Random Linux Tip - Filtering Mail With Procmail

Ryan Simpkins plug at ryansimpkins.com
Thu Jun 13 13:19:42 MDT 2013


One of the advantages of running your own mail server is that you can craft
all kinds of crazy filters and rules to route your mail to various places. You
aren't restricted by what some company thinks you should be able to do. Below
is my setup:

Details:
* You need a linux box, vm, VPS, or equivalent.
* You need a properly configured MTA. I use postfix. Here are some of the
relevant changes in my main.cf file. Notice that mailbox_command is configured
to deliver mail locally through procmail.

##############################
# Ryan's Specific Setup
biff=no
append_dot_mydomain = no
disable_vrfy_command = yes
show_user_unknown_table_name = no
# Must have parent_domain_matches_subdomains and relay_domains set null
# or you get backscatter on any subdomains (even if they do not exist).
parent_domain_matches_subdomains =
relay_domains =
virtual_alias_domains = /etc/postfix/virtual-domains
virtual_alias_maps = hash:/etc/postfix/virtual-users
mynetworks_style = host
smtpd_helo_required = yes
smtpd_reject_unlisted_sender = yes
smtpd_reject_unlisted_recipient = yes
# no limit on mbox size
mailbox_size_limit=0
mailbox_command = /usr/bin/procmail
message_size_limit=18874368

# Restrictions below. Now we get in to the heavy fisted stuff.

# The rbls in this section are just trying to be proactive.
smtpd_helo_restrictions =
    reject_invalid_helo_hostname,
    reject_non_fqdn_helo_hostname,
    reject_rhsbl_helo zen.spamhaus.org,
    reject_rhsbl_helo bl.spamcop.net,
    reject_rhsbl_helo dnsbl.njabl.org

# The cidr lookups here block most of the spam I get.
smtpd_client_restrictions =
    cidr:/etc/postfix/personal_cidr,
    cidr:/etc/postfix/regional_cidr,
    reject_rbl_client zen.spamhaus.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.njabl.org

# This is for a the gps greylist daemon. With the RBLs and a greylist I get
1-2 SPAM messages delivered a day. Without these rules I get 2000-3000
delivered.
# <cmd>_time_limit is the timeout for gps to return a result. Keep at 3600
gps_time_limit = 3600
smtpd_recipient_restrictions =
    permit_mynetworks,
    reject_unauth_destination,
    check_policy_service unix:private/gps
##############################

I have the virtual-users db set up to deliver mail to a user on my system. In
the user's home dir I created a .procmail file. Here is how that looks (order
is important):

# Auto route plugmaster mail to my main mailbox so I don't miss anything
related to list management.
:0:
* ^TOplugmaster at plug.org
/var/spool/mail/mainusername

# Auto route all plug mail to its own mbox. I have dozens of these set up.
:0:
* ^TOplug at plug.org
mail/LUGs/plug

# A list of subject matching rules. These can do pattern matching as well. You
can route messages to /dev/null, or send it to a special mbox. If I do not
want to have a busy thread distract me, I can drop it in here.
:0:
* ^Subject:Filtered Subject
/dev/null

Finally, I use squirrelmail to read/write mail. There are a number of reasons
I like squirrelmail. The main advantage is it is a simple html interface that
works best with straight text e-mail. This allows me to access my mail on a
variety of machines and locations without having to worry about odd javascript
behavior, etc.

More helpful procmail tips:
http://partmaps.org/era/procmail/mini-faq.html
http://partmaps.org/era/procmail/quickref.html

-Ryan


More information about the PLUG mailing list