Solved

procmail recipies

Posted on 2014-09-04
9
138 Views
Last Modified: 2014-09-17
is it possible to detect a missing TO 'field' in an email header?
0
Comment
Question by:camstutz
  • 5
  • 4
9 Comments
 
LVL 61

Accepted Solution

by:
gheist earned 500 total points
ID: 40305698
| sed '/^$/q' | grep ^To:\  
(there are two spaces at the end)

Cut headers and look for To:(space) header

btw RFC says From: and Date: are required, and between lines that relayed mail (like all from internet) should have Received: hheader inside
0
 

Author Comment

by:camstutz
ID: 40307080
Hello gheist,

I appreciate your help. I am newer to procmail, so I am going to be testing this. My main goal is that we get a lot of blank emails that goes in waves. A quick Google search shows we are not a lone. These emails are literally missing the body, and have no from or to lines in the body It has a delivered-to and return-path field. They also have a non-standard header (in the since that it is missing a lot of the delivery path information and other normally seen fields.

I was hoping to catch something these with a procmail recipe that would look for the absence of these blank emails.
0
 

Author Comment

by:camstutz
ID: 40307104
I re-read my initial post... I'm sorry, I wrote it inappropriately... I was meaning missing the to field completely.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40309333
You need to set up some greylisting. That forces spammer to use queueing mail server instead of blind script.
Hope this helps
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:camstutz
ID: 40327683
Sorry for the Delay,

Unfortunately, Greylisting isn't an option for me. I was hoping it do it directly in procmail
0
 
LVL 61

Expert Comment

by:gheist
ID: 40327700
Well I have shown you filter for procmail to check for To: header in message body. That answers your question.
Greylisting keeps most of spam out of mailboxes without much load on mailserver (like 2 commands per message with my filter)
0
 

Author Comment

by:camstutz
ID: 40328126
Thanks gheist... I do appreciate the greylisting info though, just my superiors do not like the option at this point.
My last question before I award points, is on that sed recipe, do I use the * to start the line?

 * | sed '/^$/q' | grep ^To:\  

If there is an article about this I would be willing to read it.

Thanks
0
 
LVL 61

Expert Comment

by:gheist
ID: 40328190
Yessire....
0
 
LVL 61

Expert Comment

by:gheist
ID: 40328803
I just added some commands that reads to first blank line
then other that checks for to: header
some command tutorials on grep / sed /awk and regular expressions are easy to find on internet....
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now