/standard.rc
I suppose I could put it all into RT's .procmailrc, but I
wanted to keep it in a seperate directory for my own sanity.
The standard.rc file archives every message that comes in
using the following recipe:
YRMON=`date +%Y-%m`
MAILDIR="/local/maps/tickets/archive/$1"
QUEUE="$1"
:0 rc
| gzip --to-stdout --fast >> $MAILDIR/$YRMON.gz
Then it does various filtering; if I want a filter to only
apply to one queue, I'd do something like:
:0
* ? test $QUEUE = "queuename"
* ^From:.*example at example.com
{ EXITCODE=69 HOST }
Next, I'll filter through stripmime (though we don't need to
do that for the queues that've been moved to RT2.) I've set
stripmime's $outputprog to "/bin/cat" so that it works as a
filter, and further processing can occur afterwards:
:0 f
* !^From:.*@mail\-abuse\.org
| /local/maps/tickets/bin/stripmime | head -c 50000
The `head` is so that messages are kept to a sane length,
but we don't want to do that before stripmime pulls out any
attachments.
I don't like RT1's autoresponder; quite simply, it's way too
prone to participating in mail loops (RT2 seems better.) So,
we talked Jesse into creating rt-mailgate's extended syntax
somewhere around version 1.0.4, which allows complicated
procmail-based autoresponder recipes such as:
:0
{
# pipe to rt-mailgate & grab ticket ID; we need error handling here
TICKETID=`cat | /local/maps/rt/bin/rt-mailgate --extended-syntax \
--queue $QUEUE --action correspond --ticketid`
# grab the subject
SUBJECT=`head -20 | /usr/local/bin/formail -XSubject:`
# autorespond if appropriate
:0 h
# ever responded on this ticket before? (clear cache periodically)
* !? grep -sq $TICKETID $CACHEDIR/.ticketid.cache
# is there a message file available?
* ? test -r $AREPDIR/$QUEUE
# has the message ever looped through anything before?
* !^X-Loop:
# is it from a daemon or similar?
* !^From.*(daemon|listserv|majordomo|mailman|auto)
# check precedence
* !^Precedence:.*(junk|list|bulk|noreply|bofh)
# is it from us?
* !^X-RT-Loop-Prevention: MAPS
# is it from Alan Brown or tomcat at www.base.com.br?
* !^From.*(alan at manawatu\.gen\.nz|tomcat at www\.base\.com\.br)
| ( /usr/local/bin/formail -rt -I"From: $QUEUE at mail-abuse.org" \
-I"Subject: [MAPS #$TICKETID] ($QUEUE) $SUBJECT" \
-A"X-Request-ID: $TICKETID" \
-A"X-RT-Loop-Prevention: MAPS" \
-I"Precedence: junk" ; \
cat $AREPDIR/$QUEUE ) \
| /usr/sbin/sendmail -oi -t \
&& echo $TICKETID >> $CACHEDIR/.ticketid.cache
# didn't autorespond? dump it.
:0 E
/dev/null
}
And at the end is a recipe that'll send any remaining messages
to me, in case something slipped through the cracks.
--
J.D. Falk "The Internet isn't just a publishing medium or a
Product Manager medium for commerce, it's a social medium."
Mail Abuse Prevention System LLC -- Howard Rheingold
More information about the rt-users
mailing list