Email Filtering for Beginners

Published on 4 February 2003 in , , ,

A rather nasty virus attack (W32/Yaha.c@MM Apparently) – thankfully on someone elses computer – recently lead to me recieve something like 100 virus-generated emails in the space of a few days.

I say me – they were actually sent to one of Catherine’s email addresses, but such is the laziness of our home PC network, all the emails come through to the same place in the end.

The problem was compounded by the fact that the person with the virus (no idea actually who they were) was one of those people who don’t understand the concept of emptying out their Hotmail account, so every attempt I made to send a "Look you twonk, you have a virus you fool" email just got bounced back to me.

Quick! Save me!

In desperation I reached for Procmail. (For those that don’t know, Procmail is a piece of software that helps filter emails and runs on Unix servers.)

I can’t say I’ve had much experience of email filters bar those included in my email client, but when you’re recieving 30 odd emails a day, you don’t want to download them only for your email client to throw them in the bin. Procmail filters are a bit cleverer and stop the emails before you even try to download them. This is good!

Oh why did I ever start this?

Unfortunatly it was only when I delved into the world of procmail filters that I realised that ignorance was bliss!

Now I’m not a Unix newbie by any means – I’ve run various versions of Linux as my main operating system for something like five years, but setting up Procmail is just mad. The config file is one of those designed to be read by tech-head developers or computers, not the humble dabbler like myself who wants nothing more than to block out one persons emails.

Sometimes a GUI is good!

What Procmail desperatly needs is a little point-and-click programme that will generate it all for you. Guess what it doesn’t have! Well none that I found anyway.

The problem was compounded by the way my email is setup.

Our mail email addresses (those associated with the various domains we own) all get sent through one very nice computer (called fof). Then they all get sent out to my ISP.

It seems that no one writing Procmail tutorials has ever heard of this way of working and it took forever to work out how on earth I was supposed to configure it all.

Add to this that most Procmail tutorials seem to be written by serious techies for serious techies and I was one confused Bods.

I’ve found a useful resource on the web! And I didn’t find it through Google!

Thankfully I came across a reasonably understandable tutorial after much trying – who would thought the Procmail homepage would contain a useful link! Not me given I tried several Google searches first…

The excitingly titled "Timo’s procmail tips and recipes" proved to be reasonably well written and actually coherent. Although there was still no specific example that was similar to my own, with a little effort I was able to codge something together that checked for this one email address, and killed it on site. The rest is then forwarded to me.

Regexps? Reach for the Headex? (That was a pun).

What’s annoying though is that it took so long to set this up – especially as a Procmail novice like me and one who isn’t very good with those demonic regular expressions which developers seem to love. Regular expressions are very powerful, but to be honest they give me a serious headache.

Add to this the fact that the tutorials are more obsessed with convaluted workrounds like removing sigs from emails, or copying email headers to a seperate file.

Do It Yourself?

Now I know what some people are thinking – if you don’t like what’s out there, do it yourself. Well not being a Procmail expert I’m not exactly the best person to do the job, but if you are a Procmail expert writing docs, just remember – keep it simple and regular expressions scare the hell out of people. Everyone has to start somewhere and put some effort in, but please stop trying to scare me!

In the meantime, I’m going to keep trying to learn Procmail – my next task is to sort out a filter for all that Korean and Japanesse spam I keep getting…

And maybe I’ll become a Procmail expert in the end and write that basic tutorial!

1 Comment

  • none says:

    Found this site while looking for a procmail configuration gui.
    I found one that runs in a web browser, it requires php and apache to be installed, but it might prove useful to some people.
    It is called Ingo
    http://www.horde.org/ingo/
    Not used it, but maybe it will help someone.