Procmail

The CS Department's mail server uses Procmail for delivering mail. Procmail is a mail processing utility, which can help you filter your mail; sort incoming mail according to sender, Subject line, length of message, keywords in the message, etc, and much more. This web page will only document enough of Procmail to allow you to filter spam. For complete documentation on Procmail, see the Procmail FAQ and the manual pages.

Procmail: A Quick Overview

When the mail system receives a message for you, it starts Procmail to deliver the message. Procmail looks for a file called .procmailrc in your home directory. If it doesn't find a .procmailrc file, the incoming message is simply appended to your inbox.

If Procmail finds a ~/.procmailrc file, what happens to the incoming message depends on the "recipes" contained in the file. Procmail processes the recipes in the file from top to bottom, and stops processing after matching a recipe. If no recipe matches, the incoming message is appended to your inbox.

Dealing with Spam

All mail you receive will automatically be run through SpamAssassin and tagged. What you do with spam is up to you.

Customizing SpamAssassin

You can customize SpamAssassin by modifying your ~/.spamassassin/user_prefs file. There are many configuration options, which you can read about at the SpamAssassin web page. Here are the ones you're most likely to be interested in.

To modify the subject line of the suspected spam message, add this line to your user_prefs (This adds '*****SPAM*****' to the subject):

  rewrite_header Subject *****SPAM*****

You probably don't want to view or run MIME attachments if the message is spam. This option will prevent nasty attachments from doing anything:

  defang_mime 1

SpamAssassin tends to mark mail from mailing lists as spam. You can prevent that by "white listing" an address -- that is, any mail from this address will not be tagged as spam:

  whitelist_from someone@address.example

Separating Spam From Ham

So now that you've got your incoming mail tagged as spam, what do you do with it? That's up to you. One suggestion is to have likely spam redirected to an alternative mail box (a.k.a., your "spambox"). To do so, add this recipe to your ~/.procmailrc:

   :0:
   * ^X-Spam-Status: Yes
   /var/mail/$LOGNAME.spam

Or, if you use Maildir, use this recipe in your ~/.procmailrc:

   :0
   * ^X-Spam-Status: Yes
   $HOME/Maildir/.spam/

It's not necessary to understand how this recipe works to use it -- just cut and paste it into your ~/.procmailrc. If you'd like to know how it works, check out the Procmail Quick Start page.

Reading Spam

You should read your spambox occasionally. SpamAssassin isn't perfect, and you will eventually end up with a legitimate message marked as spam.

To read your spam mail (using a standard unix mail client), use the "-f" flag, like this:

	mutt -f /var/mail/$LOGNAME.spam

If you use an IMAP client to read your mail, you'll have to take a few extra steps.

1. Figure out in which directory your IMAP client looks for mail folders on the server. (If Tstaff set up your IMAP client, it's probably ~/Mail.)
2. On a unix host, create a link in that directory to your spambox, like this:

     cd ~/Mail
     ln -s /var/mail/$LOGNAME.spam SPAM
   

3. In your mail client, "subscribe" to the SPAM folder.

Dealing with Virus Warnings

As mentioned in the section on virus scanning our mail servers will alert you when you send an email containing a virus or receive an email from someone else that contained a virus.

Separating out Virus Warning Emails

Since everyone in the department is running some sort of virus scanning software on their local machine, it is most likely that our mail servers will only be sending you warnings about email messages sent to you which contained some sort of virus. You may feel that the majority of these emails are actually spam and want to filter them out of your INBOX. To do so, add this recipe to your ~/.procmailrc:

   :0:
   * ^X-(Virus|Banned): Yes
   /var/mail/$LOGNAME.virii

Reading Virus Warning Emails

As with your spambox, you should read your virusbox occasionally. Although the majority of the infected email messages will be spam, you might end up with some legitimate email messages sent from a user with an infected machine.

To read your virus warning mail (using a standard unix mail client), use the "-f" flag, like this:

	mutt -f /var/mail/$LOGNAME.virii

If you use an IMAP client to read your mail, you'll have to take a few extra steps.

1. Figure out in which directory your IMAP client looks for mail folders on the server. (If Tstaff set up your IMAP client, it's probably ~/Mail.)
2. On a unix host, create a link in that directory to your virus email box, like this:

     cd ~/Mail
     ln -s /var/mail/$LOGNAME.virii VIRII
   

3. In your mail client, "subscribe" to the VIRII folder.

Procmail Tips

• If you don't give a full pathname for a mailbox, it will end up in your home directory.
• Make sure neither your home directory nor your ~/.procmailrc is group or world writable.
• Whenever a rule modifies a file, or runs a program that modifies a file, make sure you use the second ':'.
• When you're modifying your .procmailrc file, you might find it helpful to add these lines:

     VERBOSE=yes
     LOGFILE=$HOME/procmail.log