1 Date: Sat, 4 Apr 1998 07:23:39 +0200 (GMT+0200)
2 From: "F. Jacot Guillarmod" <Jacot@ru.ac.za>
4 Here's four checks installed in our system wide filter that knock out
5 a lot of otherwise hard to detect rubbish - and would handle the above
6 example. The most interesting one is the hotmail.com "validity check".
8 # ===========================================================================
9 # authenticated sender, but not from pegasus
10 #-------------------------------------------
11 elif "$h_comments" contains "authenticated sender" and
12 "$h_x-mailer" does not contain "pegasus" then
14 log "$tod_log $message_id SPAMAUTHS: sender=$sender_address \
15 subject=$header_subject: recipients_count=$recipients_count \
16 recipients=$recipients"
17 save /usr/local/lib/mail/spam
19 # claims to be from hotmail.com
20 #------------------------------
21 elif "$h_from" contains "hotmail.com" and
22 "${if !def:header_x-originating-ip {nospam}}" is nospam then
24 log "$tod_log $message_id SPAMHOTMAIL: sender=$sender_address \
25 subject=$header_subject: recipients_count=$recipients_count \
26 recipients=$recipients"
27 save /usr/local/lib/mail/spam
29 # claims to be from juno.com
30 #------------------------------
31 elif "$h_from" contains "juno.com" and
32 "${if def:header_x-mailer {juno} {spam}}" is spam then
34 log "$tod_log $message_id SPAMJUNO: sender=$sender_address \
35 subject=$header_subject: recipients_count=$recipients_count \
36 recipients=$recipients"
37 save /usr/local/lib/mail/spam
39 # spam X-UIDL header found
40 # ------------------------
41 elif "${if def:header_x-uidl {spam}}" is spam then
43 log "$tod_log $message_id SPAM-X-UIDL: sender=$sender_address \
44 subject=$header_subject: recipients_count=$recipients_count \
45 recipients=$recipients"
46 save /usr/local/lib/mail/spam
47 # ===========================================================================
50 The following rule seems to work (but I don't use it):
52 # either To: is contained in From: or there is no To: line
53 # --------------------------------------------------------
54 elif $h_from contains $h_to then
56 log "$tod_log $message_id SPAM-TOEQFRM: sender=$sender_address \
57 subject=$header_subject: recipients_count=$recipients_count \
58 recipients=$recipients"
59 save /usr/local/lib/mail/spam
60 # --------------------------------------------------------
64 Here's parts of my personal .forward file - I'm relying on the system wide exim
65 configs to zap spam, and only do the old fashioned stuff to whatever gets
68 #==========================================================================
69 # Exim filter <<== do not edit or remove this line
71 if error_message then finish endif
73 logfile $home/eximfilter.log
75 # Mail from support system
76 if $header_subject contains "[Help #"
78 save $home/Mail/in.support
80 # Mail from squid mailing list to local newsgroup
81 elif $header_subject contains "squid-users-digest"
83 deliver "<ru-list-squid@quagga.ru.ac.za>"
85 # Mail from exim-users mailing list to local newsgroup
86 elif $return_path contains "exim-users-request"
88 deliver "<ru-list-exim-users@quagga.ru.ac.za>"
90 # Stuff to be thrown away
91 if $header_subject contains "Warning From uucp"
96 #==========================================================================