On Sun, 13 Jan 2002 [EMAIL PROTECTED] wrote: > > Ma gandesc sa imi schimb adresa de e-mail (pentru ca oricum am de gand > > oferta.....si chiar daca mi-as schimba adresa de e-mail ar fi doar o > > solutie de moment, ar fi suficienta o greseala de-a mea pe internet, sau > > inscris pe zeci de liste de discuti) si pe urma totul ar lua-o de la > > inceput...
Indiferent ce faci, adresa ta (si a altora) ajunge sa fie cunoscuta la toata lumea. Chiar si scriind pe aceasta lista. Cauta-ti numele pe Internet si o sa vezi ce popular esti :-) Cum Google sau altii permit cautarea in arhive de mail, e usor ca cineva sa-ti afle adresa. Niste boti care cauta pe google sau altii dupa pattern-uri cu "@" nu sunt greu de scris. Prin urmare, sa te desubscrii sau sa-ti schimbi adresa e tot aia. IMHO cea mai buna metoda e procmail pentru ca: (-) iti opreste spamu' pe server (inainte sa-l tragi tu cu pop3) (-) poti construi niste reguli foarte felxibile daca studiezi putin De exemplu, eu mi-am dezvoltat o metoda simpla de spam care imi opreste cam 90% din spam. .procmailrc-ul meu arata cam asa: [...declaratii de variabile globale...] # Format mail headers into a predictable format :0fwh |formail -z # damn spammers (i) # opresc spam-ul bazat pe cuvinte cheie in subiect :0 * ^Subject:.*(guaranteed|cash|penis|casino|viagra|money|loss|currency|rich|million)|^TO:.undisclosed.*recipients spam [...reguli pentru procesat mailing-list-urile...] # damn spammers (ii) # orice mesaje care nu imi sunt trimise pe adresa mea, e spam :0 * !(To|Cc).*(radu*|socrate*).*(@tuiasi.ro|@infoiasi.ro|@info.uaic.ro) spam Pentru a fi sigur ca nu se strecoara nici un mesaj valid printre spam-uri, prefer sa le salvez intr-un folder separat prin care ma uit din cand in cand si sterg cu 'd' din pine dintr-un foc. Probabil ca se pot dezvolta reguli si mai eficiente, dar acestea doua ma feresc de mare parte din spam si deocamdata sunt ok pentru mine. Cautand pe net am mai gasit un pocmail destul de complex scris de cineva, cu reguli mult mai multe si mai complexe, pe care nu am apucat din pacate sa le testez. Dar daca ai timp, l-am atasat acestui mesaj, sa te joci cu ele. Spam-ul bazat pe pattern-urile sender-ului nu mi se par eficienta, ca indivizii schimba adresele tot timpul. Pattern-uri bazate pe subject sau continut mi se par mult mai eficiente. Si inca ceva, ca si computer security, sa-ti setez un procmailrc nu e niciodta de ajuns. A filrta spam-ul e un process continuu. Ave, Socrate P.S. Pentru netadmini care ar dori sa poata filtra smap en-gros, link-ul acesta poate fi util: http://www.linuxworld.com/site-stories/2001/1226.razor.html "Vipul's Razor is an open source (see resources) project hosted by SourceForge. Razor is a "distributed and constantly updating catalog of spam in propagation." Think of it as a real-time Dewey Decimal System of spam, but it does more than just index spam. It tracks, identifies, and harasses spam, and when it finds spam, it destroys it. Unlike many open source projects, the installation of Razor was not in any way circuitous. Vipul Ved Prakash even had the audacity to include a well-packaged tarball of required Perl modules along with a global makefile. What is this guy thinking? Does he not know that all of us open source people enjoy being placed on the medieval rack when we install software?" -- Radu Filip Network Administrator @ Technical University of Iasi [EMAIL PROTECTED] Information Technology and Communication Center http://socrate.tuiasi.ro/ [EMAIL PROTECTED] | http://ccti.tuiasi.ro/ -- Attached file included as plaintext by Listar -- -- File: procmailrc_antispam PATH=/bin:/usr/bin:/usr/X11R6/bin:/sbin:/usr/sbin:/home/gilbertt/bin:/usr/local/bin:/usr/X11R6/bin SHELL=/bin/bash # "VERBOSE=on" is only used for debugging. VERBOSE=off SENDMAIL=sendmail MAILDIR=$HOME/mail DEFAULT=$MAILDIR/Inbox LOGFILE=$HOME/.procmail_log # LOGABSTRACT = "all" # where to send spam SPAM=SPAM # A list (one per line) of people I KNOW are spammers :-) # can match any part of name so you can use fred, [EMAIL PROTECTED] or aol.com to # match a user, mail address or domain. # Note that this file is case-insensitive. SPAMMERS=$HOME/.procmail/spammers # name of the file containing a list of people we # always want to get mail from, one per line. If # any substring of the From: or Sender: line matches # a line of this file, it will go through, so this # can be used to denote entire sites that we always # wish to get mail from as well as individuals. # E.g. "user", "[EMAIL PROTECTED]" or "aol.com". # Note that this file is case-insensitive. # Putting all of the people or lists you get lots # of mail from here will not only insure you get # it, but will speed up procmail. FRIENDS=$HOME/.procmail/friends # ====================================== # Preventing duplicates using 16Kb cache # They get shoved in duplicates folder :0 Whc: .msgid.lock | formail -D 16384 .msgid.cache :0 a: /dev/null # ========================================================================== # Correct crap or broken mails using sed # ========================================================================== # Correct wrong sig-dashes, ie add a space for lines with only "--" in them: # from: ^--$ # to: ^-- $ :0 fBw * ^--$ | sed -e 's/^--$/-- /' # preconverts all plain-text mail arriving in certain encoded # MIME formats into a more compact 8-bit format which can be # used and displayed more easily by most programs. :0 * ^Content-Type: *text/plain { :0 fbw * ^Content-Transfer-Encoding: *quoted-printable | mimencode -u -q :0 Afhw | formail -I "Content-Transfer-Encoding: 8bit" :0 fbw * ^Content-Transfer-Encoding: *base64 | mimencode -u -b :0 Afhw | formail -I "Content-Transfer-Encoding: 8bit" } # Convert old-style PGP messages to MIME :0 * !^Content-Type: multipart/ * !^Content-Type: application/pgp { :0 fBw * ^-----BEGIN PGP MESSAGE----- * ^-----END PGP MESSAGE----- | formail \ -i "Content-Type: application/pgp; format=text; x-action=encrypt" :0 fBw * ^-----BEGIN PGP SIGNED MESSAGE----- * ^-----BEGIN PGP SIGNATURE----- * ^-----END PGP SIGNATURE----- | formail \ -i "Content-Type: application/pgp; format=text; x-action=sign" } ###################################################################### # Here we search the list of people we always want to get mail from, # # and deliver the mail if it's from one of them, no matter what. # # The FRIENDS file is set and described above. # ###################################################################### :0: * ? (formail -x From: -x Sender: | fgrep -iqf $FRIENDS) $DEFAULT # deliver to default mailbox ################################################################## # SPAM filter. I don't like spam. I just don't # ################################################################## # Here we search a file with a list of people we _never_ want to # get anything from, tossing the mail if it's from one of them. # SPAMMERS is set and described above. # Note, you can use the following line instead to be even more # strict, they can't have even relayed it via an adress in the # spammers file: # * ? (formail -x From: -x Sender: -x Reply-To: -x Received: | fgrep -iqf $SPAMMERS) :0: * ? (formail -x From: -x Sender: -x Reply-To: | fgrep -iqf $SPAMMERS) | formail -A "X-SPAM-RULE: address found in spammers file" >> $SPAM # look for X-Advertisement header or 'advertisement' in the subject, # accounting for possible sp. error. "Nice" spammers use this header. :0: * ^X-Adverti[sz]ement: | formail -A "X-SPAM-RULE: X-Advertisement header" >> $SPAM :0: * ^Subject:.*adverti[sz]ement | formail -A "X-SPAM-RULE: Advertisement in subject" >> $SPAM # To: friend(s)@public.com or [EMAIL PROTECTED] and the like. Spam. # (arrangements made for those who spell at a 4th grade level as # well, i.e.: freind) :0: * ^TO.*( |<|,)(fr(ie|ei)nd(s)?|you)@ | formail -A "X-SPAM-RULE: Addressed to 'friend' or 'you'" >> $SPAM ## <Undisclosed [EMAIL PROTECTED]> seems common to spam. # Unfortunately, also a mailing list I'm on :/ #:0: #* ^TO.*[Uu]n(disclosed|listed)(-| )?[Rr]ecipients #| formail -A "X-SPAM-RULE: Undisclosed recipients" >> $SPAM #$SPAM # snag the To: and From: headers TO=`formail -zx To:` CC=`formail -zx Cc:` FROM=`formail -zX From: | formail -zrx To:` # no To: line AND no Cc: line. You could filter out anything with no To:, # but there are lots of mailinglist idiots who Cc the list and don't To: # anyone ;-) :0: * TO??^$ * CC??^$ | formail -A "X-SPAM-RULE: no To: or Cc: header" >> $SPAM # purely numeric address. blah. I've never seen this be legit. # Even compuserve addresses have a punctuation mark of some sort. :0: * ^From:.*( |<)[0-9]+@ | formail -A "X-SPAM-RULE: purely numeric email address" >> $SPAM # bogus pegasus header, very common with spammers, and I've never # seen it used by anyone else. :0: * ^Comment: Authenticated sender is * ! ^X-Mailer: Pegasus | formail -A "X-SPAM-RULE: bogus pegasus header" >> $SPAM # Poopy stuff I can't read, nor wish to :0: * ^Content-Type: .*charset=.ks_c | formail -A "X-SPAM-RULE: ks_c charset in header" >> $SPAM :0 B: * ^[ ]*charset=.ks_c | formail -A "X-SPAM-RULE: ks_c charset in body" >> $SPAM :0 B: * ^[ ]*charset=.big5 | formail -A "X-SPAM-RULE: big5 charset in body" >> $SPAM :0: * ^[ ]*charset=.gb2312 | formail -A "X-SPAM-RULE: gb2312 charset in header" >> $SPAM # bad message id -- empty or no @host part. :0: * ^Message-Id:.*<[^@]*> | formail -A "X-SPAM-RULE: bad Message-Id" >> $SPAM #sex spam -- "XXX" in subject (case sensitive, word boundaries) :0 D: * Subject:.*\<XXX\> | formail -A "X-SPAM-RULE: XXX in subject" >> $SPAM # 1-900 in the subject. Yeah, right. :0: * ^Subject:.*1-900 | formail -A "X-SPAM-RULE: 1-900 number in subject" >> $SPAM # 'dear friend' at the start of a line in the body of message # (in brackets is a tab and a space -- if you edit the file, make # sure you keep them in there -- one tab, one space, in either order) # provisions made for misspelling. :0 B: * ^[ ]*dear fr(ie|ei)nd(s)? | formail -A "X-SPAM-RULE: 'dear friend' in body" >> $SPAM # Your research sucks ("our research indicates that you wanted our spam..") :0 B: * (our|my) research indicates | formail -A "X-SPAM-RULE: 'our research indicates' in body" >> $SPAM # sex spam, "adults only" in subject :0: * ^Subject:.*adults only | formail -A "X-SPAM-RULE: adults only in subject" >> $SPAM # we don't ever wanna hear about mlm (message body) :0 B: * multi(-| )?level marketing | formail -A "X-SPAM-RULE: 'multi level marketing' in body" >> $SPAM :0 B: * business opp(ortunit| ) | formail -A "X-SPAM-RULE: 'business opportunity' in body" >> $SPAM :0 BD: * MLM * FREE | formail -A "X-SPAM-RULE: 'MLM' and 'FREE' in body" >> $SPAM # # 2 bangs in subject. spammer hype. # Unfortunately, I know far too many excitable people who use excessive # punctuation ;-) Commented out so I get their mail. # :0 # * ^Subject:.*(!!) # | formail -A "X-SPAM-RULE: Multiple bangs in subject" >> $SPAM # $SPAM # 2 dollar signs in subject. spammer hype. :0: * ^Subject:.*(\$\$) | formail -A "X-SPAM-RULE: '$$' in subject" >> $SPAM # I'll gratis you in a minute buddy :0: * ^Subject:.*GRATIS | formail -A "X-SPAM-RULE: 'GRATIS' in subject" >> $SPAM # 1-900 or 1-800 number in the body :0 B: * 1-[89]00 | formail -A "X-SPAM-RULE: 1-900 or 1-800 in body" >> $SPAM #large dollar amount in subject line :0: * ^Subject:.*\$[0-9]+,000 | formail -A "X-SPAM-RULE: large dollar amount in subject" >> $SPAM ############################################################ # Hot phrases. Typical of spammers. Try to catch them all! # ############################################################ # Case sensitive :0 BD: * OPPORTUNITY | formail -A "X-SPAM-RULE: Hot spam word 'OPPORTUNITY' found in body" >> $SPAM :0 BD: * PURE PROFIT | formail -A "X-SPAM-RULE: Hot spam word 'PURE PROFIT' found in body" >> $SPAM :0 BD: * STOCK PICK | formail -A "X-SPAM-RULE: Hot spam word 'STOCK PICK' found in body" >> $SPAM :0 BD: * FREE CONSULTATION | formail -A "X-SPAM-RULE: Hot spam word 'FREE CONSULTATION' found in body" >> $SPAM :0 BD: * INCREASE SALES | formail -A "X-SPAM-RULE: Hot spam word 'INCREASE SALES' found in body" >> $SPAM :0 BD: * LIMITED TIME ONLY | formail -A "X-SPAM-RULE: Hot spam word 'LIMITED TIME ONLY' found in body" >> $SPAM :0 BD: * FULL REFUND | formail -A "X-SPAM-RULE: Hot spam word 'FULL REFUND' found in body" >> $SPAM :0 BD: * NO QUESTIONS ASKED | formail -A "X-SPAM-RULE: Hot spam word 'NO QUESTIONS ASKED' found in body" >> $SPAM :0 BD: * GUARANTEE | formail -A "X-SPAM-RULE: Hot spam word 'GUARANTEE' found in body" >> $SPAM # Case insensitive :0 B: * Dear Sir or Madam | formail -A "X-SPAM-RULE: Hot spam phrase 'Dear Sir or Madam'" >> $SPAM :0 B: * This is not unsolicited e?mail | formail -A "X-SPAM-RULE: Hot spam phrase 'This is not unsolicited e?mail' found in |body" >> $SPAM :0 B: * this is not spam | formail -A "X-SPAM-RULE: Hot spam phrase 'this is not spam' found in body" >> $SPAM :0 B: * you do not wish to receive further | formail -A "X-SPAM-RULE: Hot spam phrase 'you do not wish to receive further' found |in body" >> $SPAM :0 B: * mail was sent to you because | formail -A "X-SPAM-RULE: Hot spam phrase 'mail was sent to you because' found in |body" >> $SPAM :0 B: * requests to be taken off our mailing list | formail -A "X-SPAM-RULE: Hot spam phrase 'requests to be taken off our mailing list' |found in body" >> $SPAM :0 B: * To Be Removed,? Please | formail -A "X-SPAM-RULE: Hot spam phrase 'To Be Removed,? Please' found in body" >> |$SPAM :0 B: * that your email address is removed | formail -A "X-SPAM-RULE: Hot spam phrase 'that your email address is removed' found |in body" >> $SPAM :0 B: * You were sent this message because | formail -A "X-SPAM-RULE: Hot spam phrase 'You were sent this message because' found |in body" >> $SPAM :0 B: * Investment Opportunities | formail -A "X-SPAM-RULE: Hot spam phrase 'Investment Opportunities' found in body" |>> $SPAM :0 B: * \.BIZ domain | formail -A "X-SPAM-RULE: Hot spam phrase '.BIZ domain' found in body" >> $SPAM ################### # Mailing lists # ################### :0: * X-Mailing-List: <\/[^@]+ lists/`echo $MATCH | sed -e 's/[\/]/_/g'` :0: * ^Sender: owner-\/[^@]+ lists/`echo $MATCH | sed -e 's/[\/]/_/g'` :0: * ^X-BeenThere: \/[^@]+ lists/`echo $MATCH | sed -e 's/[\/]/_/g'` :0: * ^Delivered-To: mailing list \/[^@]+ lists/`echo $MATCH | sed -e 's/[\/]/_/g'` :0: * X-Loop: \/[^@]+ lists/`echo $MATCH | sed -e 's/[\/]/_/g'` :0: * X-ML-Name: \/[^@]+ lists/`echo $MATCH | sed -e 's/[\/]/_/g'` # damn kernel back-to-frontness :0: * ^Sender:[ ][EMAIL PROTECTED] lists/linux-kernel # broken lists using win32 software and NO LIST HEADER. Dumb. :0: * ^Sender: (Bugtraq|Incidents Mailing|VULN-DEV) List lists/bugtraq # LISTAR???? Geeze Snow-man! :0: * ^Reply-to: E-OPs List lists/e-ops ######################################### # Final SPAM filter, post mailing lists # ######################################### # NOTE: This catches like 80% of my SPAM, it really works but make the match # CORRECT :-) # # Not mailing list, but not to me. SPAM. :0: * !^TO(linuxbrit.co.uk|lunixbrat.com|lunixbrat.net|offended.co.uk|linuxbrit.net|gilbert|snowman.net|tomsflat|localhost|Blind\.Copy\.Receiver) | formail -A "X-SPAM-RULE: Not to one of my addresses or a mailing list" >> $SPAM :0 c * !^From:.*tomsflat * !^FROM_MAILER * !^X-Loop: [EMAIL PROTECTED] | formail -A "X-Loop: [EMAIL PROTECTED]" | \ $SENDMAIL -oi [EMAIL PROTECTED] ##################################### # Last rule: Put mail into mailbox # ##################################### :0: $DEFAULT # End of file --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
