[maildropl] Bouncing spam.....and submitting it to spamcop
Brought to you by:
mrsam
Menu
▾
▴
[maildropl] Bouncing spam.....and submitting it to spamcop
|
From: Nick S. <nj...@sc...> - 2002-05-17 13:07:15
|
There are people out there who are bouncing their spam rather than doing
other things with it - the theory being that on occasion, an outright
bounce will get you out of a mailing list when nothing else will.
It may work on mainsleaze better than chickenboner spam since for
mainsleaze the RFC821 bounce address is *slightly* more likely to work. It
is better to bounce it at your machine boundary so that the spammer can
never deliver it to you, but if you don't have that opportunity, this is
next best.
I have extended addressing on my system, and I use these extended addresses
to register on websites. Every now and then one of these websites sells
the address I used or maybe it gets spidered because the site does not
protect it properly, and I want to start ignoring all of the mail to the
address.
When one of the extended addresses I use starts to get misused, I find I
can use this maildrop formula:
if (/njs\+xxx\@scifi\.squawk\.com/ || /njs\+yyy\@scifi\.squawk\.com/)
{
log "About to blow off a $MATCH"
echo "550 The address $MATCH has been taken over by spammers, I do
not answer it anymore."
EXITCODE=67
to $ALTBOXSPAM
}
altboxspam is simply a file I keep this sort of stuff in - if it becomes an
issue I can go and look in it, but the reality is that I just clean it out
from time to time. Since it is a file, EXITCODE is not reset and this works.
Most of my spam is sent to spamcop. I am trying this as an experiment ---
I have heard that the mainsleazers may actually check their bounces -
sometimes. But this trick might be something that you can do to get out of
a legitimate opt-in list you want out of. If you are on a mailing list and
you are too lazy to unsubscribe, (I have met people like this while running
mailing lists) and you would rather set up a filter than unsubscribe, doing
this is an easy way to get the bounces back to the RFC821 header
address. Most lists are set up to unsubscribe you if you if the bounces go
back to the RFC821 address and may even differentiate users via the RFC821
bounce address, so this is the right thing to do.
So if you really are too lazy to send in that unsubscribe, and you just
want to set up a filter, just bounce the mail. Don't bother sending a hand
tuned bounce to the list owner's address, what they want is a bounce ---
because their automatic unsubscribe processing works with bounces. So just
do a bounce instead of a fancy reformail reply.
If you set the exitcode, you should follow it by a "to" going to a file or
a maildir, or an exit, or if you continue you should set the RC back to
zero, because if you run a process for your delivery, that return code will
be used and this one won't stick. If you do want to send to a process and
then exit with a set return code, doing a
EXITCODE=67
to "|/process/path/program argument"
will not work because the process will reset the RC.
You have to do a
cc "|/process/path/program argument"
EXITCODE=67
exit
to deliver to a process and then exit with a code that is something other
than the exitcode of the process.
I mentioned forwarding spam to spamcop, but that is not as simple as just
re-addressing it. Spamcop wants it as an attachment of type message/rfc822
inside a top-level multipart/mixed, with a text/plain section preceding it
-- or at least, that is what I have found that works - doing simpler
structures like a top level message/rfc822 or just changing the envelope
does not work. The text/plain section can be empty. I wrote a Perl script
to encapsulate a spam and send it, but it might be possible to make a
message for spamcop with makemime. The following *should* work - fill in
the blanks for you and secret, and then save it as makemime.sh in your bin,
and use it as an xfilter,
xfilter "$HOME/bin/makemime.sh"
to "|/usr/sbin/sendmail -bm -f your@address -t"
The xfilter will transform it into its new incarnation - an embedded
message/rfc822 with the right wrapper, and the to sends it....now here is
something interesting:
xfilter "$HOME/bin/makemime.sh"
cc "|/usr/sbin/sendmail -bm -f your@address -t"
xfilter "reformime -e -s 1.2"
# continue processing.....
The first xfilter wraps the message, and the cc sends it off to spamcop.
The xfilter then strips the message out of the mime that makemime wraps it
in. So now you can continue with whatever original processing you might
want to do. Finally, this should work as well....
xfilter "$HOME/bin/makemime.sh"
cc "|/usr/sbin/sendmail -bm -f your@address -t"
EXITCODE=67
exit
The first xfilter wraps the message, and the cc sends it off to spamcop.
But whatever passed the message to you still has the original...Want to
bounce it? Just set the return code and bounce it.
So this is what should go into makemime.sh - the \ at the end of the line
are required...
#! /bin/sh
makemime -j \
\( \
-m "multipart/mixed" \
-a "From: you <your@address>" \
-a "to: spamcop <se...@sp...>" \
-a "Subject: reply anyway" \
-a "Content-Disposition: inline" \
-a "Mime-Version: 1.0" \
-e "8bit" \
\( \
-c "text/plain; charset=us-ascii" \
-e "7bit" \
/dev/null \
\) \
\) \
\( \
-c "message/rfc822" \
-e "8bit" \
-a "Content-Disposition: attachment" \
- \
\)
You have to register at spamcop to get your secret submission address.
Of course, do not do this unless you are really sure it is spam - and
remember that you will have to go to spamcop anyway to verify it and
process it. Just sending it to spamcop without processing it there and
submitting the complaints wastes their space and their processing power,
which they are short of.
--
War is an ugly thing, but it is not the ugliest of things. The decayed and
degraded state of moral and patriotic feeling which thinks that nothing is
worth war is much worse. A man who has nothing for which he is willing to
fight, nothing he cares about more than his own personal safety, is a
miserable creature who has no chance of being free, unless made so by the
exertions of better men than himself. -- John Stuart Mill
Nick Simicich - nj...@sc...
|