Simple Procmail Anti-Spam Templates (Improved Code)
version 3.3.1

Steve Plemons
skiptem@users.sourceforge.net
http://spastic.sourceforge.net

DISCLAIMER
This project is released under the terms of the GNU GPL v2. See the
LICENSE file for details of the GPL.

These files are distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even an implied warranty of any kind.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
There may be a name change in the future, however, until then it will be
maintained by Steve Plemons under it's current name Spastic.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

NOTE TO THOSE UPGRADING: 

As of version 2.4, SPASTIC ADDS A NEW HEADER TO EACH E-MAIL,
"X-Spam-Status: Yes" ALONG WITH THE REASON.  PREVIOUS VERSIONS CHANGED
THE SUBJECT HEADER, SO IF YOU HAVE YOUR E-MAIL PROGRAM FILTERS SET TO
CHECK THE SUBJECT, THEY NEED TO BE UPDATED TO CHECK THE NEW HEADER.  See
the INSTALL file for upgrade information.

As of version 2.2, THE DEFAULT LOCATION FOR THE SPASTIC DIRECTORY AND
FILES HAS MOVED FROM $HOME/Mail/spastic TO THE MORE NATURAL
$HOME/.spastic. See the INSTALL file for upgrade information.


OVERVIEW
Spam, including Unsolicited Commercial E-mail (UCE), is a blight on the
Internet. It is getting worse and this trend is likely to continue for the
forseeable future. SPASTIC is a solution which identifies and routes Spam
to a specific location for destruction or further processing.

INTRODUCTION
SPASTIC works in conjunction with (and requires) Procmail, the mail
processing utility for *nix.  Among Procmail's many uses are its ability
to sort and pre-process your incoming mail. To find out whether you have
procmail already installed on your system (and if so, its location), do 

user@world:~>which procmail

To find out which version you have installed, do

user@world:~>procmail -v

For the latest version of Procmail, visit the Procmail homepage at
http://www.procmail.org/.

SPASTIC is a collection of procmail scripts (known as "recipes"). Using
these, SPASTIC has built-in checks to catch typical Spam right out of
the box. These built-in rules will flag as Spam:

e-mails with all caps in the subject.
e-mails without subject or subjects with several white spaces.
e-mails with a bad format for destination addresses.
OPTIONAL: e-mails with a bad domain in destination addresses.
OPTIONAL: e-mails with windows executable content

In addition to theses built-in rules, SPASTIC allows a user to filter
e-mail using simple keywords. This gives you the ability to easily
fine-tune the existing recipes to suit your specific needs.

SPASTIC makes it most easy to filter mail. By default, SPASTIC's scripts
have different filters for the headers and the body of messages. Adding or
removing a specific text string to be treated as "Spam-Like" is as simple
as editing a text file. This affords users extremely precise control over
their email.  SPASTIC also has a whitelist, where you can specify users
that are allowed to send you e-mail regardless of the content (e-mail from
anyone in the whitelist skips all filters).


INSTALLATION & CONFIGURATION
See the INSTALL file for setup and configuration.

The default configuration dumps spam into your personal spam file in 
$HOME/.spastic/spam for review so you don't lose any important e-mails
if a rule happens to match. You should review your spam file often.

NOTICE TO USERS OF KMAIL, EVOLUTION AND OTHER MAIL USER AGENTS (MUAs):
Some MUAs (including Evolution, Kmail, Pine and others) have additional
auxiliary files which control the fate of messages which have already 
been read, messages which have been deleted and certain other user
preferences.  On a good day, the MUA receives email, adds them to its
Inbox folder and updates the auxiliary files to reflect the new status of
the inbox.

With such MUAs, configuring SPASTIC/Procmail to simply insert e-mail
directly to the inbox - without updating the auxiliary files - may
create unexpected results. 

To avoid having SPASTIC (Procmail) insert e-mails directly to the inbox
and spam box, SPASTIC adds a new mail header to the suspected spam mail
called X-Spam-Status:.  The value of the header will include the reason
it was flagged.  You can then use the filters in your mail program to
separate the spam into a spam folder.  Here is an example:
X-Spam-Status: Yes, Reason: From address in a bad format
For more information, please read README.details.

If you are using a mail program that does not have filters, such as mutt,
then you need to enable the filtering recipe at the end of .procmailrc
so it dumps your spam into the spam folder.  Uncomment this one:
#:0:
#* ^X-Spam-Status:.Yes
#$SPAM_FILE

Once you have spastic running, you may find that it is missing some spams,
or that is getting some false positives (it flags an e-mail as spam when
it really isn't).  In either case, it is easy to fine tune spastic to your
incoming mail.

The easiest thing to do is to edit the text strings (or regular expressions)
in the $HOME/.spastic/reject-* files. Each file is matched against a header
or body in the mail to determine whether it is spam or not. For example, if
you want to flag e-mail that has the word "mortgage" in the subject, add the
word "mortgage" (without the quotes) to the reject-subject file. Now,
spastic will flag those e-mails as spam. If the default files are flagging
stuff you want to see, then edit the reject files to suit your needs. You
can also use regular expressions in the files, but explaining that is beyond
the scope of this documentation. See the man pages for egrep for more
information on regular expressions.

If using system-wide, place .spastic somewhere globaly ex: /etc/spastic. There
is one issue doing this. Anything placed into the whitelist will not be seen.
A whitelist will need to be placed in users home directory owned by them. There 
may be other ways to do this. However, I've yet to find one.


--------------
Files Included
--------------
(/.spastic/doc/)
README - you are reading it!
README.details - more info on mail programs and filters.
README.qmail - additional info for qmail users.
README.pine - additiona info for pine users.
CHANGELOG - what's new.
LICENSE - GNU GPL.
TODO - future plans.
FAQ - frequently questioned answers.
INSTALL - set up and configuration.
INSTALL.MTA - set up and configuration for global filtering.
ClamAV-with-SPASTIC.txt - integration with ClamAV anti-virus.

(/.spastic/)
allowed -- 0 byte file, allowed To, Cc, Bcc addresses.
dot.forward - Needed to forward incoming e-mail to procmail. 
dot.procmailrc - procmail rules.
dot.procmailrc.alternative -- a different way to set up filters.
reject-body - file that procmail will look at for filtering the body.
reject-from - file that procmail will look at for filtering from line.
reject-mailer - file that procmail will look at for filtering mailers.
reject-msgid - file that procmail will look at for filtering msg-ids.
reject-replyto - file that procmail will look at for filtering replyto.
reject-subject - file that procmail will look at for filtering subject.
reject-to - file that procmail will look at for filtering to header.
reject-type - file that procmail will look at for filtering content-type.
setup - install/upgrade script.
spam - 0 byte file where rejected mail will stored.
whitelist = 0 byte file, friendly e-mail addresses that are NOT filtered.
rotate-spam - OPTIONAL script to mail spam reports to you.

(/.spastic/reject-long/)
reject-body - more agressive body filters.
reject-subject - more aggressive subject filters.

(/.spastic/spam-backups/)
directory where rotated spam files are put out to pasture.