Procmail Revisited

All-in-one version

(Regular [individual slides] version)


What's Procmail?

Mail Server Diagram - procmail MDA

Setting Up

Essential Rules

  1. Read the Gold Book Page on SpamAssassin/Procmail!

  2. Set the Spam Score threshold, e.g.:
    * ^X-MailScanner-SpamScore: ssss
    (four "s" characters, for a threshold of 4.0; use five for 5.0 etc.)

  3. Choose your comfort level: basic or advanced (see that gold book page).

  4. Add a rule to .procmailrc for Virii

  5. You might end up with a .procmailrc file like this.

Simple Spam and Virus Filter

Puts spam in a SPAM folder, and virus tagged (disinfected!) mail in a VIRUS folder. If you use IMAP, need to "subscribe" to these (and check/clean them from time to time).

#### .procmailrc -- initialization file for procmail filter

#### Variables to define.  Make PATH safe, specify mail dir etc.
PATH=/bin:/usr/bin:/usr/local/bin:$HOME/bin  # Make the PATH safe.
COMSAT=no				# This is needed (really!)

MAILDIR=$HOME/Mail                      # Where my folders are
VIRUS=$MAILDIR/VIRUS			# Mailscanner/Sophos tagged
SPAM=$MAILDIR/SPAM                      # SpamAssassin tagged

LOGFILE=$MAILDIR/procmail.log		# The log file.

###################### end of definitions, start of rules ######

# Get spam stuff, put in a separate SPAM folder.  Threshold is 5.0
* ^X-MailScanner-SpamScore: sssss

# This rule puts virii in a separate folder
* ^Subject:.\{VIRUS\?\}

# The end (what, no popcorn?)


Configuration File for LogRotate

Copy, paste, and edit this example, and save it (in ASCII text format!) to a file in your Unix login area called .logrotate.conf (note the leading "dot"). Replace the red underlined parts with your username.

/users/pmurphy/Mail/VIRUS {
    rotate 30
       /home/nraosoft/bin/spamsummary /users/pmurphy/Mail/VIRUS.1
/users/pmurphy/Mail/SPAM {
    rotate 30
       /home/nraosoft/bin/spamsummary /users/pmurphy/Mail/SPAM.1
/users/pmurphy/Mail/procmail.log {
    rotate 12


There are three parts to this logrotate configuration file. Each one specifies how a certain file should be "rotated". Rotation means the file (e.g., SPAM) is copied to, say, SPAM.1 and a new empty SPAM file is created.

  1. On a weekly basis, the VIRUS folder will be moved to VIRUS.1, and if that exists, VIRUS.1 should be first moved to VIRUS.2 and so on up to VIRUS.30. The delaycompress combined with the compress keyword means that VIRUS.2 and older folders will be compressed with gzip, so they'll actually be VIRUS.2.gz; this can save a lot of space.

  2. On a daily basis (we usually get far more spam-tagged mail than disinfected virii), the same thing is done for the SPAM folder.

  3. The postrotate section of the SPAM and VIRUS rules will call a program called spamsummary (available at all four NRAO sites) that will mail you a summary of what's in the particular folder; this is convenient and avoids the need to actually visit the old folders before they disappear. If you don't want such reports, simply remove the three lines starting with postrotate and including endscript.

  4. The last section of the logrotate configuration file takes care of rotating your procmail log file. You'll generally never have to look in it unless you do a lot more with procmail by adding extra rules (and need to find out what happened if you had a typo!). This prevents the procmail log file from growing to absurd sizes.


Pat Murphy