LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop
User Name
Password
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.

Notices



Reply
 
Search this Thread
Old 12-29-2007, 02:08 PM   #1
r00ster
Member
 
Registered: May 2007
Location: boundary beach, bc
Distribution: 3.2.0-4-686-pae #1 SMP Debian 3.2.60-1+deb7u3 i686 GNU/Linux
Posts: 213

Rep: Reputation: 15
Spam Mngmnt Icedove


Etch/KDE/Icedove
Stand Alone (Home) Desktop
HS Cable Modem to ISP

I'm a GNUbie with no CS background.

I'm trying to figure out if it's possible to filter and/or move/drop email predicated on IP block/ranges in Icedove.

I've got a flimsy sense of how this might be done if I were running getmail, postfix and
Spamassassin... but I don't know if adding these intermdiate apps is necessary or even feasible for a Stand-Alone Home Desktop. I've also looked at using iptables, but I don't think that applies to this objective... as far as I can tell anyway.

Ideally, I'd like to generate an “undeliverable” type SMTP response for certain of our favorite jewelery, nostrum and stock promoters in
Asia, Eastern Europe and South America by applying rules to the IP Blocks that keep reappearing.

In the example header below, the 'purported' ip 221.205.210.180 appears in 3 different lines in the header: the “Received-SPF:” line, the
“X-Default-Received-SPF: line, and down at the bottom in the
“X-Originating-IP” line added by my ISP. “~$ dig -x” indicates the ip belongs in “inetnum: 221.204.0.0 – 221.205.255.255”.

In Icedove's “Message Filter Rules” menu, I have these options:
Subject, From, Body, Date, Priority, Status, To, Cc, To or Cc, Age
in Days, Size and Customize.
The “Customize” option is to create a “New Message Header”;
which option is still a bit confusing to me even though I've read everything I can find about it. If I understand it at all, it wouldn't apply to my objective.

I realize I can filter on the ip# itself, and create a filter based on the email itself, but that's a waste of time as everyone knows. In the example at bottom, I'd like to filter on netblock “221.204.0.0 – 221.205.255.255” if it can be done.

I guess the second part of my the question involves: why can't I “filter on” any header line I want? My ISP is gracious enough to add header lines in many of my spam such as:
X-ORBS-Stamp: Listed in pbl, http://www.spamhaus.org/query/bl?ip=
218.18.183.181
X-ORBS-Stamp: open relay, http://www.dnsbl.sorbs.net/lookup.shtml?
218.18.183.181
...that would be handy to filter on too; ...just citing ”Contains” “X-ORBS-Stamp:
Listed in pbl,” would be good enough for me.

Why can't a shell script be added to “msgFilterRules.dat” to handle this?

Happy trails,

rod

SAMPLE HEADER
X-Account-Key: account3
Received-SPF: none (No spf1 record for (bigfoot.com) )
client-ip=221.205.210.180; envelope-from=<carlena@bigfoot.com>;
x-ip-name=;
X-Default-Received-SPF: fail (Last token {-all} (res=FAIL))
client-ip=221.205.210.180; envelope-from=<carlena@bigfoot.com>;
x-ip-name=;
Received: from 221.205.210.180 (unverified [221.205.210.180])
by mx.dccnet.com (DCCNet Email Cluster2) with ESMTP id 95138108-
1865385
for <x>; Thu, 20 Dec 2007 01:53:38 -0800
Return-Path: <carlena@bigfoot.com>
Message-ID: <000a______________________f6bc@ualugoh>
From: "Chanel Watches" <carlena@bigfoot.com>
To: "Rolex Watches" <x>
Subject: Watches
Date: Wed, 20 Dec 2000 08:06:41 +0000
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0007_01C06A6A.069B4FCD"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-Rcpt-To: <x>
X-SpamDetect: ************: 12.700000 NakedCR=0.2, DodgySource
=2.0, SPF
Default Fail=1.0, S_ab=1.1, S_ob=1.1, S_sc=1.1, S_ws=1.1, S_jp=1.1,
SURBL=4.0
X-NakedCr: Body contained naked cr characters
X-Surbl: jp lydastuff.com multi.surbl.org
X-Surbl: ab.surbl.org lydastuff.com multi.surbl.org
X-Surbl: ob.surbl.org lydastuff.com multi.surbl.org
X-Surbl: ws.surbl.org lydastuff.com multi.surbl.org
X-Surbl: sc.surbl.org lydastuff.com multi.surbl.org
X-VirusScan: Message is clean (g_virus_cmd scanned message)
X-IP-stats: No info recorded yet ip=221.205.210.180
X-Originating-IP: 221.205.210.180
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
spam filter that puts spam into spam folder? paul_mat Linux - Software 3 03-31-2009 05:18 AM
Migrate from Evolution to Icedove txHarleyMan Linux - Software 1 12-21-2007 09:03 PM
icedove - retrieve ALL messages verbose Linux - Software 0 11-01-2007 08:00 PM
Icedove graphics revenge80200 Debian 4 02-21-2007 11:07 PM
How do I make icedove go away? sigma957 Debian 4 11-17-2006 02:51 PM


All times are GMT -5. The time now is 12:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration