Updated October 13, 2001
If you have a version before the current version number or more than a month older than this date, please update. If you are running in COMPLAIN mode, you should update weekly.
Please also read "What's New" for new version information. New users should run with SPAMREPLY and BLOCKREPLY set to SILENT for a week or so until they are sure the program is installed correctly and isn't catching legitimate email. Beta version users should check the Beta Version comments at the top of the SpamBouncer program file when installing a new beta version.
Copyright (C) 1996-2001 by Catherine A. Hampton. If you abide by the Free Software Foundation's COPYING principles with this document and the spam software and forms, you're home free, but don't try to copyright it yourself or sell this information.
10/13/01 |
This is a housekeeping update, although a fairly extensive one. The NIMDA virus is now trapped by the SpamBouncer, and a number of new spam sites have been added to the Small Fry and Haven Domains sections. | |
|---|---|---|
8/24/01 |
This update contains a bug-fix for the HTML spam pattern matching filter, which had a typo that was causing legitimate email to get caught. Please update. |
|
8/22/01 |
This update contains the following new and improved features: Filtering mail sent through SOCKS proxies. The SpamBouncer now filters email from a list of known open SOCKS proxy servers. These are servers that accept connections from any user on ports other than the standard SMTP port, port 25, and allow the user to send outgoing email. These servers are easily abused by spammers to send direct-to-MX email from accounts at ISPs that block outgoing connections to port 25. SOCKS proxy filtering is disabled by detault; you must explicitly enable it to use it. Improved filtering of HTML spam. The SpamBouncer now catches HTML email with inappropriate headers, or that does not also contain a plain text version. The HTML email sent by Microsoft products, Netscape, and other reputable products also contains a plain text version for those whose email software does not understand HTML. I have seen no legitimate personal email that comes as HTML only. Bulk email, especially marketing bulk email, sent by some non-spamming sites to subscribers does contain HTML. Since you are supposed to filter out your bulk email before sending it through the SpamBouncer, this filter should not result in loosing email you want to receive. "Optin" Incorporated -- a new, prolific spammer. Spam sent through opthost.com or any IP address associated with Optin Incorporated now is filtered out. This spammer has sent approximately ten spams to various email addresses of mine in the last week, and I've received forwarded spam from a number of you as well. That justifies going after the idiots more aggressively than I normally would a new spammer. If you have SPAMREPLY set to COMPLAIN, complaints are sent to the appropriate upstream providers. Improved spam complaints code. This allows the SpamBouncer to accept and respond appropriately to several incoming emails at once, and prevents a rare but annoying bug that resulted in a complaint containing copies of two spam messages. Most of you would not have experienced this problem, but users with high rates of incoming email (you know who you are) will find that their complaints now will contain only the appropriate spam and not an additional, unrelated spam as well. In addition, there have been a bunch of updates to the Small Fry list, haven domains filter, and other pattern matching filters. | |
8/05/01 |
NOTE: The SpamBouncer Updates mailing list blew up this morning while processing subscriptions. Unfortunately I didn't keep a copy of the subscriptions file. :( So if you attempted to subscribe within the last two months, that is why you didn't get update notice in your email. Please resubscribe. This was an extensive update. Among the more important changes, and changes most affecting users, are the following. Filtering at the Mail Server Level. The new Blackhole List Support. In the last three months, ORBS has gone away entirely, MAPS has gone subscriber-only, and a raft of new blackhole lists with a bewildering range of criteria have started up. In response to this,I've made the following changes to the SpamBouncer's blacklist support:
Email Virus filtering. The SpamBouncer now filters out five common email viruses, including the destructive SirCam worm. In addition, it looks for and filters out any email with a hidden executible attachment. Advance Fee (4-1-9) Fund Fraud Spam. The SpamBouncer has a new filter to detect advance fee fraud spam. The 4-1-9 advance fee fraud started and is centered in Nigeria, but in the last year has migrated to a number of countries in West Africa. The fraud takes place via postal mail and fax, as well as email. Victims have lost significant sums of money, and in a few cases their lives, to these vicious criminals. :( If you have COMPLAIN or BOTH set to yes, the SpamBouncer will report any instances of this spam you receive to an international task force that is working to stop it. Bugs fixed in SpamBouncer and sample procmail.rc file. Several bugs were fixed, including a bug in the Disclaimer pattern match filter that was occasionally catching email based on header strings. In addition, a long-reported bug in the procmail.rc file that misfiled bulk email has been fixed. Spam Sites. There are a number of new recipes for sites that spam from a fixed location. If you have COMPLAIN or BOTH set to yes, the SpamBouncer will complain to the upstream providers of these sites. Updated Small Fry list, Pattern Matching filters, etc. The usual housekeeping updates have been done. I'd like to thank David Hampton, Eric Krichbaum, and Peter Wan for their help with the new virus filters; and too many people to list here for bug reports on the SpamBouncer, the sample procmail.rc filter, and the web page. :) You people are great! |
The SpamBouncer is a set of procmail recipes, or instructions, which search the headers and text of your incoming email to see if it meets one or more of the following conditions:
The SpamBouncer sorts suspected spam into three categories -- email sent by a virus, email from known spam sources which is definitely spam, and email which is probably spam, but might also be legitimate. It then tags each email with appropriate headers for the spam classification, and responds according to the parameters you have set.
Depending on how you set it up, it will:
If you get mail from friends who have accounts at a site listed in the SpamBouncer, you can put their names and email addresses in a text file and set the NOBOUNCE variable to point to it. If you want to receive mail from a site I have listed as a spam site, you can add the entire site name to the NOBOUNCE file. The SpamBouncer will check the NOBOUNCE file before filtering your email and will skip any email from a person or site listed in the NOBOUNCE file.
Please note that you can put entire domain names, not just email addresses, in NOBOUNCE. For example, if you want to accept all email from concentric.net without checking for spam, just put concentric.net in your NOBOUNCE file, with no username@ section. This will cause the SpamBouncer to skip all email from anyone at Concentric. (I do not recommend doing this except for small domains which you =KNOW= will not be sources of spam, though.)
The SpamBouncer itself must run on a Unix server which has the Procmail mail filtering program installed, so only users who have access to a Unix shell account with Procmail installed can use it. This means that AOL users, Earthlink users, Mindspring users, Netcom Netcruiser/Netcomplete users, Compuserve users, Prodigy users, and others who do not have a Unix shell account as part of their service will have to find some other means of filtering spam. Sorry!
It is possible, however, for people who use Eudora, Pegasus Mail, and other POP clients to use the SpamBouncer on their Unix shell accounts to filter their email, and then use their favorite POP mail client to retrieve their filtered mail from the server. If their POP client programs can filter mail by headers, they can filter and delete known spam and probable spam directly into appropriate folders via the SpamBouncer's headers.
This means that anyone running any kind of computer, operating system, and software can use the SpamBouncer, provided they have and use a Unix shell account, and (if they want to use a POP mail program) have software capable of filtering their mail based on user-configurable headers.
If you are totally confused by now, PLEASE find a friend who understands what this means before you try to install the SpamBouncer. While I have made this as user-friendly as I could, using the SpamBouncer requires a certain level of knowledge about computers and the internet. It is not for computer or internet novices.
Because someone who evidently likes the SpamBouncer listed it for me in Yahoo and other search engines <wry grin>, I need to include the following disclaimers and warnings.
First, this is free software. No warranty is provided or implied -- users use the SpamBouncer at their own risk.
I wrote the SpamBouncer originally to filter my own mail, when spam started drowning out the real mail. I originally posted these filters to my web site so that users at my old ISP, Best Internet (long since bought out by Verio), and a few other experienced users could help me test them. I recommend that Procmail neophytes get help from an experienced Procmail user on their system to install the SpamBouncer, and run it in default "Silent Mode" until they are more confident of their skills.
The SpamBouncer is being developed on a Pentium-based server running OpenBSD, and running Procmail 3.14.
In addition to the Pentium-based system where I am developing the SpamBouncer currently, I have developed and tested the earlier versions of it on Linux, FreeBDS, SGI systems running Irix 5.3 and 6.2, SunOS 4.1.3, and Solaris 5.2. I know of no problems running on these systems. A number of users have also run the problem under various flavors of SunOS, Solaris, HPUX, and other versions of Unix with no trouble.
So please be careful, and keep a close eye on your account for a few days after installing to be sure it works properly.
To use these filters, you will need to have procmail installed on your system, and have set it up for your account. This does not mean you must read mail on your unix account -- if you have a shell account, these filters can be configured to filter mail and then deliver it to your POP mail box. If you don't know what kind of account you have, you probably shouldn't be using these filters until you learn something about Unix and shell accounts.
Since the way Procmail should be installed is different on
different systems, if you do not already have Procmail installed,
you will need to ask your system administrator or people on your
local internet service provider for help. Those who have never
used Procmail and want to get started with a simple Procmail
setup can jump to
Getting Started With Procmail,
a tutorial with clear instructions about what information you will need
to get from your system administrator to set up Procmail properly on your
account, and a basic .procmailrc configuration file which
should work well on most systems.
If you are an experienced Procmail user, please make sure that your
.procmailrc file is configured to filter out your mailing
lists before filtering for spam. The SpamBouncer tries to identify
list mail and skip it, but some mailing lists do not use standard
list "Precedence:" headers or headers recognisable by Procmail as
coming from a daemon or list program. So please be sure you filter
out your lists first, especially if you are running with SPAMREPLY
set to BOUNCE or COMPLAIN!
In any event, you should always run in SILENT mode for a few days, until you are sure you have your mailing lists filtered out properly and that the filter is working properly on your account.
If you did not use procmail.rc from Getting Started With
Procmail, here's a recipe to filter out list mail and other mail from
automatic mailer programs, or mailer daemons, as they are usually
called on Unix machines. Put it in your .procmailrc
file before the INCLUDERC statement that calls the
SpamBouncer.
# Filter out Mailing List Mail
:0:
* ^TO(listmom-talk@skylist.com|\
orthodoxy@lists.best.com|\
procmail@Informatik.RWTH-Aachen.DE)
$BULKFOLDER
You should substitute all mailing list addresses for mailing lists you receive for the list I gave -- you and I don't read mail from the same lists, at least as far as I know! :)
After you have installed Procmail for your system, you can install the SpamBouncer. You will need to download the SpamBouncer program files to your Unix account first. You can do this one of two ways -- by downloading them from the links below to your personal computer, or by ftp'ing them. The advantage to ftp is that it ensures that the file format will be right. Often, when you retrieve a text file using a WWW browser and then save it to your hard disk, the browser reformats the file. This type of reformatting can break Procmail configuration files like the SpamBouncer.
Lynx users should note that lynx reformats text files when downloading them via a normal link access command, which will break the SpamBouncer and most other Procmail scripts. If you're a lynx user, please remember to use the "D" command to download the SpamBouncer files instead of just accessing the link, or (even better) ftp the files from the links in the FTP column instead of trying to retrieve them from the http:// links in the WWW/HTTP column.
| Via FTP | Via WWW/HTTP | |
|---|---|---|
To ftp the SpamBouncer, you must do this:
|
|
To download the SpamBouncer via your WWW browser, choose one of the links below and, when your web browser prompts you, save the file to your hard disk. The ZIP archives contain files intended for your PC, and the tar.Z archives contain files intended for your Unix server.
Here are FTP download URLs for the convenience of Lynx users or users of other browsers who are having trouble with file corruption when downloading the SpamBouncer from the standard HTTP urls above. Please use the links below only if the other links don't work for you.
|
Now, if you saved the SpamBouncer files on your local PC, you will need to ftp or upload them to your unix shell account. They should be put in their own directory.
To unarchive the ZIP format archive, type "unzip spambnc.zip"
and press <Enter>. (Your Unix machine may respond with an "unzip: command
not found" error message. If it does, you may not have the Unix program unzip,
and should retrieve the tar.Z archive.)
To unarchive the tar.Z file, type
"uncompress spambnc.tar.Z", press <Enter>, and then
type "tar -xvf spambnc.tar" and press <Enter>
to extract the individual files.
The "index" file of the SpamBouncer, which may be named sb.rc, sb-old.rc or sb-new.rc depending on which version you downloaded, contains the basic script that calls all other files and scripts that comprise the SpamBouncer. The current production version of the SpamBouncer is the one containing sb.rc. The version containing sb-old.rc is the previous production release of the SpamBouncer. The version containing sb-new.rc is the current somewhat stable beta version.
Inexperienced users or users who don't want problems should not use the beta version, and all beta version users need to follow any warnings/instructions listed among the comments at the top of sb-new.rc.
All other files ending in .rc are subsidiary parts of the SpamBouncer that are called by the "index script".
The freemail file contains a sample text file which you may install and then set your FREEMAIL variable to point to. You do not need to install this file unless you want to customize the list of free email sites -- the SpamBouncer will use its own internal list if it can't find the text file.
The "legitlists" file contains a text file with the names of legitimate email lists (the opt-in variety), which you may getting trapped by the SpamBouncer. Just put each mailing list address on a separate line, just as you would with the NOBOUNCE file.
The other three files contain standardized
autoresponder messages for the program. You may customize
these to your taste. I do recommend that you leave the
references to the SpamBouncer bypass email address in any edited version of
the file spam, though, so that people know how to
contact me if their mail is getting bounced because of a problem
with the filter itself, or how it is installed. That way, I
can contact you (hopefully), and prevent further damage.
If you customize the autoresponder messages, you probably want to keep them reasonably polite. There's no point flaming some poor innocent bystander because you're p*ssed at some spamming fool with a throwaway account. :)
The best way to use the SpamBouncer is to save the files in a location to which everyone on your system has read access. If you aren't sure how to do this, ask you system administrator or an experienced user on your system. If you install the filter this way, a user can create a symbolic link to the shared SpamBouncer directory in his home directory. This means you or one person can keep the filter up to date for everyone, sparing a lot of people a lot of extra work.
If a particular user wants to modify the filter, he can simply create a private directory, copy the necessary files to it, and make whatever changes he wants. If he does the last, of course, he is responsible for updating his copy of the filter manually.
After setting up the SpamBouncer directory, you should set or modify
the following variables in your .procmailrc file:
DEFAULT={NO DEFAULT}
FORMAIL={NO DEFAULT}
SBDIR={NO DEFAULT}
ADMINFOLDER=${DEFAULT}
ALTFROM=${LOGNAME}@${HOST}
BLOCKFOLDER=${DEFAULT}
BLOCKREPLY=SILENT
BULKFOLDER=${DEFAULT}
BYPASSWD=syzygy
CHINESE=no
DATE=date
DEBUG=no
DORKSLCHECK=no
DULCHECK=no
FILTER=no
FREEMAIL=INTERNAL
GARBLEDCHARSET=yes
GLOBALNOBOUNCE=NONE
GREP=fgrep
JAPANESE=no
KOREAN=no
LEAN=yes
LEGITLISTS=NONE
MYEMAIL=$HOME/.myemail
NOBOUNCE=${HOME}/.nobounce
NOLOOP=${ALTFROM}
NSLOOKUP=nslookup
ORBLCHECK=no
ORBZINCHECK=no
ORBZOUTCHECK=no
ORDBCHECK=no
OSDIALCHECK=no
OSSPAMCHECK=no
PATTERNMATCHING=SILENT
PROXYSOCKS=no
RBLCHECK=yes
RM=rm
RSSCHECK=no
RUSSIAN=no
SENDMAIL=/usr/sbin/sendmail
SPAMFOLDER=${DEFAULT}
SPAMHAUSORGCHECK=yes
SPAMREPLY=SILENT
TEST=test
THISISP=${HOST}
TURKISH=no
VIRUSFOLDER=${SPAMFOLDER}
The variables are shown with the default values which the SpamBouncer
will assign if they are not already set in your .procmailrc file.
These defaults will prevent problems, but also will cause the SpamBouncer not
to do very much. So you want to set the correct variables for your system
and account.
Please note that those variables in red have no defaults and MUST BE SET or the SpamBouncer will simply pass all your mail on to you unfiltered!
Here's what each variable is for:
SILENT, which simply files the mail in
the BLOCKFOLDER, and NOTIFY, which sends a
notice and copy of his email back to the sender with instructions on
how to bypass the SpamBouncer if his email is not spam.date program. This is set to "date"
by default, since date is usually in a directory which
is in your default system path. (The system path is a list of directories
your Unix shell searches when you tell it to run a program and don't tell
it specifically where to look.)date program and that should fix the problem.no by default.freemail file,
a text file of domains offering free email accounts commonly used or
forged by spammers. The domains should be listed singly, with one
appearing on each text line, and with no blank lines in the file. Be
sure you do not create an empty FREEMAIL file, either.grep, a set of programs which searches
files on Unix systems for specified strings of characters. This is set
by default to "fgrep", a fast version of grep which is usually found
in a normal system programs directory on Unix machines. Most versions
of fgrep work properly with the SpamBouncer.grep programs
other than fgrep. Usually egrep will work,
or agrep if that does not. chitchat@borg.besties.com
dylan-fanatics@lists.musicman.net
NOBOUNCE file,
a text file of email addresses and domains whose email you want the Spam
Bouncer to skip filtering and deliver directly to you. Set this to point
to the directory and filename where you keep that file. I name mine
".nobounce" and keep it in my home directory, and this is where the
SpamBouncer looks if you don't set this variable. goodguy@spamsite.com
niceguy@roguesite.net
X-Loop: header. I recommend leaving the default setting,
which uses your ALTFROM address.nslookup program. You need to set this
only if nslookup is not in your path (the list of directories which your
system will search for a program) or if you have an alias set up for
nslookup on your account. If you aren't having trouble getting
RBLCHECK and DULCHECK to work on your system, you can leave this
alone.relays.orbl.org, the Open Relay Black List at at <http://www.www.orbl.org>, to see if an IP address is an open relay. The ORBL lists IP addresses associated with email servers which an automated script tested and found to be open relays. An email server listed in the ORBL has not necessarily been used to send spam; it merely can be used to do so. Using this or any open relay blacklist can result in blocking a considerable amount of legitimate email as well as spam, if you correspond with people at sites that host open relays.no by default.yes, tells the SpamBouncer to check the Open Relay Blackholed Zones list, at <http://www.www.orbz.org>, to see if an IP address is a single-stage open relay. The ORBZ lists IP addresses associated with email servers which an automated script tested and found to be open relays. This list closely corresponds to the old ORBS inputs list. An email server listed in ORBZ has not necessarily been used to send spam; it merely can be used to do so. Using this or any open relay blacklist can result in blocking a considerable amount of legitimate email as well as spam, if you correspond with people at sites that host open relays.no by default.yes, tells the SpamBouncer to check the Open Relay Blackholed Zones list, at <http://www.www.orbz.org>, to see if an IP address is part of a multi-stage open relay. This list closely corresponds to th eold ORBS outputs list.no by default.yes, tells the SpamBouncer to check the Open Relay Database, at <http://www.www.ordb.org>, to see if an IP address is an open relay. This list closely corresponds to the old ORBS inputs list. An email server listed in the ORBL has not necessarily been used to send spam; it merely can be used to do so. Using this or any open relay blacklist can result in blocking a considerable amount of legitimate email as well as spam, if you correspond with people at sites that host open relays.no by default.yes, tells the SpamBouncer to check the Osirusoft Dial-Up blacklist at <http://relays.osirusoft.com>, to see if an IP address belongs to a dial-up pool. This list is designed to closely correspond to the MAPS DUL, except that you do not have to subscribe to use it. no by default.yes, tells the SpamBouncer to check the Osirusoft Confirmed Spam Sources blacklist at <http://relays.osirusoft.com>, to see if an IP address belongs to a site with a confirmed history of spamming or supporting spammers. This list is designed to closely correspond to the MAPS RBL, except that you do not have to subscribe to use it. no by default. NONE, which skips pattern matching entirely;
SILENT, which simply files the mail in
the BLOCKFOLDER; and NOTIFY, which sends a
notice to the sender that his email was blocked, and explains how
to bypass spam filtering if his email was legitimate.yes, tells the SpamBouncer to check its internal list of known open SOCKS proxy servers and filter out email sent via those servers. A SOCKS proxy server is a server that accepts inbound connections via a port other than the standard SMTP port, port 25, and allows a user to send outgoing email. Email sent through these servers is usually spam.no by default. To enable SOCKS proxy filtering, set PROXYSOCKS=yes in your .procmailrc file.yes, tells the SpamBouncer to check the Mail Abuse Prevention System (MAPS) Realtime Blackhole List (RBL), which lists IP addresses associated with domains which have spammed repeatedly, and which have failed to clean up their acts despite the RBL team's efforts and assistance. As of August 1, 2001 you must subscribe to MAPS to use the MAPS RBL (Realtime Blackhole List). If you want to use the RBL, contact MAPS <http://www.mail-abuse.org> and become a subscriber. Sites
listed on the RBL are highly likely to be the sources of spam, and will rarely be sources of email you want to receive.no by default. To enable RBL-based filtering, set RBLCHECK=yes in your .procmailrc file.rm program -- the program which deletes
files. You need to set this only if rm is not in your path (the
list of directories which your system will search for a program)
or if you have an alias set up for rm on your account. If you aren't
having trouble with the SpamBouncer leaving temporary files on your
system, you can leave this alone.yes, tells the SpamBouncer to check the MAPS Relay Spam Source (RSS)
blacklist, which lists IP addresses associated with mail servers which are open relays, and through which spam has been sent at least once. As of August 1, 2001 you must subscribe to MAPS to use the RSS. If you want to use the RSS, contact MAPS <http://www.mail-abuse.org> and become a subscriber.no by default. To enable RSS-based filtering, set RSSCHECK=yes in your .procmailrc file./usr/sbin/sendmail, which will work on some systems, but
not all. On almost all systems which use sendmail, however, this variable
is set correctly as a global default by the system administrators. It
does not hurt to check and be sure, though. If SENDMAIL is not set
correctly, the SpamBouncer will be unable to send any autoreplies.yes, tells the SpamBouncer to check its internal list of sites on Steve Linford's spamhaus.org web site. These sites are mostly unrepentant and aggressive spammers. You are very unlikely to get legitimate email from any of them.no by default. To enable spamhaus.org filtering, set SPAMHAUSORGCHECK=yes in your .procmailrc file.SILENT, which simply files the mail in
the SPAMFOLDER; BOUNCE, which sends a
simulated MAILER-DAEMON bounce message to the spammer in hopes that
he will think your address is no good and remove it from his list;
COMPLAIN, which sends a
complaint and copy of the spam to the spammer's postmaster for spammers
which the SpamBouncer knows about and has this information, and in
most cases also the upstream ISPs; and BOTH,
which (not surprisingly) both sends a bounce and complains.test program, a small program which looks
for a file or directory and reports whether it exists or not. This is set
to "test" by default, since this program is normally found on the system
path.test program.
After setting the variables in your .procmailrc, add this line to your
.procmailrc file at the point where you want to filter your mail for
spam:
INCLUDERC=${SBDIR}/sb.rc
This line should appear after recipes for mail you don't
want to filter for spam and before recipes for mail
you do want to filter for spam. Users of procmail.rc
will have the correct lines in the correct location already, and will
just need to uncomment whichever one they want to use.
Users who get their mail using Eudora, Pegasus Mail, or another POP mail client which can filter mail by headers will need to set up their filters to look for the following headings:
Upgrading is easy. You just check the "What's New" notice to see if there are any new variables you should set or features you should be aware of, and then ftp the new version (or grab it with your WWW browser) and copy it over the old version. If you prefer, you can subscribe to the SpamBouncer Updates mailing list to get automatic notifications of updates via email. The mailing list is described in the next section.
That's all there is to it.
The SpamBouncer should be upgraded regularly -- weekly if you are using it with SPAMREPLY set to COMPLAIN and monthly otherwise. Spammers move around a lot. Prolific spammers tend to get disconnected quite a bit, even by spam-friendly providers, because they cause their providers so much trouble. This means that the complaint addresses in the Spam Bouncer's complaint lists must be updated constantly or complaints will go to the wrong place.
Providers get annoyed when they get complaints about a problem they've already fixed, or at least done everything they can to fix. Once they've kicked a spammer off their system, there is very little else they can do, and sending complaints to them just wastes their time and resources.
I do my part by updating the addresses, but that helps only if you do yours by keeping your copy of the SpamBouncer up to date.
So, if you can't upgrade frequently or don't want to bother updating all the time, please set SPAMREPLY and BLOCKREPLY to SILENT. That way you'll still get the benefits of the filter, but you won't risk causing trouble for an ISP that has already kicked its spammers off.
In addition, today's rogue ISP may be tomorrow's good guys. An example of that is erols.com, which a few years ago was the source of a huge amount of spam and which today is one of the leaders in the fight against it. (Erols also has one of the most entertaining "abuse@" people in the business -- Afterburner.) I regularly review the sites on the blocked list and retire those who have adopted and enforced solid no-spamming policies. That reduces the size of the filter and the resources it takes while keeping it as efficient as possible.
So, please keep up to date! :)
If you are having trouble with the SpamBouncer, first please make sure you:
The SpamBouncer is set up to avoid replying to bounced messages and autoreplies to its own bounces, but some spammers set their adminstrative accounts to autoreply to spam complaints and misconfigure their autoresponders to remove the "X-Loop" header, which should NEVER be removed by any autoreply script. In general, it is not a good idea to autoreply to mail from administrative accounts at all, so the SpamBouncer is set up to filter it out first.
Please report spam which the SpamBouncer does not catch to <spamtrap@spambouncer.org> so that I can modify the SpamBouncer to catch it. Many spammers have gotten wise to me -- I'm on their remove lists even if they won't put you or others there. <wry grin> So I depend on my users to keep me up-to-date on what kind of spam is out there.
Report any problems to the author at ariel@spambouncer.org, and she'll get to work on fixing them ASAP.
Updates to the SpamBouncer are announced via the SpamBouncer Updates mailing list, in addition to this Web page. The list is a low-volume announcements-only list that gets less than one email per week. I keep it this way so that people who hate getting spammed :) can subscribe without being overwhelmed with email. (If you want to discuss spam and how to fight it, I recommend the SPAM-L mailing list, described in the following section.)
The SpamBouncer Updates list runs on a Majordomo list server, a widely used mailing list management program. If you are unfamiliar with Majordomo, the instructions below should explain how to subscribe to and unsubscribe from the SpamBouncer Updates list. For more information on Majordomo and how to use it, refer to Majordomo Mailing List User Commands at the University of Rochester. For more information on Majordomo itself and how it works, refer to the Majordomo FAQ.
I must approve all subscriptions to the mailing list, so I suggest you send me email letting me know who you are and why you are subscribing before you subscribe to the list. :) (Where possible, I would prefer to keep spammers off of it.)
subscribe <your email address>
end
This will tell the Majordomo list server that you want to subscribe to the SpamBouncer Updates mailing list.
The list server will then send you two messages: a notice to the email address from which your subscription was sent and a confirmation message to the email address that you asked to have subscribed to the list. The notice explains that the subscription must be confirmed from the address that was subscribed to the list. The confirmation message asks you to copy a line of text from it, paste that line of text in a new email, and send the email back to the list server. The message will read like this:
Someone (possibly you) has requested that your email address be added to or deleted from the mailing list "spambouncer-updates@aziz.devnull.net".
If you really want this action to be taken, please send the following commands (exactly as shown) back to "Majordomo@aziz.devnull.net":
auth 3de6896e subscribe spambouncer-updates someone@example.com
If you do not want this action to be taken, simply ignore this message and the request will be disregarded.
The text you need to copy is the line beginning withauth. The jumble of letters and numbers afterauthis called a token, and will be different for each person. Because it is different for each person, if you send back the exact token, the mailing list knows you really asked to subscribe. That prevents others from subscribing you to the mailing list without your permission.
auth and
containing the token from the message the Majordomo list server sends to you into
a new email, and send the new email back to
updates-request@lists.spambouncer.org. | ! CAUTION! |
|
|---|
If you followed these instructions correctly, the Majordomo list server will send you two more messages. The first is a short, machine-generated message showing that your subscribe command worked. The second is a message welcoming you to the SpamBouncer Upgrades list.
Send email to updates-request@lists.spambouncer.org, with any subject line you like (the list server will ignore it), and the following text in the message body:
unsubscribe <your email address>
end
This will tell the Majordomo list server that you want to unsubscribe from the SpamBouncer Updates mailing list. Majordomo will send you a message confirming that you have unsubscribed from the list. If you no longer have access to your old address, send me email and I will unsubscribe your old address manually.
To switch your subscription to a new email address, you must unsubscribe your old address and subscribe the new one, following the instructions above.
First, I would like to thank Stephen van den Berg, the creator of procmail, for his wonderful tool. It is truly the friend of those who hate email spam and want it out of their lives. (It is also the friend of anyone who gets a lot of email.)
I would also like to thank the readers of the Procmail Mailing List for answering lots of often elementary questions, especially at the beginning, as I learned the program. I highly recommend the list for people who use the SpamBouncer. You can subscribe at procmail-request@Informatik.RWTH-Aachen.DE.
Finally, I'd like to thank one of the best sets of users anyone ever had -- you guys do a superb job keeping me up to date on what spammers are doing. I couldn't do it without you, seriously.
These filters are the result of several years of work and learning about Procmail. I hope the results will be as useful to others as they have been to me.
©1996-2001 by Catherine A. Hampton <ariel@spambouncer.org>. All rights reserved.