Shell I want to report spam to the originating domains

pschmehl

Member

Reaction score: 11
Messages: 30

I run postfix on a server and I use Weitse Venema's filter.sh script to put spam mail into /var/spool/spam. I then wrote a script that parses the emails in /var/spool/spam and reports them to the originating domain. I'd like to improve on that script, but I'm wondering if someone has already written a script or program that already does that. (No sense in reinventing the wheel.)

This is a typical email that would end up in /var/spool/spam.
Code:
Received: from localhost by mail.stovebolt.com
        with SpamAssassin (version 3.4.5);
        Wed, 18 Aug 2021 23:10:27 +0000
From: Karina Doyle <loans@rapidfundingsolution.com>
To: geek@stovebolt.com
Subject: *****SPAM***** (6.7) RE: Easy way to get business funds?
Date: Wed, 18 Aug 2021 23:09:53 +0000
Message-Id: <dedd66ee988f14a80e25b472228da359@track.rapidfundingsolution.com>
X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20) on mail.stovebolt.com
X-Spam-Flag: YES
X-Spam-Level: ******
X-Spam-Status: Yes, score=6.7 required=3.4 tests=BAYES_00,DIGEST_MULTIPLE,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        HTML_FONT_LOW_CONTRAST,HTML_FONT_TINY_NORDNS,HTML_MESSAGE,
        LOTS_OF_MONEY,PYZOR_CHECK,RAZOR2_CF_RANGE_51_100,RAZOR2_CHECK,
        RDNS_NONE,SPF_HELO_NONE,SPF_NEUTRAL,T_KAM_HTML_FONT_INVALID,
        URIBL_ABUSE_SURBL,URIBL_BLOCKED autolearn=no autolearn_force=no
        version=3.4.5
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_611D9363.DA3CD0E7"
This is a multi-part message in MIME format.
------------=_611D9363.DA3CD0E7
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "mail.stovebolt.com",
has identified this incoming email as possible spam.  The original
message has been attached to this so you can view it or label
similar future email.  If you have any questions, see
The administrator of that system for details.
Content preview:  Get Capital For Your Business... View in browser ( http://track.rapidfundingsolution.com/web_view.php?id=PGRlZGQ2NmVlOTg4ZjE0YTgwZTI1YjQ3MjIyOGRhMzU5QHRyYWNrLnJhcGlkZnVuZGluZ3NvbHV0aW9uLmNvbT4%3D
   ) Working Capital ( https://www.rapidfundingsolution.com ) 
Content analysis details:   (6.7 points, 3.4 required)
The script that I wrote parses the message, determines the originating domain, then sends a copy of the message along with its headers to postmaster@ and abuse@ with the subject line "Suspected spam from your domain, including headers".

I'm wondering if anyone knows of a program that would do this (but better than I did it.) Perl, python, bash, whatever.

I've attached my script in case anyone wants to review it. (Please don't laugh.) I welcome any suggestions for improvement.
 

Attachments

  • spam-report.txt
    2 KB · Views: 17
Top