[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 152
  • Last Modified:

procmail recipies

is it possible to detect a missing TO 'field' in an email header?
0
camstutz
Asked:
camstutz
  • 5
  • 4
1 Solution
 
gheistCommented:
| sed '/^$/q' | grep ^To:\  
(there are two spaces at the end)

Cut headers and look for To:(space) header

btw RFC says From: and Date: are required, and between lines that relayed mail (like all from internet) should have Received: hheader inside
0
 
camstutzAuthor Commented:
Hello gheist,

I appreciate your help. I am newer to procmail, so I am going to be testing this. My main goal is that we get a lot of blank emails that goes in waves. A quick Google search shows we are not a lone. These emails are literally missing the body, and have no from or to lines in the body It has a delivered-to and return-path field. They also have a non-standard header (in the since that it is missing a lot of the delivery path information and other normally seen fields.

I was hoping to catch something these with a procmail recipe that would look for the absence of these blank emails.
0
 
camstutzAuthor Commented:
I re-read my initial post... I'm sorry, I wrote it inappropriately... I was meaning missing the to field completely.
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
gheistCommented:
You need to set up some greylisting. That forces spammer to use queueing mail server instead of blind script.
Hope this helps
0
 
camstutzAuthor Commented:
Sorry for the Delay,

Unfortunately, Greylisting isn't an option for me. I was hoping it do it directly in procmail
0
 
gheistCommented:
Well I have shown you filter for procmail to check for To: header in message body. That answers your question.
Greylisting keeps most of spam out of mailboxes without much load on mailserver (like 2 commands per message with my filter)
0
 
camstutzAuthor Commented:
Thanks gheist... I do appreciate the greylisting info though, just my superiors do not like the option at this point.
My last question before I award points, is on that sed recipe, do I use the * to start the line?

 * | sed '/^$/q' | grep ^To:\  

If there is an article about this I would be willing to read it.

Thanks
0
 
gheistCommented:
Yessire....
0
 
gheistCommented:
I just added some commands that reads to first blank line
then other that checks for to: header
some command tutorials on grep / sed /awk and regular expressions are easy to find on internet....
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now