[ANN] Pop3-Spamchecker poppers in Python

Karlheinz klingbeil lunqual at gmx.de
Mon Oct 6 09:50:29 EDT 2003 

I have read quite a few mails recently with the question how to get rid of
spam using a python script...

As I was flooded with Spam-Mails in the past 2 weeks i wrote a python-script
which kills spam in a new more-than-1 stage manner. You can download script
and Doc at 
http://www.lunqual.de/poppers.zip
Note that the script was developed on a Linux box, but should work just fine
under any other OS

here's the readme

-------------------------------------------------------snip------------------------------------------------

poppers 0.2 Readme
Copyright 2003 by Karlheinz Klingbeil (lunqual)

PopClean is a small script in python language which checks any
pop3 mailbox and deletes contents based on regular expression
matching in header and checking attachments before you have
to download more junk than you can affort

Requires

popclean requires Python 2.2+ to be installed on your machine

How to use:

1. edit the poppers.py script
   in line 27 enter a proper path for your .poppers.conf file
   in line 31 enter a proper path for your .poppers.log file
2. edit the .poppers.conf file
   - enter your user data in the list of users
   - set testmode to 1 if you don't want any messages on the
     server deleted. set testmode to 0 if you want the real thing ;))
3. start poppers.py directly in a shell (after chmod +x) 
   or by the command line 'python poppers.py'

The .poppers.conf file has extensive information about configuration
options, but here is short how it works:

poppers has several stages

Stage 1         : check if mail has a subject line
                  if no , mark to delete

Stage 2-1(deny) : check regular expressions for header
                  lines to deny mails
                  (it may be useful at this stage to
                  deny _ALL_ mails by specifiying the
                  line 'deny=from,to,subject:.*' Dont
                  be afraid, read on ;))

Stage 2-2(allow): check regular expression for header
                  lines to allow mails (even if denied
                  in Stage 2-1 )
                  If you did the above mentioned killaction
                  you can allow here mails to your own address
                  only with the line 'allow=to:myown_address at somewhere.com'

                  if you do this, you will get rid of a fair amount of
                  spam, for me this can be half to 2/3 of the Inbox

Stage 3         : will be applied to all mails who are not still marked
                        to delete. 
                  If a Mail contains a 'content-type: multipart' header
                  it may contain an attachment. 
                  And if a mail _may_ contain an attachment a number of
                  lines (specified by 'read_body=x' command will be 
                  downloaded and checked.
                  therefore you can check a part of the mails body in
                  this stage with a_deny and a_allow rules
                  for example, the rule 
                  'a_deny=.*<atb>.*content-type.*name.*\.exe'
                  will catch an exe attachment and deny this mail, but
                  you can also allow certain attachments:
                  'a_allow=.*<atb>.*content-type.*name.*\.pdf' will let
                  a pdf attachment through.
                  As you check rules against a part of the message body
                  this is not limited for catching attachments only, but 
                  however, the part of the mailbody will only get downloaded
                  if poppers assumes that there must be an attachment in it...

                  if poppers searches for an attachment and doesnt find it 
                  within the specified number of lines you can delete the mail
                  with the command 'delete_not_found_attachments=1' or
                  let them undisturbed by 'delete_not_found_attachments=0'

Stage 4         : final Stage, see Documentation for Stage 2, as the same rules
                  can be applied. this is the point where you define rules
                  based on subject,from or to headers. for example
                  'f_deny=from,to,subject:.*microsoft' will delete all mails
                  which contain the string 'microsoft' (case insensitive !)
                  somewhere in the from,to or subject headerline

Stage 4-1       : Final deny rules. Applied to all Mails which arent marked for
                  deletion yet to give you a chance to catch them now

Stage 4-2       : Final allow rules. Applied to all Mails which _ARE_ marked for
                  deletion. this is the point where you can make rules for
                  mails that _have_ to get through for some reasons. for 
                  example 'f_allow=from:.*mygirlfriend at the_neighbourhood.com'
                  will allow mails from your girlfriend no matter what they
                  contain.
                


-------------------------------------------------------snip------------------------------------------------

-- 
Greetz.... lunqual
http://www.lunqual.de

More information about the Python-list mailing list