[TriLUG] Re: simple mail filter. best option?

Aaron S. Joyner aaron at joyner.ws
Sun Jul 23 14:21:05 EDT 2006

Cristobal Palmer wrote:

> Many thanks to Nathan Conrad for showing me how it's done in procmail:
> --install procmail
> --add this line to /etc/postfix/main.cf :
> 'mailbox_command = /usr/bin/procmail'
> --assuming we don't want to drop rejected mail to /dev/null, we should
> make a /var/log/procmail dir and set up a rotation for .junk files
> --make an /etc/procmailrc file:
> :0
> * ^To:.*foo at bar.com
> {
> :0
> * !^From:.*@foo.com
> /var/log/procmail/foo.junk
> }
> :0
> * ^To:.*baz at bar.com
> {
> :0
> * !^From:.*@baz.com
> /var/log/procmail/baz.junk
> }
> --??

In the procmail setup, this --?? step corresponds to "accept the entire 
body of the message and cache it to the local disk for no good reason".  
:)  For the same reasons Jason mentioned previously in this thread, it's 
much preferable to do it with the MTA, a lot less load and a lot less 
bandwidth consumed.  Perhaps the best benefit is that persons not 
sending valid mail to you get a rejection, generated for free by their 
MTA, instead of having their mail silently dropped on the floor (where 
the floor in this case is /var/log/procmail/*.junk).  Before someone 
jumps in and modifies your procmail rule to send a failure DSN (Delivery 
Status Notification), let me point out that you don't want one of those 
to be sitting in your mail queue for 5 days for every piece of spam you 
get with out a valid return domain (ie. mail server that can't be 
contacted).  Then someone might suggest that you could solve that by 
lowering your queue length to less than 5 days or offloading it to a 
separate queue server, but of course that affects all of your normal 
mail flow, etc and hopefully you'll notice that these things are a lot 
of hoops to jump through unnecessarily.  Enforcing rules about who to 
accept and receive mail from is the job of the MTA, delivery into 
different mailboxes is the job of the delivery agent.

Aaron S. Joyner

> --Profit!
> -CMP
> On 7/22/06, Cristobal Palmer <cristobalpalmer at gmail.com> wrote:
>> I have a site, bar.com, that will be receiving mail from clients such
>> as foo and baz who have their own domains, foo.com and baz.com.
>> I want to set things up such that mail to foo at bar.com only gets
>> through if it came from *@foo.com, likewise mail to baz at bar.com should
>> be dropped if it didn't come from *@baz.com.
>> What's the _best_ way to do this if I'm using postfix? Something
>> directly in postfix? Procmail?
>> TIA,
>> CMP
>> -- 
>> Cristobal M. Palmer
>> UNC-CH SILS Student
>> TriLUG Vice Chair
>> cristobalpalmer at gmail.com
>> cmpalmer at ils.unc.edu
>> ils.unc.edu/~cmpalmer
>> "Television-free since 2003"
>> <tarheelcoxn> iank has trouble with English. his native language is 
>> Python
>> <iank> Yeah
>> <iank>   I'm forced
>> <iank>     To indent
>> <iank>   My sentences

More information about the TriLUG mailing list