Peter Bowyer wrote:
>On Thu, 31 Mar 2005 10:28:37 +0200, fhuet <fhuet@???> wrote:
>
>
>>Is there someone who can validate above ? I found it on internet but it
>>doesn't work ...
>>
>>
>
>What 'doesnt work'? Errors, symptoms, log entries, desired outome vs
>actual outcome.
>
>Peter
>
>
>
>
Well.
Symptoms are following : procmail has been set to put mails with viagra,
sex or other words to /var/spool/mail/quarantaine. So I can do a
mailbombing with those words in the mail subject, I will received them
in my own mailbox.
About the log, here is what I have for procmail.log:
procmail: [16387] Thu Mar 31 05:53:01 2005
procmail: Assigning "SENDMAIL=/usr/sbin/sendmail"
procmail: Executing "/usr/bin/spamc"
procmail: Assigning "EXTLIST=exe|scr|com|bat|js|vbs|pif|dot|dll|shs|vba"
procmail: No match on "^Content-Type:(.|$[
])*name=.*\.(exe|scr|com|bat|js|vbs|pif|dot|dll|shs|vba).*"
procmail: No match on
"^Subject:.*(sex|sale|loan|mortage|viagra|porn|teen|fuck|meds)"
procmail: No match on
"^Subject:.*(v.?[1i.].?[@a].?g.?r.?[@a]|penis|p.e.n.i.s)"
procmail: No match on "^Subject:.*(s.?e.?[xX])"
procmail: No match on "^Subject:.*(O E M software for you)"
procmail: Assigning "PATH=/var/mail/bin:/usr/local/bin:/usr/bin:/bin"
procmail: Locking "/var/mail/mail.lock"
procmail: Assigning "LASTFOLDER=/var/mail/mail"
procmail: Opening "/var/mail/mail"
procmail: Acquiring kernel-lock
procmail: Unlocking "/var/mail/mail.lock"
procmail: Notified comsat: "mail@426303:/var/mail/mail"
From mail@??? Thu Mar 31 05:53:01 2005
Subject: Cron <mail@smtp001> if [ -x /usr/sbin/exim4 -a -f /etc/exim4/exi
Folder:
/var/mail/mail 1231
I can think that procmail is running, but junk are rejected when they go
after to my principal MX, which has the same procmail rules.
Here is my syslog. I have infinite lines like this one:
Mar 31 10:38:01 smtp001 /USR/SBIN/CRON[25842]: (mail) CMD ( if [ -x
/usr/sbin/exim4 -a -f /etc/exim4/exim4
.conf ]; then /usr/sbin/exim4 -q ; fi)
In my exim/mainlog
2005-03-31 10:53:02 1DGez5-0005nD-Fi == root@???
R=procmail T=procmail_pipe defer (-52): R
etry time not yet reached
2005-03-31 10:53:02 1DGdvL-0004ZN-OT == root@???
R=procmail T=procmail_pipe defer (-52): R
etry time not yet reached
My procmail
SHELL=/bin/sh
PATH="/usr/bin:/bin:/usr/local/bin:/usr/sbin:/usr/bin/procmail:/usr/sbin/exim4"
LOGFILE=/var/log/procmail.log
LOGABSTRACT=all
VERBOSE=yes
#SENDMAIL=/usr/sbin/exim4 => I change that because I had an error.
SENDMAIL=/usr/sbin/sendmail
#On renvoie a spamassassin
:0fw
| /usr/bin/spamc
# Pas de pieces jointes. Mais je sauvegarde le mail au cas ou.
EXTLIST="exe|scr|com|bat|js|vbs|pif|dot|dll|shs|vba"
:0 HB:
*$ ^Content-Type:(.|$[ ])*name=.*\.($EXTLIST).*
/var/spool/mail/quarantaine/
# Spam a la poubelle.
:0 HBhb:
* ^Subject:.*(sex|sale|loan|mortage|viagra|porn|teen|fuck|meds)
/var/spool/mail/spam
Finally, /spam and /quarantaine are simply empty. Mails go through the
server.
--
Franck Huet
Administrateur Unix/Linux
Boursorama
Tel : 01-46-09-48-17
