Section 36.2. Objective 3: Managing Mail Traffic

36.2. Objective 3: Managing Mail Traffic

Filtering and sorting mail can be accomplished in many ways on a Linux system. Solutions include:

SpamAssassin (http://spamassassin.apache.org)

MIMEdefang (http://www.mimedefang.org)

Procmail (http://www.procmail.org)

Procmail is one of the older solutions but is explicitly covered by the LPI Exam. Therefore, it warrants the discussion in this section.

36.2.1. Filtering and Sorting Techniques

Before you learn more about Procmail, it is important to understand the basics of how mail is filtered and sorted. Filtering mail requires the application to read messages and determine the parameters given in Table 36-5.

Table 36-5. Filtering techniques
Parameter	Description
The `From` field	Information concerning the host and user who sent the message
The `To` field	Information concerning the host and user intended to receive the message
The `Subject` field	The field that endusers enter to describe the message
Message body contents	Can include text as well as indicators of the document format (e.g., ASCII or HTML)

Once the filtering parameters are determined, messages can be sorted and processed in many ways, including:

Forwarding the message to a remote host
Issuing an autoreply, a useful option for messages indicating a prolonged absence (e.g., a vacation)
Storing the message into a custom directory
Deleting the message, often by sending the file to the /dev/null file

You will need to know how to identify the contents of Subject, From, and To fields, as well as the content of the message body, then configure your system to filter and sort the messages accordingly. As mentioned earlier, this chapter focuses on doing these things with Procmail, which is the filtering system on the LPI test.

36.2.1.1. Using Procmail

Procmail is an MDA that allows clients to filter mail and customize delivery. Using rule sets called recipes, you can configure Procmail to receive, sort, and react to all mail you receive.

36.2.1.2. Procmail files

Table 36-6 provides a quick list of the binary files and configuration files used in Procmail. Familiarize yourself with each of these files for the LPI Exam.

Table 36-6. Procmail files
File	Description
/usr/bin/procmail	The binary for the Procmail service.
~/.procmailrc	The configuration file located in each user's home directory. Can contain recipes.
~/.procmail	The directory that contains user-specific procmail files. Such files can include the log files (such as a file named log) that can inform you about problems, and recipe files (a file you use to create a notification message when you are on vacation). This directory can also be named .Procmail or Procmail, a nonhidden directory. It can also contain dedicated files that specify recipes.
/etc/procmailrc	The systemwide Procmail configuration file. User-based .procmailrc files (if present) take precedence, unless they are overridden by the /etc/procmail file.
.forward	Determines which messages will be forwarded to another account.

Tip: The locations of some of these files may vary from one distribution to another. Some of the directory names may have changed, also, because it is possible to specify custom values in the /etc/procmailrc file.

36.2.1.3. Creating recipes in Procmail

To configure Procmail, you must enter instructions called recipes. You can place a recipe either in the .procmailrc file or in a dedicated files, usually in the .procmail directory. If you create a dedicated file, you must refer to it in the .procmailrc file.

The syntax for creating a recipe is comprised of three parts:

 beginning condition action

The beginning is a special character sequence, usually :0 on a line by itself, that informs Procmail that a recipe begins immediately below. The condition specifies text matches or other conditions that the mail message must meet before it is processed. There can be multiple conditions in this section. The final action section contains processing directives that specify what actions to take (e.g., forwarding or deleting the mail) once the conditions have been met.

On the Exam

Make sure that you know how to create and read a simple Procmail recipe.

Table 36-7 contains a list of common Procmail parameters used to create recipes.

Table 36-7. Procmail parameters
Parameter	Description
#	Starts a comment. Using comments is highly recommended for troubleshooting.
:0	Informs Procmail that a recipe is beginning. Specifying `:0 c` makes a copy of the matching message, meaning that the message will go on to appear in your inbox as well as be processed by the recipe.
*	Specifies a new condition. Placed at the front of a line in a recipe.
.*	Specifies the "everything" wildcard. This is never used at the start of a line and therefore can be distinguished from the previous item. For example, `Subject:.Kenya.` in a `condition` matches any message with Kenya in the `Subject` field.
^	Instructs Procmail to look for the character or parameter that follows at the beginning of a line
!	In an action, forwards the message to the address you specify. For example, the following line: ! andy@oreilly.com sends the message to the user named andy at the oreilly.com domain.
`Whc: filename.lock`	Specifies a lock file for the particular message. Useful to avoid race conditions, where another Procmail process might be running the same recipe.

36.2.1.3.1. Sample Procmail recipes

Several recipe examples follow. The first is a rather simple example that deletes email sent from an objectionable user:

 :0  * ^From: knownspammer@mail.badspammers.com /dev/null

The same thing can be done to an entire domain, by specifying all users in that domain in the condition:

 :0 * ^From: .*@badspammers.com /dev/null

The following example matches any email with the character sequence beegees in the Subject field and deletes it:

 # Spam filter :0 * ^Subject:.*beegees /dev/null

Notice how the ^ character is used to denote the Subject field; a field name is always at the beginning of a line in the email header. The colon (:) is treated as a simple character, appearing like any other character in a line.

This third simple example shows how to forward an email message from a specific user email account:

 :0  * ^From: elvis@heaven.com ! elvisfan@comcast.net

The following example shows how to automatically reply to almost all messages sent to the current user. The only exceptions are those messages sent by email daemons and those that might cause an infinite loop because they appear to originate from the current user. The recipe contains a few additional parameters that will be explained after the example:

 :0 Whc: autoresponder.lock       * $^To:.*\<$\LOGNAME\>       * !^FROM_DAEMON       * !^X-Loop: username@udel.edu               | formail -rD 8192 out.cache                 :0 ehc                 | (formail -rA"Precedence: junk" A"X-Loop: your@own.mail.address" ;                    echo "I am currently out of the office."; \                    echo "I will return Thursday, September 13th."; \                    echo "-- "; cat $HOME/.signature_line.txt \                   ) | $SENDMAIL -oi -t

The recipe has two parts. The first part uses the standard Procmail commands to process the message, negating certain conditions with *! to exclude messages that shouldn't be responded to. The formail command in this first part creates a file called out.cache that contains all mails sent. The -r option to formail strips unnecessary headers from the mail message, while the -D option limits the length of the message, to save on system resources and network bandwidth.

The second part of the message begins at the :0 ehc line. This line directs the recipe to reply to messages even if they are not found in the out.cache file. The directive portion of the message contains the actual autoresponder message, complete with an email signature file. The backslashes are necessary for line continuation. The -oi option to Sendmail causes Sendmail not to send a message created from standard input, even if a single period is at the end. The -t option removes all recipients from the message headers.

It is possible to create very sophisticated sorting and filtering recipes using Procmail. The information in this section should help you pursue the knowledge you need to pass the LPI Exam. For more information, go to the Procmail web page at http://www.procmail.org. The following URL contains many suggestions compiled by the Procmail project:

http://pm-doc.sourceforge.net/pm-tips-body.html#procmail_flags

It is an outstanding example of how open source projects are capable of documenting all features of an application.

36.2.1.4. Monitoring and troubleshooting Procmail

It is not enough to know how to create and use recipes. You must also be able to determine the cause of problems. This section includes examples of ways to monitor and troubleshoot Procmail.

As usual, start by consulting the log files. In many systems, the log file is placed off of the ~/.procmail directory. You can use the tail command with the -f option to view new log entries:

 tail -f $HOME/.procmail/pmlog

You may have to change the name of the log file to monitor, however. Look in the /etc/procmailrc or ~/.procmailrc file to determine whether a log file is being generated. If you wish to view more than the last 10 lines, use the -n command:

 tail -n 20 -f ~/.procmail/pmlog

You can also view the /var/log/messages file to determine whether errors have occurred. Finally, consider the following when troubleshooting a Procmail problem:

Make sure variables are correct.
Make sure that directories are correct.
Check filenames (e.g., rc.away rather than rc.vacation).

To test your settings, set Procmail's VERBOSE variable, create a file of recipes and another file of test mail messages, and run the procmail command in a manner such as:

 % procmail $HOME/pm/procmail_test.rc < $HOME/tmp/my_test_mail.txt