# Sample Courier Maildrop file to demonstrate filtering messages # according to: # # 1 - Mailing list headers. # # 2 - How Spamassassin scores them. # # 3 - Whether Anomy Sanitizer finds an executable attachment # and drops it. # # Real mailing list sorting may be trickier if there isn't a # clearly identifiable list-related header line. logfile "mailfilter-log.txt" log "========" if ( /^Subject: Test1/ ) { log "-------------------------------------------- Test1 found " to "Maildir/.blah" } if ( /^List-Id: IETF Discussion/ ) { log "-------------------------------------------- IETF " cc "Maildir/.Lists.IETF" xfilter "subjadd [IETF]" DELTAG=$DTAG to "$LMB" } # Copy all messages which are not # caught by one of the above mailing # list filters to be copied to # special folder so I can find a # message, if I want to, in # the state before Spamassassin # looked at it (and therefore wrote # something in the headers) and before # Anomy Sanitizer may have defanged # its HTML or dropped its attachment. # # In this example, "Pre-Filter-Inbox" # is a mailbox within the mailbox: # "0-Inbox-Old" - as is another # mailbox used at the end: # "Post-Filter-Inbox". cc "Maildir/.0-Inbox-Old.Pre-Filter-Inbox" xfilter "/usr/bin/spamassassin -x" # Look out for marginal scoring spam & # put it somewhere I can scrutinise it # easily, away from the worst stuff. # If the threshold of 3.0 is too low # there will be many false-postives in # -SPAM-marginal, and I will need to # fish them out manually. if ( ( /X-Spam-Status: No, score=3./ ) \ ||( /X-Spam-Status: No, score=4./ ) \ ||( /X-Spam-Status: Yes, score=5./ ) \ ) { log "-------------------------------- Spam marginal. " to "Maildir/.-SPAM-marginal" } # Watch out for header line added by # Spamassassin, which it will be for # anything scoring 5.0 or above. # # Don't allow any blank lines after # the if statement! if ( /^X-Spam-Flag: YES/ ) { log "----------------------------------- Spam general. " to "Maildir/.-SPAM" } # If we are still processing the # the message, it is because its # Spamassassin score was below 3.0. # Some debugging lines and a place to # save things when I am tweaking # Anomy Sanitizer: a mailbox "Debug". cc "Maildir/.Debug" log "Send to Anomy" # Set up the environment variable ANOMY # to keep Anomy happy. ANOMY=/usr/local/anomy/ # Set up two other environment # variables, as required by UNICODE.TXT. LC_ALL=C LANG=en_US # Filter the message via stdin to Anomy, # with the config file specified, # logging output being appended to the # Maildrop log file and then the output # being piped to cat so cat's stdout # sends it back to Maildrop. The use # of "2>>" for appending stderr with # the log material means we need the # "| cat". # # If Anomy's conf file has: # # feat_log_inline = 0 # feat_log_stderr = 1 # # Then a report of Anomy's progress in # working on the message will be # appended to the Maildrop log file. # This seems to work fine, so # presumably each "log" line for # Maildrop means it opens and closes # the log file. There could be # multiple instances of Anomy # running at the same time, each on # different message. # # Anomy Sanitizer can be extremely # verbose in its log output. xfilter "/usr/local/anomy/bin/sanitizer.pl /usr/local/anomy/anomy.conf 2>>~/mailfilter-log.txt | cat" log "Anomy done." # Watch out for text added to body # by Anomy Sanitizer when it *drops* a # file which is an attachment within # the email - not just when it renames # a file or defangs some HTML in the # message. This: # # *** Attached file dropped *** # # is a part of the drop message I specified # in the Anomy Sanitizer config file. # It always starts at the start of a # line. # # The backslash escapes the asterisk. # An ordinary asterisk is a special # character in the PCRE pattern matching # language, so use: # # \* # # to match an asterisk. # # ":b" means look in the body, rather # then the headers. if ( /^\*\*\* Attached file dropped \*\*\*/:b ) { log "--------------------------------- Executable attachment! " # Make this "cc" for copy or "to" to # not send it to Inbox. # Copy it to the "-Executable" # mailbox. cc "Maildir/.-Executable" # Add something highly visible to the # subject line and deliver the message # to the Inbox. The dropped attachment # is replaced by a text file attachment # with the warning text. # # Intrepid users who want to find a # copy of the message with its original # attachment will find it in the # mailbox "Pre-Filter-Inbox", as # described above. xfilter "subjadd ~~~[Executable]" to "Maildir" } # Copy all messages which are not # caught by one of the above filters # to be copied to special folder # so I can find them, even if I # accidentally delete it from the # Inbox. I don't intend to keep # this mailbox's contents for long. cc "Maildir/.0-Inbox-Old.Post-Filter-Inbox" log "- - - - - - - - - - - - - - - - - - - - - - No match" # Deliver to the Inbox. to "Maildir"