[maildropl] Bouncing spam.....and submitting it to spamcop
Brought to you by:
mrsam
From: Nick S. <nj...@sc...> - 2002-05-17 13:07:15
|
There are people out there who are bouncing their spam rather than doing other things with it - the theory being that on occasion, an outright bounce will get you out of a mailing list when nothing else will. It may work on mainsleaze better than chickenboner spam since for mainsleaze the RFC821 bounce address is *slightly* more likely to work. It is better to bounce it at your machine boundary so that the spammer can never deliver it to you, but if you don't have that opportunity, this is next best. I have extended addressing on my system, and I use these extended addresses to register on websites. Every now and then one of these websites sells the address I used or maybe it gets spidered because the site does not protect it properly, and I want to start ignoring all of the mail to the address. When one of the extended addresses I use starts to get misused, I find I can use this maildrop formula: if (/njs\+xxx\@scifi\.squawk\.com/ || /njs\+yyy\@scifi\.squawk\.com/) { log "About to blow off a $MATCH" echo "550 The address $MATCH has been taken over by spammers, I do not answer it anymore." EXITCODE=67 to $ALTBOXSPAM } altboxspam is simply a file I keep this sort of stuff in - if it becomes an issue I can go and look in it, but the reality is that I just clean it out from time to time. Since it is a file, EXITCODE is not reset and this works. Most of my spam is sent to spamcop. I am trying this as an experiment --- I have heard that the mainsleazers may actually check their bounces - sometimes. But this trick might be something that you can do to get out of a legitimate opt-in list you want out of. If you are on a mailing list and you are too lazy to unsubscribe, (I have met people like this while running mailing lists) and you would rather set up a filter than unsubscribe, doing this is an easy way to get the bounces back to the RFC821 header address. Most lists are set up to unsubscribe you if you if the bounces go back to the RFC821 address and may even differentiate users via the RFC821 bounce address, so this is the right thing to do. So if you really are too lazy to send in that unsubscribe, and you just want to set up a filter, just bounce the mail. Don't bother sending a hand tuned bounce to the list owner's address, what they want is a bounce --- because their automatic unsubscribe processing works with bounces. So just do a bounce instead of a fancy reformail reply. If you set the exitcode, you should follow it by a "to" going to a file or a maildir, or an exit, or if you continue you should set the RC back to zero, because if you run a process for your delivery, that return code will be used and this one won't stick. If you do want to send to a process and then exit with a set return code, doing a EXITCODE=67 to "|/process/path/program argument" will not work because the process will reset the RC. You have to do a cc "|/process/path/program argument" EXITCODE=67 exit to deliver to a process and then exit with a code that is something other than the exitcode of the process. I mentioned forwarding spam to spamcop, but that is not as simple as just re-addressing it. Spamcop wants it as an attachment of type message/rfc822 inside a top-level multipart/mixed, with a text/plain section preceding it -- or at least, that is what I have found that works - doing simpler structures like a top level message/rfc822 or just changing the envelope does not work. The text/plain section can be empty. I wrote a Perl script to encapsulate a spam and send it, but it might be possible to make a message for spamcop with makemime. The following *should* work - fill in the blanks for you and secret, and then save it as makemime.sh in your bin, and use it as an xfilter, xfilter "$HOME/bin/makemime.sh" to "|/usr/sbin/sendmail -bm -f your@address -t" The xfilter will transform it into its new incarnation - an embedded message/rfc822 with the right wrapper, and the to sends it....now here is something interesting: xfilter "$HOME/bin/makemime.sh" cc "|/usr/sbin/sendmail -bm -f your@address -t" xfilter "reformime -e -s 1.2" # continue processing..... The first xfilter wraps the message, and the cc sends it off to spamcop. The xfilter then strips the message out of the mime that makemime wraps it in. So now you can continue with whatever original processing you might want to do. Finally, this should work as well.... xfilter "$HOME/bin/makemime.sh" cc "|/usr/sbin/sendmail -bm -f your@address -t" EXITCODE=67 exit The first xfilter wraps the message, and the cc sends it off to spamcop. But whatever passed the message to you still has the original...Want to bounce it? Just set the return code and bounce it. So this is what should go into makemime.sh - the \ at the end of the line are required... #! /bin/sh makemime -j \ \( \ -m "multipart/mixed" \ -a "From: you <your@address>" \ -a "to: spamcop <se...@sp...>" \ -a "Subject: reply anyway" \ -a "Content-Disposition: inline" \ -a "Mime-Version: 1.0" \ -e "8bit" \ \( \ -c "text/plain; charset=us-ascii" \ -e "7bit" \ /dev/null \ \) \ \) \ \( \ -c "message/rfc822" \ -e "8bit" \ -a "Content-Disposition: attachment" \ - \ \) You have to register at spamcop to get your secret submission address. Of course, do not do this unless you are really sure it is spam - and remember that you will have to go to spamcop anyway to verify it and process it. Just sending it to spamcop without processing it there and submitting the complaints wastes their space and their processing power, which they are short of. -- War is an ugly thing, but it is not the ugliest of things. The decayed and degraded state of moral and patriotic feeling which thinks that nothing is worth war is much worse. A man who has nothing for which he is willing to fight, nothing he cares about more than his own personal safety, is a miserable creature who has no chance of being free, unless made so by the exertions of better men than himself. -- John Stuart Mill Nick Simicich - nj...@sc... |