 |
|||||||||||||||||||
 |
|
||||||||||||||||||
 |
Products | Partners | Download | Buy | Network | About | Community | Help |
|
Contact Us |
Howtos - Filtering E-mail With Procmail
[edit] OverviewOn occasion, an e-mail virus forges the reply address using our domain (clarkconnect.com). For instance, a virus sends an e-mail to bob@example.com with a (fake) return address of info@clarkconnect.com. If bob@example.com has antivirus enabled, then we (annoyingly) receive an antivirus report. This can sometimes generate hundreds or thousands of unwanted messages! We use the Procmail software package to filter these unwanted antivirus reports. This Howto is a brief description of how we did it. Keep in mind, Procmail can be used for many other purposes. [edit] Install ProcmailThe first step, of course, is to make sure Procmail is installed! In most versions of ClarkConnect, Procmail is installed by default. If it is not installed, you can use the following commands to install it:
[edit] Enable Procmail in PostfixOnce procmail is installed, you need to enable it in the Postfix configuration file - /etc/postfix/main.cf. Look for the mailbox_command parameter and set it to: mailbox_command = /usr/bin/procmail Restart Postfix with the command: /sbin/service postfix restart At this point, mail is passing through Procmail before getting delivered to an end user's mailbox. Nothing is configured, so you will not see any changes yet! [edit] Create a Procmail Configuration FileProcmail will check the /etc/procmailrc file for global rules, as well as a .procmailrc in a user's home directory (/home/username/.procmailrc). In our example, we add a global rule to forward any mail with "Symantec Antivirus Report" in the body of the message. All this mail goes to junk@example.com. The /etc/procmailrc looks like: :0BH: * Symantec Antivirus Report ! junk@example.com
[edit] Links[edit] Advanced Procmail LinksThese links demonstrate some of the neat tricks it is capable of doing.
|
||||||||||||||||||||||||||||||||||||||||
|
|
