SUMMARY: mail filtering

From: David Stern (
Date: Fri Sep 08 2000 - 07:50:10 CDT

Thanks to:

Markus Korth <>
Walter Reed <>
Peter Watkins <>
Daniel Luechtefeld" <>
Karl Vogel <>
Todd Jensen <>
Jay Lessert <>
Brett Lymn <>
Darryl C Price <>

Original message:
> I'm looking for some mechanism to deal with unwanted messages (eg viruses,
> get-rich-quick etc) sent to a solaris POPmail server. Specifically, I'd like
> to be able to either filter incoming mail or more likely (the world being
> what it is), clean out specific messages that meet some criteria from all
> mailboxes after the messages have been received.
> How difficult is this to implement thru rules?
> Another alternative is procmail. The theory I tested is writting a script
> to do something like this (pardon the pseudo-code)
> for [ each user ]
> su - user
> mv /users/mbx /users/mbx.bad
> formail -s procmail myrules.rc </users/mbx.bad
> done
> How are others handling this?
There were a variety of responses including:
- Use qmail (

- Use procmail as the local delivery agent (in, use:
                  Mlocal, P=/usr/local/bin/procamil...

- see

- See and use similar rules


- (a variety of other tools or sendmail replacements eg mirapoint, anomy mail

I concluded that you really need two mechanisms. The first is something that
interfaces with a later, hardened version of sendmail to block KNOWN
"problem-children" from coming in in the first place. This assumes you know
what to look for. And this database would be somewhat dynamic. I'll likely
use either procmail as the local MTA or have sendmail pipe to procmail for
each user. The advantage of the latter is that I'd have finer granularity
on a user-by-user basis. OTOH, for ease of mainenance, I could have a single
.procmailrc with appropriate environment variables with all users linking to
it eg:

* ^Subject:.*GET RICH


The second mechanism would deal with as-yet-unknown, unwanted mail and
basically just post-process existing mailboxes as I described in my
original query.

 =-=-=-=-=-=-=-=-=- generated by /dev/dave -=-=-=-=-=-=-=-=-=-=-=-=-=-=
 David Stern TSI TelSys
 Manager, Information Systems 410-872-3906

U BEFORE POSTING please READ the FAQ located at
. and the list POLICY statement located at
A To submit questions/summaries to this list send your email message to:
A To unsubscribe from this list please send an email message to:
E and in the BODY type:
R unsubscribe sun-managers
S Or
. unsubscribe sun-managers original@subscription.address
L To view an archive of this list please visit:

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:16 CDT