Procmail

Procmail (http://www.procmail.org/) is a mail filter that sits on the email server. It is used to preprocess incoming email before they reach the mailbox. Such a tool is required to run most of the email virus scanners (see ClamAV with Procmail), anti-spam software (see SpamAssassin with Procmail), and Bayesian filters (see Spam Filtering with Bayesian Filters). If you use complex rules and handle a lot of email, it may be a good solution to install Procmail on its own server, separated from the other scanners. There are a number of tools similar to Procmail, but it is really the reference for all Linux-based systems. Procmail has a very large user base, so a lot of examples and documentation are available on the Web.

Procmail has four main features:

Pattern matching

Procmail can match patterns in the headers and body of emails.

Email rewriting

Procmail can be used to modify emails through external programs such as formail.

Pipes

Pipes can be used to run emails through external tools such as clamscan (see Clamscan) or spamassassin (see SpamAssassin). Procmail can use the return code or the output of these tools.

Mail delivery

Procmail can be used as a Local Delivery Agent (LDA) to deliver emails to the right mailbox.

Rules can be created globally and on a per-user basis.

Mail Delivery Chain

Figure 16-3 shows that when an email arrives to the mail server, it first goes through the Mail Delivery Agent (MDA), which checks whether the recipe exists, and then through the Local Delivery Agent (LDA), which delivers the email to the user mailbox.

Mail delivery chain

Figure 16-3. Mail delivery chain

Tip

The MDA configuration file must be updated to work with Procmail. For postfix, in /etc/postfix/main.cf, add the line:

mailbox_command = /usr/bin/procmail

LDAs usually inspect the file .forward to execute actions before adding an email to the user mailbox. $HOME/.forward must contain the following line for $HOME/.procmail to be used:

| /usr/bin/procmail

Tip

If qmail is used as the LDA, use $HOME/.qmail instead of $HOME/.forward.

If Procmail is used as the LDA, $HOME/.forward is not used and Procmail looks directly for $HOME/.procmailrc. Also, in this case, if a delivery recipe is found in /etc/procmailrc, the email is delivered directly to the mailbox without using $HOME/.procmailrc. See Figure 16-4.

Mail delivery chain with Procmail as LDA

Figure 16-4. Mail delivery chain with Procmail as LDA

Tip

By default, ls does not display the files and directories that start with a . (dot). To display these files, use ls -a.