for the past few months i’ve had spamassassin setup to send just about everything to my “caughtspam” file expect what i had specifically whitelisted, as seen here from my spamassassin local.cf file:
required_hits -100.1 report_safe 1 use_bayes 1 skip_rbl_checks 0 use_razor2 0 use_dcc 1 use_pyzor ok_languages en ok_locales en whitelist_from *sears.com
whitelist_from *plaind.com
****snip my whitelist is long****header SUBJ_BC895 Subject =~ /BC895/
describe SUBJ_BC895 Catch bearcat subjects
score SUBJ_BC895 -100
this example will also show you how to filter via spamassassin based on subjects, in this case, from my bearcat scanner yahoo group.
but, i figured i could just do this with procmail and not have to worry about “scoring emails” at all, just send everything to my caughtspam file except what i have specifically sent to my inbox. so my first procmailrc file looked like this:
:0
* ? formail -x”From” -x”From:” -x”Sender:” \
-x”Reply-To:” -x”Return-Path:” -x”To:” \
| egrep -is -f /home/vim/whitelist
/var/spool/mail/vim:0:
* ^Subject:.*\BC895\
/var/spool/mail/vim:0:
* ^Subject:.*\blog @ nightmare.org\
/var/spool/mail/vim:0
/home/vim/caughtspam
but that still let spam into my inbox (because anything to: vim at nightmare.org would get through) and i only wanted to filter on who it was from, not who it was to. so i changed the filtering bit at the top thusly:
:0
* ? formail -x”From” -x”From:” -x”Sender:” \
| egrep -is -f /home/vim/whitelist
/var/spool/mail/vim
so now procmail checks for valid senders against my whitelist file: /home/vim/whitelist and puts anything on the list in /var/spool/mail/vim and everything else in /home/vim/caughtspam which i can check whenever i feel like it. i could have made a whitelist for subjects as well, but i’m only worried about subjects in two cases so i put them right in the procmailrc file.