Differences between version 15 and revision by previous author of AreYouSpam.
Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History
| Newer page: | version 15 | Last edited on Tuesday, November 23, 2004 4:35:22 pm | by JohnMcPherson | Revert |
| Older page: | version 14 | Last edited on Thursday, April 15, 2004 9:27:12 am | by AristotlePagaltzis | Revert |
@@ -1,227 +1 @@
-!!! !! DO NOT USE !!
-
-These scripts fail the
[One Question Certification Test for E-Mail Filter Authors | http://www.oreillynet.com/pub/wlg/3682
]. Nowadays, most mail is sent with forged From: headers that point to real, but innocent, addresses. This quickly becomes a huge problem because while spam is easy to filter, responses to spam __are not__.
-
-__By employing any kind of software that may respond to messages with a forged From:, YOU ARE PART OF THE PROBLEM.__
-
-__Do not use the scripts from this page.__ They are left
here for the interest of the curious, but __should not be employed__.
-
-You may want to [read some more interesting discussion about the evils of autoresponders of any kind | http://www.oreillynet.com/pub/wlg/4627].
-----
-
-''A note from the original author - I've long-since stopped using this script for exactly that reason. Very little spam comes from a valid reply address, the only consistent exception is 419 spammers. I'm also guilty of installin AV software that sends bounces, but I plan to fix that next time I'm working on the servers in question. %%% %%% Also I'm not sure this script is even 'safe' - it can very probably be exploited by a well-crafted subject line or source email address to run untrusted programs as the user.'' --[zcat(1)]
-
-''Maybe it should be deleted wholesale, then?'' --AristotlePagaltzis
-
-----
-
-This is probably the very worst kind of scripting, but it works. Feel free to suggest improvements (rewriting it in [Python] might be a good start :)). The original idea is AsSeenOnSlashdot. I should probably add something to __.procmail__ so it doesn't reply to robot mailings. When I unsubbed from the ~UpYours mailing list (opt-in, but mostly advertising) the acknowledgement message also got tagged as spam.
-
-Haha.. just this morning I got an unsubscribe confirmation from "addmenewsletter" which was triggered by the autoresponse. I have a feeling this is going to land me on a few "live address" lists.. However in general spammers almost invariably use a fake From: address, any that don't will be flooded with complaints, flames and bounce messages. Hardly any spammers will ever see this reply, and a few are already checking their mail against SpamAssassin so it's no big secret.
-
-----
-
-!! .procmailrc
-
-<verbatim>
-# Excecutable attachments; Are these -ever- not viruses?
-:
-*^Content-type: (multipart/mixed|application/octet-stream)
-{
- :0 HB
- *^Content-Disposition: attachment;
- *filename=".*\.(exe|vbs|chm|hlp|shs|wsf|vbe|wsh|hta|pif|scr)"
- /dev/null
-}
-
-# Bounce messages. When you reply to spammers, 90% of them are
-# using an invalid address so you get lots of bounces. I just
-# ignore them.
-:
-* ^From:.*<MAILER-DAEMON@.*>
-/dev/null
-
-# Call spamassassin on messages under 256kb
-:0 fw
-* < 256000
-| spamassassin
-
-# Mails with a score of 12 or higher are almost certainly spam (with .05%
-# false positives according to rules/STATISTICS.txt).
-:
-* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*
-/dev/null
-
-:0 c
-* ^X-Spam-Status: Yes
-| areyouspam >> mail/probably-spam
-
-# Work around procmail bug: any output on stderr will cause the "F" in "From"
-# to be dropped. This will re-add it.
-:
-* ^rom[ ]
-{
- LOG="*** Dropped F off From_ header! Fixing up. "
-
- :0 fhw
- | sed -e '1s/^/F/'
-}
-</verbatim>
-
-----
-
-!! /usr/local/bin/areyouspam
-
-<verbatim>
-#!/bin/bash
-
-LOGFILE=/var/log/areyouspam.log
-
-MAIL="$( mktemp /tmp/areyouspam.XXXXX )"
-
-if [ -z "$MAIL" ] ; then
- echo "Sorry, couldn't create temporary file." >> $LOGFILE
- exit 1
-fi
-
-trap "rm $TMP" EXIT INT QUIT TERM
-
-cat > $MAIL
-
-SUBJECT="$( formail -c -x Subject: < $MAIL )"
-TO="$(
- formail -c -x Envelope-To: -x X-Envelope-To: -x To: < $MAIL \
- | head -1 \
- | tr [:upper:] [:lower:]
-)"
-REPLYTO="$(
- formail -c -x X-List-Unsubscribe: -x From: -x Reply-To: < $MAIL \
- | head -1 \
- | sed -e 's/.*<//g; s/>.*//g;'
-)"
-
-if [ -z "$REPLYTO" ] ; then
- echo "Noone to reply to?" >> $LOGFILE
- exit 1
-fi
-
-/usr/sbin/sendmail -ba $REPLYTO 2>&1 >> $LOGFILE <<END_MAIL
-From: AreYouSpam <$TO>
-Reply-To: "Don't reply" <$TO>
-To: $REPLYTO
-Subject: RE: $SUBJECT
-
-Your recent email to me was identified as spam and has been deleted unread.
-If your message was important please resend it. You will need to edit it
-first so it looks less like spam.
-
-Things you might need to change:
-
- * Avoid html-formatted messages
- * Avoid strings of dollar signs or exclamation marks
- * Don't use capital letters excessively
- * Don't put spaces/dots/dashes between each letter in words.
- * Avoid common spam words and phrases.
-
-Thank you.
-END_MAIL
-
-echo -e "To: $TO From: $REPLYTO\n Subject: $SUBJECT" >> $LOGFILE
-</verbatim>
-
-----
-
-!!! Another, cruder version
-
-It just does the response within the procmailrc, and checks for a password in subject to bypass the filter:
-
-<verbatim>
-########################################################################
-# <SPAMASSASSIN>
-########################################################################
-# Variables that must be set above this: FORMAIL, HOME, BYPASSWD - e.g.
-# FORMAIL=/usr/bin/formail
-# BYPASSWD=CATWALK
-# HOME is usually an environment variable that doesn't need setting.
-# Also, a file named spamassassinnotify should exist in the home directory.
-
-# Set SABYPASSWD
-#
-SABYPASSWD=${BYPASSWD}
-
-# Check for SABYPASSWD
-#
-:0 f
-* $ ^Subject:.*${SABYPASSWD}
-| ${FORMAIL} -A"X-SpamAssassinPass: SABYPASSWD"
-
-# Start of "else" wrapper so SABYPASSWD matches skip everything else
-:0 E
-{
-
-# The lock file ensures that only 1 spamassassin invocation happens
-# at 1 time, to keep the load down.
-#
-:0fw: spamassassin.lock
-* < 256000
-| spamassassin
-
-# Check for mail tagged as spam (i.e. with a score higher than the set threshold)
-#
-::
-* ^X-Spam-Status: Yes
-{
-
-# Instruct sender on how to get past the filter (on the off-chance the sender exists)
-#
-:
-{ BLOCKPID=`echo $$` }
-
-:0 c:
-blocktemp.${BLOCKPID}
-
-:0 c: blocktemp.${BLOCKPID}.lock
-| (${FORMAIL} -rt \
- -I"From: ${ALTFROM}" \
- -A"X-Loop: ${NOLOOP}";\
- echo "Please resend your message with \"${SABYPASSWD}\" somewhere in the subject.";\
- echo " ";\
- cat ${HOME}/spamassassinnotify;\
- echo " ";\
- cat blocktemp.${BLOCKPID};\
- rm -f blocktemp.${BLOCKPID}) \
- | ${SENDMAIL} -oi -t
-
-
-# Stash the message
-# Mails with a score of 15 or higher are almost certainly spam (with .05%
-# false positives according to rules/STATISTICS.txt).
-#
-::
-* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*
-aa/aa.sa-almost-certainly-spam
-
-# else...
-#
-:0 E
-aa/aa.sa-probably-spam
-}
-
-# Workaround for procmail bug: any output on stderr will cause the "F" in "From"
-# to be dropped. This will re-add it.
-:
-* ^^rom[ ]
-{
- LOG="*** Dropped F off From_ header! Fixing up
. "
-
- :0 fhw
- | sed -e '1s/^/F/'
-}
-
-}
-# End of :0 E wrapper around SABYPASSWD
-
-########################################################################
-# </SPAMASSASSIN>
-########################################################################
-</verbatim>
+Describe
[AreYouSpam
] here.
