old-www/LDP/LG/issue67/arndt.html

<!--startcut  ==============================================-->
<!-- *** BEGIN HTML header *** -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML><HEAD>
<title>Mailfilter - a program to protect you from spam LG #67</title>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#0000AF"
ALINK="#FF0000">
<!-- *** END HTML header *** -->

<CENTER>
<A HREF="http://www.linuxgazette.com/">
<H1><IMG ALT="LINUX GAZETTE" SRC="../gx/lglogo.png" 
	WIDTH="600" HEIGHT="124" border="0"></H1></A> 
<BR>

<!-- *** BEGIN navbar *** -->
<IMG ALT="" SRC="../gx/navbar/left.jpg" WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom"><A HREF="adam.html"><IMG ALT="[ Prev ]" SRC="../gx/navbar/prev.jpg" WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="index.html"><IMG ALT="[ Table of Contents ]" SRC="../gx/navbar/toc.jpg" WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../index.html"><IMG ALT="[ Front Page ]" SRC="../gx/navbar/frontpage.jpg" WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="http://www.linuxgazette.com/cgi-bin/talkback/all.py?site=LG&article=http://www.linuxgazette.com/issue67/arndt.html"><IMG ALT="[ Talkback ]" SRC="../gx/navbar/talkback.jpg" WIDTH="121" HEIGHT="45" BORDER="0" ALIGN="bottom"  ></A><A HREF="../faq/index.html"><IMG ALT="[ FAQ ]" SRC="./../gx/navbar/faq.jpg"WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="bennet.html"><IMG ALT="[ Next ]" SRC="../gx/navbar/next.jpg" WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom"  ></A><IMG ALT="" SRC="../gx/navbar/right.jpg" WIDTH="15" HEIGHT="45" ALIGN="bottom">
<!-- *** END navbar *** -->
<P>
</CENTER>

<!--endcut ============================================================-->

<H4 ALIGN="center">
"Linux Gazette...<I>making Linux just a little more fun!</I>"
</H4>

<P> <HR> <P> 
<!--===================================================================-->

<center>
<H1><font color="maroon">Mailfilter - a program to protect you from spam</font></H1>
<H4>By <a href="mailto:matthiasarndt@gmx.net">Matthias Arndt</a></H4>
</center>
<P> <HR> <P>  

<!-- END header -->




<H1><A NAME="SECTION00010000000000000000">
1. What is mailfilter?</A>
</H1>

<P>
Mailfilter is a very usable tool. It helps you to keep spam away from your mailbox.
Contrary to the filtering with procmail, mailfilter filters the mail online.
This means that mailfilter deletes unwanted spam directly from your POP3 account before
fetchmail (or your favourite POP3 client) even sees it.  This is different from procmail, which zaps the
spam after it's been downloaded and is about to be put into your mailbox.
(Examples of using procmail are in a recent <I>Linux Gazette</I> article,
<A HREF="../issue62/okopnik.html">http://www.linuxgazette.com/issue62/okopnik.html</A>.)

<P>
The benefit from that is that you won't download the spam anymore. This saves
bandwidth and makes you a lot happier especially if you have a slow Internet
link.

<P>
Mailfilter is a very good tool, easy to install and easy to maintain. You can
add it to your <B><A HREF="#fetchmail">.fetchmailrc</A></B> as well, thus
automating the procedure of deleting unwanted spam before downloading.

<P>

<H1><A NAME="SECTION00020000000000000000">
2. Installing mailfilter</A>
</H1>

<P>
Installing mailfilter is very easy. Just download mailfilter as source (.tar.gz
file) from <A HREF="http://mailfilter.sourceforge.net/" TARGET="_blank">http://mailfilter.sourceforge.net/</A> and follow the following
steps.

<P>

<OL>
<LI>unpack the archive to a temporary place</LI>
<LI>change to the temporary directory where you unpacked the source tree</LI>
<LI>type <I>./configure</I></LI>
<LI><I>make</I></LI>
<LI>as root (use <B>su</B> if needed): <I>make install</I></LI>
</OL>
<I>Read the fine manual</I> supplied in the source package to gain more information.

<P>
To run mailfilter, just type <B>mailfilter</B> on the prompt. Watch out! Mailfilter
needs a valid configuration file to work properly.

<P>

<H1><A NAME="SECTION00030000000000000000">
3. The mailfilter configuration file</A>
</H1>

<P>

<H2><A NAME="SECTION00031000000000000000">
3.1 Creation of the file</A>
</H2>

<P>
You can download a sample copy of this file from mailfilter.sourceforge.net,
- but we will create this file from scratch here.

<P>
Each user who wants to use <B>mailfilter</B>, needs a configuration file.
this file is called <B>.mailfilterrc</B>. It has to be located in the home
directory of the user.

<P>
Follow these steps to create the file and make it (at least a little bit) secure.

<P>

<OL>
<LI>go to your favourite shell prompt, <B>make sure you are not root</B> (in a
terminal window or on the console)</LI>
<LI>type <I>cd</I> to go to the root of your home directory</LI>
<LI>type <I>touch .mailfilterrc</I></LI>
<LI>type <I>chmod 600 .mailfilterrc</I> to prevent somebody else (than root) to
read it</LI>
<LI>now launch your favourite editor to edit <B>.mailfilterrc</B></LI>
</OL>
We need to chmod the file because mailfilter stores the passwords of your POP3
account(s) as plain text!

<P>
Now we need to add some content to the configuration file. Mailfilter will refuse
to work if the configuration file is missing.

<P>

<H2><A NAME="SECTION00032000000000000000">
3.2 comments in the mailfilter configuration file</A>
</H2>

<P>
Lines beginning with a # are comments and thus ignored by mailfilter. Empty
lines are ignored as well.

<P>

<H2><A NAME="SECTION00033000000000000000">
3.3 adding basic info to the mailfilter configuration file</A>
</H2>

<P>
The most important part of the configuration file contains information of your
mail account. Just add the following lines to the mailfilterrc file. You may
specify more than one account.

<P>
Currently, mailfilter only supports POP3 accounts.

<P>
It is important not to change the order of the lines.

<P>

<UL>
<LI><I>SERVER=mailserver</I> (supply the network name of your mail sever here)</LI>
<LI><I>USER=username</I> (this specifies your POP3 username)</LI>
<LI><I>PASS=password</I> (enter your password here)</LI>
<LI><I>PROTOCOL=pop3</I> (do not change this line as IMAP is not supported yet)</LI>
<LI><I>PORT=110</I> (supply the port of the POP3 server here, default is 110)</LI>
</UL>
Make sure that the keywords are capitalized, Server instead of SERVER will not
be recognized by mailfilter.

<P>
Another important option is to specify a logfile using the following line.

<P>

<UL>
<LI><I>LOGFILE=logfile</I> (supply a filename here - you must have write access
to the directory and to this file!)</LI>
</UL>
Mailfilter will refuse to work if you do not specify a logfile. If you do not
want to keep logs, use <I>/dev/null</I> as the logfile entry.

<P>
Now, you'll have a very basic configuration file. Mailfilter now will run but
it won't do anything useful on the mail.

<P>

<H2><A NAME="SECTION00034000000000000000">
3.4 adding filter rules to the configuration file</A>
</H2>

<P>
This is the trickier part of the mailfilter configuration. We will now add commands
to actually do something useful with our mail.

<P>
This is done by adding special command lines to the configuration file. Mailfilter
uses regular expressions for the filtering.

<P>

<H3><A NAME="SECTION00034100000000000000">
3.4.1 specify if mailfilter should be case-sensitive when filtering</A>
</H3>

<P>
To do this, add the following line to your configuration file.

<P>

<UL>
<LI><I>REG_CASE=no</I></LI>
</UL>
Or use yes but ignoring case makes filtering much easier.

<P>

<H3><A NAME="SECTION00034200000000000000">
3.4.2 specify if mailfilter should normalize text</A>
</H3>

<P>

<UL>
<LI><I>NORMAL=yes</I></LI>
</UL>
This allows mailfilter to accept ``,L.E-G,A.L; ,C.A-B`L`E, +.B-O`X` ;D`E`S,C;R,A.MB;L,E.R-]''
as ``LEGAL CABLE BOX DESCRAMBLER''. 

<P>
Be careful! mailfilter will not try to interpret ``v&nbsp;i&nbsp;a&nbsp;g&nbsp;r&nbsp;a'' as viagra
so <B>blanks are not normalized</B>.

<P>

<H3><A NAME="SECTION00034300000000000000">
3.4.3 adding support to kill unwanted mail by subject</A>
</H3>

<P>
This is easy. Add the following line to your configuration file.

<P>

<UL>
<LI><I>DENY=Subject:.*some text</I></LI>
</UL>
Substitute <I>some text</I> with the text you want to filter.

<P>

<H3><A NAME="SECTION00034400000000000000">
3.4.4 adding support to kill spam from specified senders</A>
</H3>

<P>
This will become handy if you receive spam from the same address. Use the following
syntax:

<P>

<UL>
<LI><I>DENY=From:.*spammer@somewhere.org</I></LI>
</UL>
Replace spammer@somewhere.org with the email address of the spammer.

<P>
You may kill spam from entire domains as well. Use this syntax to achieve that:

<P>

<UL>
<LI><I>DENY=From:.*@domain</I></LI>
</UL>
Replace domain with the name of the spamming domain.

<P>
As you can see, the way to tell mailfilter what to do follows an easy to use
scheme. You may block mail by CC, BCC, TO as well.

<P>

<H3><A NAME="SECTION00034500000000000000">
3.4.5 allowing specific senders</A>
</H3>

<P>
This feature allows mailfilter to ignore mail sent by a specific person even
if one of the other filters would apply.

<P>

<UL>
<LI><I>ALLOW=From:.*my_friend@somewhere.com</I></LI>
</UL>
Any mail from the specified email address would be kept.

<P>
You may apply this to specific subjects as well. If a spammer starts talking
about mailfilter, for example.

<P>

<UL>
<LI><I>ALLOW=Subject:.*mailfilter</I></LI>
</UL>

<P>

<H1><A NAME="SECTION00040000000000000000"></A><A NAME="fetchmail"></A>
<BR>
4. How to automate spam filtering by using fetchmail?
</H1>

<P>
Fetchmail has a feature to call filter programs before fetching the mail.
Add the following to your <B>.fetchmailrc</B> to call mailfilter every time
you download your mail.

<PRE>
preconnect mailfilter
</PRE>
Replace mailfilter in the line above with the complete path and the name of
the mailfilter binary. <B>/usr/local/bin/mailfilter</B> for example.

<P>
Be careful! <I>If mailfilter fails (config file damaged, password wrong,
etc.), fetchmail will not connect.</I> So test your mailfilter configuration standalone
each time you add a new directive.

<P>

<H1><A NAME="SECTION00050000000000000000">
5. Conclusion</A>
</H1>

<P>
Mailfilter is a very good tool. I wasn't able to force fetchmail to filter in
the body of a mail. But at least, it allows working spam protection if the addresses
of the spammers are valid.

<P>
This works very good and I can only emphasize: give <B>mailfilter</B> a try,
especially if your Internet link is slow and you receive a lot of spam.




<!-- *** BEGIN bio *** -->
<SPACER TYPE="vertical" SIZE="30">
<P> 
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Matthias Arndt</H4>
<CITE>I'm a Linux enthusiast from northern Germany.
I like plain old fifties rock'n'roll music, writing
stories and publishing in the Linux Gazette, of course.
Currently I'm studying computer science in conjunction with
economics.</CITE>

<!-- *** END bio *** -->

<!-- *** BEGIN copyright *** -->
<P> <hr> <!-- P --> 
<H5 ALIGN=center>

Copyright &copy; 2001, Matthias Arndt.<BR>
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR> 
Published in Issue 67 of <i>Linux Gazette</i>, June 2001</H5>
<!-- *** END copyright *** -->

<!--startcut ==========================================================-->
<HR><P>
<CENTER>
<!-- *** BEGIN navbar *** -->
<IMG ALT="" SRC="../gx/navbar/left.jpg" WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom"><A HREF="adam.html"><IMG ALT="[ Prev ]" SRC="../gx/navbar/prev.jpg" WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="index.html"><IMG ALT="[ Table of Contents ]" SRC="../gx/navbar/toc.jpg" WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../index.html"><IMG ALT="[ Front Page ]" SRC="../gx/navbar/frontpage.jpg" WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="http://www.linuxgazette.com/cgi-bin/talkback/all.py?site=LG&article=http://www.linuxgazette.com/issue67/arndt.html"><IMG ALT="[ Talkback ]" SRC="../gx/navbar/talkback.jpg" WIDTH="121" HEIGHT="45" BORDER="0" ALIGN="bottom"  ></A><A HREF="../faq/index.html"><IMG ALT="[ FAQ ]" SRC="./../gx/navbar/faq.jpg"WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="bennet.html"><IMG ALT="[ Next ]" SRC="../gx/navbar/next.jpg" WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom"  ></A><IMG ALT="" SRC="../gx/navbar/right.jpg" WIDTH="15" HEIGHT="45" ALIGN="bottom">
<!-- *** END navbar *** -->
</CENTER>
</BODY></HTML>
<!--endcut ============================================================-->