A simple procmail filter

This filter relies on the fact that spam email nearly always contains a dummy To: header, or none at all, while the To: header in normal email generally contains your correct email address. The exceptions to this are mailing lists, and this program provides an easy way to exempt specific addresses from filtering.

The system on which you receive your mail must be running Unix and have Perl v.5 installed on it. The mail system must be capable of using a .forward file in your home directory to specify special handling conditions for your email.

All your email must be processed by the procmail program. Since procmail can serve as the local delivery agent for sendmail, this may already have been taken care of. Check with your mail administrator to see if your mail is being delivered by procmail.

If the local delivery agent on your mail server system is something other than procmail, you will need to explicitly invoke procmail on your mail by placing the following line in the file .forward ("dot" forward) in your home directory.

The location of procmail on your system may be something other than /usr/local/bin. Your .forward file must be world readable.

Whether procmail is invoked from a local .forward file, or by the system mail engine, the following filter recipe must go in the file .procmailrc ("dot" procmailrc) in your home directory.

Note the backtics (not single quotes!) around the definition of LNAMES and around "hostname" on the second to last line. Be sure to insert your correct email address as it generally appears on your incoming email, as indicated.

This recipe references a script called egformat which can be anywhere in your filespace. I generally use my $HOME/bin directory for things such as this. This is a short and simple Perl 5 script which replaces newlines in a file with "|" pipe symbols required by the regular expression syntax in recipes.

Here's egformat:

Make sure that this script is user executable. If your Perl is v.4 instead of v.5, you'll need to check for the presence of a newline at the end of the default input at the beginning of each while loop and use chop instead of chomp to remove it.

The last component of this system is the list of keywords to be found in the headers of legitimate email for which the To: header does not contain your email address. This is the case for most mailing lists. Place in a file called .maillists, one to a line, the To: header addresses of all the mailing lists to which you subscribe. Complete addresses aren't required, as long as each line contains a word or portion of an address which appears uniquely in the To: header email of each list. You may want to examine the headers of some of your mailing list posts to obtain a unique keyword or address common to posts to that list.

This filter will store your spam email in a file called spam in your Mail directory. You may wish to store your spam in /dev/null instead, or replace Mail/spam with an invocation of a program such as formail which can be used to formulate a reply or forward. Until you determine that the filter is working properly, and is filtering all your spam and only spam, you will probably want to save filtered files and examine them peridocally for proper filtering. A full discussion of procmail is beyond the scope of this page, but the Unix manual pages for procmail(1), procmailrc(5) and procmailex(5) (recipe examples) are, unlike some Unix man pages, relatively clear and will written.