Frequently Asked Questions (or Frequently Questioned Answers)


Q:  I've set up my .procmailrc, .forward and filter files but filtering
does not seem to work.

A:  Make sure the permissions on all the files *and* directories are set
correctly, especially the location of .procmailrc.  You should own all the
files and have rw rights to both the files and the directories.  See man
chmod for details. 

If you're using fetchmail to retrieve your mail, to troubleshoot and save
yourself some irritation, check /var/log/fetchmail for errors. Send a few
emails to yourself and check that log file. If you see this error:

suspicious rcfile: "/home/$user/.procmailrc"  procmail: couldn't read
"/home/$user/.procmailrc" 

then it's almost certainly a permissions thing. CHMOD your home directory
to 0755 (drwxr-xr-xr) and the file /.procmailrc to 0644 (see man procmail
for complete details; most error messages are well-documented there)


Q:  I've checked my permissions and they look OK but it's still not 
filtering.

A:  If you have *any* blank lines in ANY of your filter files, they will
match almost every e-mail and send them to the spam file.  However,
SPASTIC now does a sanity check on the filter files and if it finds any
blank lines, it creates a log entry in procmail.log with this message:

WARNING: ONE OF YOUR REJECT FILES HAS A BLANK LINE IN IT! PLEASE FIX.

Then, it dumps the e-mail in your $DEFAULT inbox.  Check procmail.log  for
this warning and correct as necessary.


Q:  Something is really wacky; I've customized my filters and it's not
doing what I expect. Is there a way to debug it? How Can I Troubleshoot
SPASTIC?

A:  SPASTIC is very considerate of resources and does not hog more than
its fair share; memory or slowness issues are likely not SPASTIC-related.
Nonetheless, if you're suspicious it helps to be able to look: to
troubleshoot spastic, go into ~/.procmailrc and change the VERBOSE
variable to VERBOSE=on. ???Take this literally: you will get about 50 lines
of debugging output from procmail for each e-mail you receive in your
~/Mail/procmail.log (unless you have it going someplace else; the LOGFILE
variable in .procmailrc controls where the log is written and defaults to
$MAILBOX/procmail.log.

The VERBOSE setting will let you track the entire process and show you
which tests match and which didn't match. ???The one thing that *might* be
using up bandwidth and time, if you have it enabled, is the domain
checking in the Advanced Section near the bottom of .procmailrc. ???Don't
forget to turn it off when you finish troubleshooting unless you want this
feature activated!


Q:  I am using sendmail as my MTA and after I installed the .forward file,
I stopped receiving mail.

A:  Sendmail has been enhanced to no longer trust external programs for
delivery due to security issues unless you specifically tell it to trust
that program.  You can do this by creating a symbolic link in the
/etc/smrsh directory for procmail: 

ln -s /usr/bin/procmail /etc/smrsh


Q:  I want to share my filter files with other people on my system so
everyone can benefit from the new spam filters.

A:  You can copy the filter files (from_rejects, header_rejects, etc.) to
a shared location such as /etc or create a /usr/share/spastic dir and set
permissions so everyone can update a shared set of filters. Then, you need
to change the .procmailrc and point the reject variables to the new
location.


Q:  I am using Evolution/Kmail/Pine/Whatever to retrieve my e-mail
directly from my ISP mail server and SPASTIC is not working.  Why?

A:  SPASTIC requires procmail to process incoming mail before it is
delivered to your mailbox(es).  This is done through the .forward file
mechanism which is NOT used if you retrieve your mail directly.  The best
solution is to use the fetchmail program to retrieve your mail and deliver
it to your locally running MTA such as Postfix, Sendmail, Qmail, or Exim. 
Then, when the local MTA delivers it, the .forward file will kick in and
procmail will filter all your mail.  Here is a crude graphic:

ISP <--> fetchmail --> MTA (Postfix/Sendmail,etc.) --> .forward -->
    procmail (SPASTIC) --> mailbox(es)  <-- MUA (mutt/Evolution,etc).

Fetchmail has excellent documentation and is easy to set up. It can be run
as a daemon, fetching your e-mails periodically.  For easy setup, use
fetchmailconf and check the man pages: fetchmail and fetchmailconf. 
Fetchmail can handle multiple e-mail accounts at different ISPs to make it
easy to consolidate all your e-mail.  You can still send your e-mail out
directly to your ISP or send it to your local MTA and have it sent out
from there.

MUA (mutt/Evolution,etc.) --> ISP --> Internet

Or

MUA (mutt/Evolution,etc.) --> MTA --> Internet

There may be other ways to set up your environment.


Q:  I ran the rotate-spam script, but the report did not tell me who sent
the spam.  The output at the end looked like this:

The spammers and the number of messages sent by each of them are:
      4 -

A: Spammers often send poorly or intentionally malformed e-mail headers to
disguise their origin and make tracing them more difficult. Sometimes, they
use programs to forge the SMTP From command resulting in an e-mail with an
invalid header. This header is what is reported in the rotate-spam script.
If it is invalid in the spam, it will be invalid in the report. Another
possibility is that the MTA or MUA programs have modified the From header.
Mozilla mail is one program that does this. The bottom line is that
sometimes you will see invalid data in this part of the rotate-spam report.