Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 149
  • Last Modified:

procmail recipies

is it possible to detect a missing TO 'field' in an email header?
0
camstutz
Asked:
camstutz
  • 5
  • 4
1 Solution
 
gheistCommented:
| sed '/^$/q' | grep ^To:\  
(there are two spaces at the end)

Cut headers and look for To:(space) header

btw RFC says From: and Date: are required, and between lines that relayed mail (like all from internet) should have Received: hheader inside
0
 
camstutzAuthor Commented:
Hello gheist,

I appreciate your help. I am newer to procmail, so I am going to be testing this. My main goal is that we get a lot of blank emails that goes in waves. A quick Google search shows we are not a lone. These emails are literally missing the body, and have no from or to lines in the body It has a delivered-to and return-path field. They also have a non-standard header (in the since that it is missing a lot of the delivery path information and other normally seen fields.

I was hoping to catch something these with a procmail recipe that would look for the absence of these blank emails.
0
 
camstutzAuthor Commented:
I re-read my initial post... I'm sorry, I wrote it inappropriately... I was meaning missing the to field completely.
0
Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

 
gheistCommented:
You need to set up some greylisting. That forces spammer to use queueing mail server instead of blind script.
Hope this helps
0
 
camstutzAuthor Commented:
Sorry for the Delay,

Unfortunately, Greylisting isn't an option for me. I was hoping it do it directly in procmail
0
 
gheistCommented:
Well I have shown you filter for procmail to check for To: header in message body. That answers your question.
Greylisting keeps most of spam out of mailboxes without much load on mailserver (like 2 commands per message with my filter)
0
 
camstutzAuthor Commented:
Thanks gheist... I do appreciate the greylisting info though, just my superiors do not like the option at this point.
My last question before I award points, is on that sed recipe, do I use the * to start the line?

 * | sed '/^$/q' | grep ^To:\  

If there is an article about this I would be willing to read it.

Thanks
0
 
gheistCommented:
Yessire....
0
 
gheistCommented:
I just added some commands that reads to first blank line
then other that checks for to: header
some command tutorials on grep / sed /awk and regular expressions are easy to find on internet....
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now