Solved

procmail recipies

Posted on 2014-09-04
9
135 Views
Last Modified: 2014-09-17
is it possible to detect a missing TO 'field' in an email header?
0
Comment
Question by:camstutz
  • 5
  • 4
9 Comments
 
LVL 61

Accepted Solution

by:
gheist earned 500 total points
ID: 40305698
| sed '/^$/q' | grep ^To:\  
(there are two spaces at the end)

Cut headers and look for To:(space) header

btw RFC says From: and Date: are required, and between lines that relayed mail (like all from internet) should have Received: hheader inside
0
 

Author Comment

by:camstutz
ID: 40307080
Hello gheist,

I appreciate your help. I am newer to procmail, so I am going to be testing this. My main goal is that we get a lot of blank emails that goes in waves. A quick Google search shows we are not a lone. These emails are literally missing the body, and have no from or to lines in the body It has a delivered-to and return-path field. They also have a non-standard header (in the since that it is missing a lot of the delivery path information and other normally seen fields.

I was hoping to catch something these with a procmail recipe that would look for the absence of these blank emails.
0
 

Author Comment

by:camstutz
ID: 40307104
I re-read my initial post... I'm sorry, I wrote it inappropriately... I was meaning missing the to field completely.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40309333
You need to set up some greylisting. That forces spammer to use queueing mail server instead of blind script.
Hope this helps
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:camstutz
ID: 40327683
Sorry for the Delay,

Unfortunately, Greylisting isn't an option for me. I was hoping it do it directly in procmail
0
 
LVL 61

Expert Comment

by:gheist
ID: 40327700
Well I have shown you filter for procmail to check for To: header in message body. That answers your question.
Greylisting keeps most of spam out of mailboxes without much load on mailserver (like 2 commands per message with my filter)
0
 

Author Comment

by:camstutz
ID: 40328126
Thanks gheist... I do appreciate the greylisting info though, just my superiors do not like the option at this point.
My last question before I award points, is on that sed recipe, do I use the * to start the line?

 * | sed '/^$/q' | grep ^To:\  

If there is an article about this I would be willing to read it.

Thanks
0
 
LVL 61

Expert Comment

by:gheist
ID: 40328190
Yessire....
0
 
LVL 61

Expert Comment

by:gheist
ID: 40328803
I just added some commands that reads to first blank line
then other that checks for to: header
some command tutorials on grep / sed /awk and regular expressions are easy to find on internet....
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

The purpose of this article is to demonstrate how we can use conditional statements using Python.
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now