[Précédent (date)] [Suivant (date)] [Précédent (sujet)] [Suivant (sujet)] [Index par date] [Index par sujet]
[Fwd: [Mandrake] Postfix - Spamassassin - procmailrc]
- To: Quebec-Linux <>
- Subject: [Fwd: [Mandrake] Postfix - Spamassassin - procmailrc]
- From: korofina <>
- Date: 05 Nov 2003 18:54:37 +0100
- Organization: Station
Sorry, j'ai oublié de mettre les fichiers en question !
koro,
-----Message suivi-----
> From: korofina <[email protected]>
> To: Quebec-Linux <[email protected]>
> Subject: [Mandrake] Postfix - Spamassassin - procmailrc
> Date: 05 Nov 2003 18:50:48 +0100
>
> Bonjour la liste,
>
>
> Spamssassassin avec qq modifications fonctionne 'presque bien'; je
> m'explique, malgré les règles qui renvoient les spams
> dans /tmp/spam, et les filtres dans /tmp/trash (le tout définit dans
> procmailrc)...les spams m'arrivent quand même dans ma mailbox sous forme
> de rapport (preuve qu'ils sont bien interceptés par Spamssassassin, mais
> qu'ils ne sont pas redirigés dans /tmp/spam....).
>
> J'aurais bien besoin d'un petit conseil pour solutionner
> cela, je ne comprends pas pourquoi les redirections ne se font pas ???
> De plus depuis que Spamssassassin tourne les autres règles définies dans
> procmailrc ne fonctionne plus, tout ce passe comme si ces règles étaient
> gérées par Spamssassassin ???
>
>
> Pour les curieux, je te joins procmailrr et
> /etc/mail/spamassassin/local.cf
> pour information.
>
> Merci de votre aide,
>
> koro
>
>
> Exemple de ce que je trouve dans ma mailbox = des trucs du genre
>
> [....]
> Sujet: I keep it around now
> Date: Thu, 30 Oct 03 10:11:03 GMT
> X-Mailer: Microsoft Outlook Express
> 6.00.2600.0000
> MIME-Version: 1.0
> Content-Type: text/plain
> X-Priority: 3
> X-MSMail-Priority: Normal
> Lines: 114
> X-Spam-Prev-Content-Type:
> multipart/alternative;
> boundary="7A6_D174E..F1C.A1A3B684"
> X-Spam-Status: Yes, hits=9.6
> required=5.0
> tests=ACT_NOW,BIG_FONT,DATE_IN_PAST_03_06,FORGED_YAHOO_RCVD,
> GAPPY_TEXT,HTML_50_70,HTML_FONT_COLOR_BLUE,
> HTML_FONT_COLOR_CYAN,HTML_FONT_COLOR_NAME,
> HTML_FONT_COLOR_RED,HTML_FONT_COLOR_UNKNOWN,
> HTML_WITH_BGCOLOR,MISSING_MIMEOLE,ONLINE_PHARMACY,
> PENIS_ENLARGE2,SPAM_PHRASE_03_05,USER_AGENT_OE version=2.44
> X-Spam-Flag: YES
> X-Spam-Level: *********
> X-Spam-Checker-Version:
> SpamAssassin 2.44
> (1.115.2.24-2003-01-30-exp)
> Status:
> X-Evolution-Source:
> pop://[email protected]
>
> SPAM: -------------------- Start SpamAssassin results
> ----------------------
> SPAM: This mail is probably spam. The original message has been altered
> SPAM: so you can recognise or block similar unwanted mail in future.
> SPAM: See http://spamassassin.org/tag/ for more details.
> SPAM:
> SPAM: Content analysis details: (9.60 hits, 5 required)
> SPAM: USER_AGENT_OE (0.2 points) X-Mailer header indicates a
> non-spam MUA (Outlook Express)
> SPAM: PENIS_ENLARGE2 (2.1 points) BODY: Information on getting a
> larger penis or breasts (2)
> SPAM: ONLINE_PHARMACY (1.2 points) BODY: Online Pharmacy
> SPAM: ACT_NOW (0.3 points) BODY: Act Now! Don't Hesitate!
> SPAM: GAPPY_TEXT (0.0 points) BODY: Contains
> 'G.a.p.p.y-T.e.x.t'
> SPAM: SPAM_PHRASE_03_05 (1.1 points) BODY: Spam phrases score is 03 to
> 05 (medium)
> [.......]
>
> SPAM: -------------------- Start SpamAssassin results
> ----------------------
> SPAM: This mail is probably spam. The original message has been altered
> SPAM: so you can recognise or block similar unwanted mail in future.
> SPAM: See http://spamassassin.org/tag/ for more details.
> SPAM:
> SPAM: Content analysis details: (10.30 hits, 5 required)
> SPAM: USER_AGENT_OE (0.2 points) X-Mailer header indicates a
> non-spam MUA (Outlook Express)
> SPAM: PENIS_ENLARGE2 (2.1 points) BODY: Information on getting a
> larger penis or breasts (2)
> SPAM: ONLINE_PHARMACY (1.2 points) BODY: Online Pharmacy
> SPAM: ACT_NOW (0.3 points) BODY: Act Now! Don't Hesitate!
> SPAM: GAPPY_TEXT (0.0 points) BODY: Contains
> 'G.a.p.p.y-T.e.x.t'
> SPAM: SPAM_PHRASE_03_05 (1.1 points) BODY: Spam phrases score is 03 to
> 05 (medium)
> SPAM: [score: 4]
> SPAM: HTML_FONT_COLOR_UNKNOWN (0.4 points) BODY: HTML font color is
> unknown to us
> SPAM: HTML_FONT_COLOR_CYAN (0.4 points) BODY: HTML font color is cyan
> SPAM: BIG_FONT (0.3 points) BODY: FONT Size +2 and up or 3
> and up
> SPAM: HTML_FONT_COLOR_NAME (0.3 points) BODY: HTML font color has
> unusual name
> SPAM: HTML_WITH_BGCOLOR (0.3 points) BODY: HTML mail with non-white
> background
> SPAM: HTML_FONT_COLOR_RED (0.3 points) BODY: HTML font color is red
> SPAM: HTML_50_70 (0.3 points) BODY: Message is 50-70% HTML tags
> SPAM: HTML_FONT_COLOR_BLUE (0.2 points) BODY: HTML font color is blue
> SPAM: MIME_HTML_NO_CHARSET (0.7 points) RAW: Message text in HTML
> without specified charset
> SPAM: FORGED_YAHOO_RCVD (1.4 points) 'From' yahoo.com does not match
> 'Received' headers
> SPAM: DATE_IN_PAST_03_06 (0.3 points) Date: is 3 to 6 hours before
> Received: date
> SPAM: MISSING_MIMEOLE (0.5 points) Message has X-MSMail-Priority,
> but no X-MimeOLE
> SPAM:
> SPAM: -------------------- End of SpamAssassin results
> ---------------------
> --
> --
> --
--
# SpamAssassin config file for version 2.5x
# generated by http://www.yrex.com/spam/spamconfig.php (version 1.01)
# How many hits before a message is considered spam.
required_hits 5.0
# Whether to change the subject of suspected spam
rewrite_subject 0
# Text to prepend to subject if rewrite_subject is used
subject_tag *****SPAM*****
# Encapsulate spam in an attachment
report_safe 1
# Use terse version of the spam report
use_terse_report 0
# Enable the Bayes system
use_bayes 1
# Enable Bayes auto-learning
auto_learn 1
# Enable or disable network checks
skip_rbl_checks 0
use_razor2 1
use_dcc 1
use_pyzor 1
# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - english french
ok_languages en fr
# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
ok_locales en
# /etc/procmailrc
# Le 26 octobre 2003 - Jean-François
# Fichier de configuration de Procmail, un programme qui trie les mails
# DEBUT des paramètres de configuration
#**************************************************************************
# Je ne veux pas trop de messages dans les logs
VERBOSE=yes
# Répertoire contenant les mailboxes
MAILDIR=$HOME/mail
# Fichier de log de procmail
LOGFILE=$HOME/.procmail.log
# FIN des paramètres de configuration
# Rajoute un header contenant le nombre de lignes à tous les mails
:0bw
LINES=|wc -l | tr -d " "
:0fhw
|formail -a "Lines: $LINES"
# Procmail lit les règles dans l'ordre, et dès qu'une règle est validée,
# le mail est déplaçé dans la mailbox adéquate.
# On commence par aiguiller les mails des mailing-lists qui ne contiennent
# pas de spam
#*************************************************************************
# DEBUT des mailing-lists SANS SPAM
# Mailing-list "Teper" que je trie avec la destination (Champ To ou Cc)
#:0
#* ^TOteperB13-2.03@*
#/tmp/teper/
# Mailing-list "vls-devel" que je trie avec le champ "X-list"
#:0
#* ^X-list: vls-devel
#vls-devel/
# Mailing-list "linux-dvb" que je trie avec le Champ "Subject"
#:0
#* ^Subject: [linux-dvb]
#linux-dvb/
# FIN des mailing-lists SANS SPAM
#***********************************************************************
# Utilisation de SPAMASSASSIN, qui rajoute un header X-Spam-Status:
#( si on utilise la combinaison spamc/spamd)
# The condition line ensures that only messages smaller than 250 kB
# (250 * 1024 = 256000 bytes) are processed by SpamAssassin. Most spam
# isn't bigger than a few k and working with big messages can bring
# SpamAssassin to its knees.
DROPPRIVS=yes
:0fw
* < 256000
| spamassassin
# Mails with a score of 15 or higher are almost certainly spam (with 0.05%
# false positives according to rules/STATISTICS.txt). Let's put them in a
# different mbox. (This one is optional.)
:0:
* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*
/tmp/spam
#almost-certainly-spam
# All mail tagged as spam (eg. with a score higher than the set threshold)
# is moved to "probably-spam".
:0:
* ^X-Spam-Status: Yes
/tmp/spam
# Work around procmail bug: any output on stderr will cause the "F" in "From"
# to be dropped. This will re-add it.
:0 H
* ! ^From[ ]
* ^rom[ ]
{
LOG="*** Dropped F off From_ header! Fixing up. "
:0 fhw
| sed -e 's/^rom /From /'
}
:0fw
| spamassassin
:0e
{
EXITCODE=$?
}
# Les mails considérés par spamassassin comme étant du spam vont dans
# la mailbox "spam"
:0:
* ^X-Spam-Status: Yes
/tmp/spam
# DEBUT des mailing-lists AVEC SPAM
# Mailing-list "ml-ac-spam" que je trie avec le champ "X-list"
#:0
#* ^X-list: ml-ac-spam
#/tmp/trash
#ml-ac-spam/
# FIN des mailing-lists AVEC SPAMASSASSIN
#*************************************************************************
# Tout ce qui n'a pas été trié jusqu'ici va dans la mailbox principale "inbox"
#:0
#inbox/
#***********************************************************************
#Filtres sur sujet, destination, corps
:0
* ^Subject:.*WARNING.*
/tmp/trash
:0
* ^Subject:.*increase.*
/tmp/trash
:0
* ^Subject:.*penis.*
/tmp/trash
:0
* ^Subject:.*(LUCKY|lucky|Lucky).*
/tmp/trash
:0
* ^Subject:.*(WINNER|winner|Winner).*
/tmp/trash
:0
* ^Subject:.*(Need|NEED|need).*
/tmp/trash
:0
* ^Subject:.*(CONTACT|Contact|contact).*
/tmp/trash
:0
* ^Subject:.*(ASAP|Asap|asap).*
/tmp/trash
:0
* ^Subject:.*(REQUEST|Request|request).*
/tmp/trash
:0
* ^Subject:.*(PLEASE|Please|please).*
/tmp/trash
:0
* ^Subject:.*(BUSINESS|Business|business).*
/tmp/trash
:0
* ^Subject:.*(SEX|Sex|sex).*
/tmp/trash
:0
* ^Subject:.*(COCK|Cock|cock).*
/tmp/trash
:0
* ^Subject:.*(Erection|ERECTION|erection|MASSIVE|massive|Massive).*
/tmp/trash
:0
* ^Subject:.*(PROPOSAL|Proposal|proposal).*
/tmp/trash
:0
* ^Subject:.*(REFINANCE|Refinance|refinance).*
/tmp/trash
:0
* ^Subject:.*(CASINO|casino|Casino).*
/tmp/trash
:0
* ^Subject:.*(THIN|Thin|thin).*
/tmp/trash
:0
* ^Subject:.*(EAT|Eat|eat).*
/tmp/trash
:0
* ^Subject:.*(MONEY|Money|money).*
/tmp/trash
:0
* ^Subject:.*(DIPLOMA|Diploma|diploma).*
/tmp/trash
:0
* ^Subject:.*(ORDER|Order|order).*
/tmp/trash
:0
* ^Subject:.*(DIPLOMA|Diploma|diploma).*
/tmp/trash
:0 B
* (\ Dear\ |\ DEAR\ |\ dear\ )
/tmp/trash
:0 B
* (\ Sir\ |\ SIR\ |\ sir\ )
/tmp/trash
:0 B
* (\ FRIEND\ |\ Friend\ |\ friend\ )
/tmp/trash
:0 B
* (\ pheromones\ |\ PHEROMONES\ |\ Pheronones\ )
/tmp/trash
:0 B
* (\ trust\ |\ TRUST\ |\ Trust\ )
/tmp/trash
:0 B
* (\ money\ |\ MONEY\ |\ Money\ )
/tmp/trash
:0 B
* (\ SEX\ |\ Sex\ |\sex \ )
/tmp/trash
:0 B
* (\ ATTRACTING\ |\ Attracting\ |\attracting\ )
/tmp/trash
:0 B
* (\ NIGERIA\ |\ Nigeria\ |\ nigeria\ )
/tmp/trash
:0 B
* (\ LAGOS\ |\ Lagos\ |\ lagos\ )
/tmp/trash
:0 B
* (\ NIGERIA\ |\ Nigeria\ |\ nigeria\ )
/tmp/trash
:0 B
* (\ LOOK\ |\ Look\ |\ look\ )
/tmp/trash
:0 B
* (\ YOUNGER\ |\ Younger\ |\ younger\ )
/tmp/trash
:0 B
* (\ MALE\ |\ Male\ |\male\ |\ ENLARGEMENT\ |\ Enlargement\ |\ enlargement\ )
/tmp/trash
:0 B
* (\ INCHES\ |\ Inches\ |\ inches\ )
/tmp/trash
:0 B
* (\ AWARD\ |\ Award\ |\ award\ )
/tmp/trash
:0 B
* (\ HEALTH\ |\ Health\ |\ health\ )
/tmp/trash
:0 B
* (\ INSURANCE\ |\ Insurance\ |\ Insurance\ )
/tmp/trash
:0 B
* (\ DIPLOMAS\ |\ Diplomas\ |\ diplomas\ |\ DIPLOMA\ |\ Diploma\ |\ diploma\ )
/tmp/trash
:0 B
* (\ PENIS\ |\ Penis\ |\ penis\ |\ PEN1S\ |\ Pen1s\ |\ pen1s\ )
/tmp/trash
:0 B
* (\ FUND\ |\ Fund\ |\ fund\ |\ TRANSFER\ |\ Transfer\ |\ transfer\ )
/tmp/trash
:0 B
* (\ WIN\ |\ Win\ |\ win\ )
/tmp/trash
:0 B
* (\ MEDICAL\ |\ Medical\ |\ medical\ )
/tmp/trash
:0 B
* (\ PILLS\ |\ Pills\ |\ pills\ )
/tmp/trash
:0 B
* (\ DEBT\ |\ Debt\ |\ debt\ )
/tmp/trash
:0 B
* (\ US$\ |\ us$\ |\ Us$\ |\ USD\ |\ Usd\ |\ usd\ |\ DOLLAR\ |\Dollar\ |\ dollar\ )
/tmp/trash
:0 B
.*(US$|Us$|USD|Usd|usd|DOLLAR|Dollar|dollar).*
/tmp/trash
:0
* ^From:.*(bigfoot.com|toto.org|verisign.com|cn.tom.com|financemins.com|starmedia.com|123.com|mail15.com|maconventioncollective.com|ecardica.net)
/tmp/trash
# FIN du tri des mails
#*************************************************************************