-r removes the X-Spam markup, I assume you mean -- or it removes your own domain somehow?

At any rate, I whipped up a perl script to clean up the headers before reporting spam or for whitelisting. It's pasted below; you're (all) free to ignore it, use it, or improve it as you want.

#!/usr/local/bin/perl -w
use strict;
use Mail::Internet;
use Getopt::Std;
use vars qw( $opt_d $opt_h $opt_w $opt_N );
$|++;

#
# This program takes a forwarded mail and removes unnecessary headers,
# replaces your own domain with a fake one, and reports it through
# SpamAssassin as either spam or a whitelist entry.
#
# [EMAIL PROTECTED]
#
#

# Items to remove from email before reporting spam (for privacy).
#
my $REMOVE_ORG_NAMES       = "Area\s?51 Group";
my $REMOVE_DOMAIN_NAMES    = "myrealdomain.com";

my $REMOVE_HEADERS         = "X-Spam";
my $FAKE_ORG               = "Fake Company Name";
my $FAKE_DOMAIN            = "randomdomain957.net";
my $SA                     = "spamassassin";
my $SA_FLAGS               = "-C /etc/mail/spamassassin -a -x ";
my $SA_FLAGS_SPAM          = "-r";
my $SA_FLAGS_WHITE         = "-W";

#
# SUBS
#

sub unforward($) {
 my $subj = shift;
 $subj =~ s/\S*fwd\S+//i;
 $subj =~ s/^\s*[\[\(]//;
 $subj =~ s/\s*[\]\)]$//;
 return($subj);
}

sub usage() {
 print<<EOM;

$0

 This program takes a forwarded mail and removes unnecessary headers,
 replaces your own domain with a fake one, and reports it through
 SpamAssassin as either spam or a whitelist entry.

Default action is to report the mail as spam (after cleanup).

Options:

 -d:    turn on debugging messages.
 -h:    this help, genius.
 -w:    whitelist the addresses in this email, instead of reporting
        the mail as spam.
 -N:    do not actually submit the mail to SpamAssassin (for debug).

EOM
 exit(1);
}

#
# MAIN
#

getopts("dhwN");
$opt_h and usage();

if ($opt_w) { # if whitelist reporting
 $SA_FLAGS .= $SA_FLAGS_WHITE;
} else {      # otherwise reporting spam
 $SA_FLAGS .= $SA_FLAGS_SPAM;
}
$opt_d and $SA_FLAGS .= " -D";

my @mail = <>;
my $m = Mail::Internet->new([EMAIL PROTECTED]);

for ($m->head->tags) {
 my $h = $m->get($_);

# $_ is the header tagname, $h is the header value

 if ($opt_w) {  # whitelist reporting
   (m/To$/ or m/^$REMOVE_HEADERS/) and $m->head->delete($_);
 } else {       # spam reporting
   ($h =~ m/$REMOVE_DOMAIN_NAMES/i or $h =~ m/^$REMOVE_ORG_NAMES/ or 
m/^$REMOVE_HEADERS/)
       and $m->head->delete($_);
 }

}

$m->head->replace("Subject", unforward($m->head->get("Subject")));

unless ($opt_w) {
 my $body = $m->body;
 for (@{ $body }) {
   s/^\>+//g;
   $_ = '' if /^[\w\-\_]+?:/ or /^-+\s*Original\s+Message/i; # no old headers or 
demarks
   s/$REMOVE_DOMAIN_NAMES/$FAKE_DOMAIN/g;
   s/$REMOVE_ORG_NAMES/$FAKE_ORG/g;
 }
 $m->body($body);
}

print $m->as_string, "\n\n" if $opt_d;

unless ($opt_N) {
 open(SA, "| $SA $SA_FLAGS") or exit(1);
 print SA $m->as_string;
 close(SA);
}


exit(0);




Theo Van Dinter wrote:

On Fri, Dec 12, 2003 at 12:33:26PM -0800, sabat wrote:


The spamassassin manpage talks about setting up an alias to report spam, piping the mail to spamassassin -r. Since this reports to DCC and Razor, shouldn't one clean up the headers first? Isn't there risk of getting your own domain name into the spam report? (Or at least into your own Bayes db?)



-r removes the markup for you. fyi.






-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to