Using procmail to filter spam

Using procmail to filter spam

Mail delivered to username@cs.rutgers.edu is now tested for spam characteristics by a mail filter called SpamAssassin. (For mail directed to places other than username@cs.rutgers.edu, see below.) This filter scores each email using a large number of tests to determine whether the message is likely to be spam. Headers are added to each message scanned showing the results. If the score is high enough, a header indicating the message is probably spam
    X-Spam-Flag: YES
is added to the headers as well as a verbose explanation of the scoring. Depending on the mail reader you use, all this may be totally hidden from you. Netscape, for example, will only show you the From:, To:, Date: and Subject: header lines. emacs rmail, on the other hand, will show you all headers except the Received: lines.

It is possible to redirect mail tagged as possible spam so the volume of it won't interfere with your normal work. If you read your mail from a unix machine, you can use procmail to do that redirection.

To start using procmail, put

     "|IFS=' ';exec /usr/local/bin/procmail #YOUR_LOGIN_NAME"
in your .forward file, where "YOUR_LOGIN_NAME" is your user ID. (Note: All punctuation including single- and double-quotes, semi-colon, and pound sign must appear as illustrated.) Next, create the file .procmailrc in your home directory into which you will put small sets of instructions (called "recipes") telling procmail how to deal with incoming messages.

Sample recipes

Route messages tagged as spam to a different folder
    :0:
    * ^X-Spam-Flag: YES
    $HOME/mail/spam
This recipe contains three lines. The first line marks the beginning of the recipe and tells procmail to use a lock file while performing this action. The second line is a regular expression procmail uses to test each of the headers of the message. The third line indicates the file into which to put this message should the above test match any line in the headers. So this recipe says "If any line in the headers starts with 'X-Spam-Flag: YES', put it in the file spam in the mail subdirectory of my home directory."

Routing email erroneously tagged as spam
    :0:
    * ^From: .*list-admin@somecompany.com
    $ORGMAIL
This recipe demonstrates how to create an exception to the normal spam routing. The second line in this recipe matches all messages from "list-admin@somecompany.com". (You could also match on the "To:" or any other header line. Judge by what is common among the class of messages you would like passed on.) The third line says to put the message in your normal mail queue file. Since procmail processes recipes in the order in which they appear in your .procmailrc, this recipe should be put before the above routing recipe.

While a large percentage of messages tagged as spam really will be spam (> 90%, we estimate), occasionally legitimate messages will be tagged. For instance, any message mentioning "mortgage rates" automatically has a high enough score by the current scoring method to be tagged as spam. For this reason, we recommend that you route tagged email to a separate file and periodically review those messages to confirm that they are, in fact, unwanted. (The period for this review should be no longer than you would want to keep a legitimate message waiting.)

Discard messages tagged as spam
    :0:
    * ^X-Spam-Flag: YES
    /dev/null
Though we highly recommend against it, this recipe will discard all messages tagged as spam. This recipe is identical to the routing recipe above, except the destination is /dev/null, the "bit bucket." If you do this, you will lose legitimate messages. Neither you nor the sender will be notified that the message has been discarded. It will just disappear.

Sample .procmailrc:

A commented sample .procmailrc is available at /fac/u/watrous/Sample/.procmailrc. To install it,
    cd				# start in your home directory.

    mkdir mail			# create a mail directory if one doe
				# not already exist.  (If you have a
				# file named mail, you should rename it.)

    cp /fac/u/watrous/Sample/.procmailrc .	# copy the sample
				# .procmailrc to your home directory.

    emacs .procmailrc		# edit it to customize your own spam
				# filtering exceptions, spam file
				# destination, etc.
If you are not on the DCS faculty cluster, download the sample file from the link instead of copying it.

Setup script

I've written a script to set up .forward and .procmailrc for you. It can be found at ~watrous/setup-procmail-spamfiltering.

For further information:


This page last updated October 20, 2016.