Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
filtermailEX(5)		   File	Format Descriptions	       filtermailEX(5)

       filtermailex - filtermail configuration file examples

       $HOME/.filtermailrc examples

       For a description of the	rcfile format and its keywords see the filter-
       mailrc(5) man page or get a basic set of	options	from  either  the  IN-
       STALL file or the doc/ directory	of the filtermail distribution.

       This man	page contains several configuration examples and real-life use
       cases for the filtermail	program.

       If not stated otherwise,	the following examples assume  you  are	 using
       extended	 Regular  Expressions, compared	to filtermail's	default, basic
       type. General information on Regular Expressions	can be	found  in  the
       regex(7)	man page or in any good	book on	UNIX/POSIX. You	could also use
       slightly	modified examples from procmail(1) if it is available on  your

   Filtering Domains
       To  create a very restrictive set of filter rules at least two keywords
       should be used: ALLOW and DENY. DENY could match	 all  messages	coming
       from an annoying	public mail service, while ALLOW matches messages from
       a good friend who also uses this	annoying public	mailer.

	      DENY = "^From:.*public-mail\.com"
	      ALLOW = "^From:.*friend@public-mail\.com"

       These two lines are enough to block all but your	friend's  e-mail  from
       the domain.

   Case	Sensivity
       In general case-sensivity is controlled by the REG_CASE keyword.	Having
       filtermail treat	expressions case-insensitive is	almost always more ef-

	      REG_CASE = "no"
	      DENY = "^Subject:.*win money"

       In this example filtermail would	delete all messages with subject lines
       like `WIN MONEY', `Win Money' or	any other mix of capital and non-capi-
       tal characters. REG_CASE	makes filters ignore the case.

       A  more	complex	 set  up  can  be  achieved  by	additionally using the
       DENY_CASE keyword.

	      DENY_CASE	= "^Subject:.*BUSINESS"

       In this example only e-mails that  have	`BUSINESS'  in	their  subject
       match  the  filter, even	though in general filtermail ignores the case.
       So in this example all messages with `business' or `Business' in	 their
       subjects	would not be affected by this filter.

       Such  an	 option	is very	useful if you are not interested in commercial
       bulk mail that offers amazing business opportunities, but in  all  your
       business	partners who contact you by e-mail.

   Defining Friends
       The  keyword ALLOW can be used to override any spam filters. Similar to
       the earlier example ALLOW defines a `friend'.

	      ALLOW = "^Subject:.*filtermail"

       Adding this rule	to the rcfile would mean  all  messages	 that  contain
       anything	about filtermail in their subject lines	can pass the spam fil-
       ters. But even friends tend to send large e-mails  sometimes  to	 share
       their  joy  about the latest joke that just made	the round in their of-
       fice. In	such cases a limit can be defined  that	 affects  particularly

	      MAXSIZE_ALLOW = 500000

       Setting MAXSIZE_ALLOW to	500000 means no	message	can be larger than 500
       kBytes. (Scanned	`office-jokes' are usually around that size.)

   Negative Message Filters
       In order	to create a very restrictive spam protection it	 can  be  more
       useful  sometimes  to  define  which  e-mails should not	be deleted in-
       stantly and consequently	get rid	of messages that can not be matched to
       this  criterion - rather	than vice versa. This can be achieved by using
       negation. The typical use case is looking at the	message	tags `To:'  or
       `Cc:' of	an e-mail.

	      DENY <> "^(To|Cc):.*my-email@address\.com"

       Having  added  such a filter to your personal rule set keeps away a lot
       of spam that is not directly addressed to your  e-mail  account.	 Since
       this  is	 a  very  aggressive way of filtering, you are well advised to
       keep your `friends list'	up to date. Also note that the above  example,
       using the logical OR operator, works only with extended Regular Expres-

       Instead of setting up spam filters,  it	is  also  possible  to	define
       scores  which  can be accumulated until a certain threshold is reached.
       This is very useful to delete advertisements on mailing lists, for  in-
       stance.	Highscore marks	the threshold:

	      HIGHSCORE	= 100
	      SCORE +100 = "^Subject:.*viagra"
	      SCORE +100 = "^Content-Type:.*html"
	      SCORE -100 = "^(To|From):.*my_mailing_list"

       This simple example is useful to	delete mails with a score greater than
       100, i.e. if someone sends an HTML mail to my_mailing_list, the message
       will  reach  score  0.	However,  should an HTML mail regarding	Viagra
       reach the list, then the	message	will  classify	as  spam,  because  it
       reached an overall score	of 100.

       The  MAXSIZE_SCORE  keyword can be used to add to the accumulated score
       for an e-mail.  The following will cause	all emails  not	 directly  ad-
       dressed	to  the	 recipient  and	greater	than 60000 bytes in size to be
       deleted (a useful way of	rejecting many common MS  targeted  worms  and
       trojans which can clog up your inbox).

	      HIGHSCORE	= 100
	      MAXSIZE_SCORE +50	= 60000
	      SCORE +50	<> "^(To|Cc):.*my-email@address\.com"

       This is a less aggressive way of	dealing	with e-mail sizes than the us-
       ing the MAXSIZE_DENY keyword.  Note that	this example (by using the ex-
       pression	(To|Cc):.*my-email@address\.com) works only with extended Reg-
       ular Expressions.

   General Message Size	Limits
       It is always a good idea	to define a very general  size	limit  for  e-
       mails.  filtermail uses the keyword MAXSIZE_DENY	for that purpose.

	      MAXSIZE_DENY = 200000

       Setting	it  to 200 kBytes can save you a couple	of hours, depending on
       how much	mail you get everyday. Messages	bigger than that  get  deleted
       on  the	server,	 unless	 they match any	of the ALLOW rules. To achieve
       maximum efficiency it makes sense to use	 both  MAXSIZE_DENY  and  MAX-
       SIZE_ALLOW. No one should block up your mail box, no `friends', no oth-

       A rule of thumb is to be	twice as tolerant towards friends than you are
       towards anonymous people.

   Dealing with	Duplicates
       Most  people want to download a message only once, even though it might
       have been sent to two or	three of their accounts	at the same time.  The
       simple line

	      DEL_DUPLICATES = "yes"

       will  take  care	 of  duplicates	and makes sure that only one copy of a
       message has to be delivered.

   Normalisation of Message Subjects
       Every now and then some clever sales person comes up with the brilliant
       idea to wrap spam in funny little characters. If	you get	a message with
       a subject line similar to this one `,L.E-G,A.L;	,C.A-B`L`E,  .B-O`X`',
       then ordinary filters would fail	to detect the junk.

	      NORMAL = "yes"

       Adding  this  directive	to  the	rcfile tells filtermail	to `normalise'
       subject strings,	i.e. leave in only the	alpha-numeric  characters  and
       delete  the  rest.  `,L.E-G,A.L;	,C.A-B`L`E, .B-O`X`' would then	become
       `LEGAL CABLE BOX' which can easily be matched to	a spam filter.

       Note that filtermail first tries	to match the original subject  string,
       before it checks	on the normalised one.

   Control Mechanism
       Since filtermail	deletes	e-mails	remotely, before they have to be down-
       loaded into the local machine, it is also important to know what	is go-
       ing  on while the program is being executed. The	least you should do is
       define a	proper level of	verbosity and a	log file.

	      LOGFILE =	"$HOME/logs/filtermail-`date +"%h%y"'"
	      VERBOSE =	3

       Level three is the default verbosity level. Using  it,  filtermail  re-
       ports information on deleted messages, run-time errors and dates	to the
       screen and the log file.

       You can use `command' to	embedd shell skripts into your path names.  In
       the  above  example  it	is used	to store log files separately for each
       month and year.

   Extended Regular Expressions
       For advanced applications, the basic Regular Expressions	are  typically
       not  sufficient.	 If  you know the syntax and usage of the extended ex-
       pressions, it is	almost always a	good idea to set REG_TYPE accordingly.

	      REG_TYPE = "extended"

       Extended	expressions are	more flexible, but also	more sensitive towards
       syntax errors and the like.  Examples in	this man page all use extended

       If you are new to Regular Expressions and new to	filtermail, you	 might
       want  to	 experiment  a	bit, before you	accidently delete messages for
       real. For such cases filtermail provides	two keywords. TEST can be used
       to  only	 simulate the deletion of messages and SHOW_HEADERS stores all
       the e-mail headers that get examined by the program.

	      TEST = "yes"
	      SHOW_HEADERS = "$HOME/logs/filtermail-headers.txt"

       Use this	setup if you are not yet comfortable with the concept of  spam
       filtering. It may help to understand Regular Expressions	better and how
       to use them.

       filtermail(1), filtermailrc(5), procmailrc(5), procmailex(5), regex(7)

       Copyright (C) 2000-2014 Andreas Bauer <>

       This is free software; see the source for copying conditions.  There is
       NO  warranty;  not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR

filtermail			 January 2009		       filtermailEX(5)


Want to link to this manual page? Use this URL:

home | help