sb_isip.rc

这是一个从音频信号里提取特征参量的程序

#    autoresponse may be in error, so I have set it to revert to SILENT mode
#    after that time.
#

:0
{ CM=`date +%y%m` }

:0
{ RESPOND=no }

:0
* CM ?? 0111
{ RESPOND=yes }

:0
* CM ?? 0110
{ RESPOND=yes }

:0
* RESPOND ?? no
{
 :0
 { SPAMREPLY=SILENT }
}

# ISIP modification: set ISIP variables
#
INCLUDERC=${SBDIR}/sb_isip_init.rc

# EMAIL VIRUS FILTERS
#
# Filters to catch common email viruses, many of them set up to spam themselves
# without the sender's knowledge.  Since you are considerably =MORE= likely
# to get these viruses from people you normally correspond with than from
# strangers, this recipe alone is put outside of the NOBOUNCE filters, and
# is run on all email the SpamBouncer processes.

# ISIP modification: This is only run if the USE_SIMPLE is 
# set or the USE_STRICT is set
#
:0 
* USE_SIMPLE ?? yes
{
   INCLUDERC=${SBDIR}/sb-viruses.rc
}

:0 E
* USE_STRICT ?? yes
{
   INCLUDERC=${SBDIR}/sb-viruses.rc
}

# Start of "else" wrapper so virus matches skip everything else and are taken care of
# ISIP modification: removed the else clause
# :0 E
:0
{

# THE NOBOUNCE FILE

#    This is a file of addresses of friends and others you
#    want to get mail from, but who are at spam haven
#    domains/systems.  This way, they can mail you without
#    trouble, even if your filter drops all other mail from
#    that site.

:0 f
* ? ${TEST} -f ${NOBOUNCE} && (${FORMAIL} -zxFrom: -zxReply-To: | ${GREP} -i -f ${NOBOUNCE})
| ${FORMAIL} -A"X-SBPass: NoBounce"

# Start of "else" wrapper so NoBounce matches skip everything else
:0 E
{

# GLOBALNOBOUNCE system nobounce file processing

#    This is identical to the other NOBOUNCE file, except that a
#    system administrator maintains it for all users on the
#    system.

:0 f
* !GLOBALNOBOUNCE ?? NONE
* ? ${TEST} -f ${GLOBALNOBOUNCE} && (${FORMAIL} -zxFrom: -zxReply-To: | ${GREP} -i -f ${GLOBALNOBOUNCE})
| ${FORMAIL} -A"X-SBPass: GlobalNoBounce"

# Start of "else" wrapper so GlobalNoBounce matches skip everything else
:0 E
{

# Filter out known opt-in mailing lists
#   
#  (Note to anyone who wonders why they're in this part of the Spam Bouncer --
#   this is a list of good guys who aren't spammers, but whose email is
#   sometimes incorrectly tagged by the Spam Bouncer when users don't
#   properly filter out their legitimate mailing lists.  If you are listed here,
#   don't worry.  You aren't being labeled a spammer -- quite the
#   contrary.) 
#
:0
* ^(By:|Cc:|From.|Sender:).*[^0-9a-z](.*@(bible|moses)\.acu\.edu([^\.]|$)|\
              .*@public\.lists\.apple\.com([^\.]|$)|\
              .*@lists\.debian\.org([^\.]|$)|\
              .*@.*eff\.org([^\.]|$)|\
              .*@.*python\.org([^\.]|$)|\
              .*@lists\.skylist\.net([^\.]|$)|\
              .*@lists\.besties\.com([^\.]|$)|\
              .*@lists\.wired\.com([^\.]|$)|\
              .*@lists\.hrweb\.org([^\.]|$)|\
              .*@lists\.iconwall\.org([^\.]|$)|\
              .*@lists\.reveal\.org([^\.]|$)|\
              .*@lists\.spambouncer\.(com|net|org)([^\.]|$)|\
              owner-.*@inf\.ed\.ac\.uk([^\.]|$)|\
              aff@.*csj\.org([^\.]|$)|\
              amnesty@oil\.ca([^\.]|$)|\
              besties@(amber|lists)\.ghostwheel\.com([^\.]|$)|\
              campus@vu\.org([^\.]|$)|\
              dilbertnewsletter@unitedmedia\.com([^\.]|$)|\
              firewalls.*@lists\.gnac\.net([^\.]|$)|\
              freematt@coil\.com([^\.]|$)|\
              germanrt@tower.ml.org([^\.]|$)|\
              moderators@|\
              moderators-advice@|\
              netfuture@|\
              news@infobeat\.com([^\.]|$)|\
              opf-l@|\
              ora-news@list\.ora\.com([^\.]|$)|\
              orders@powells\.com([^\.]|$)|\
              owner-freebsd-announce@FreeBSD\.org([^\.]|$)|\
              owner-hrw-news@igc\.apc\.org([^\.]|$)|\
              procmail@informatik\.rwth-aachen\.de([^\.]|$)|\
              sendpage-hackers@net\.ohio-state\.edu([^\.]|$)|\
              spam-l@peach\.ease\.lsoft\.com([^\.]|$)|\
              TDS@amrcorp\.com([^\.]|$)|\
              www@carol\.powells\.com([^\.]|$))
{ KNOWNLEGITBULK=yes }

:0
* ^Subject: (Dell Order Information|\
             Dell Order Shipment Confirmation)
* ^(From|Received|Sender).*[^0-9a-z]dell\.com([^\.]|$)
{ KNOWNLEGITBULK=yes }

:0
* ^X-Mailer: SFF Net Automailer
* ^(From|Received|Sender).*[^0-9a-z](greyware\.com([^\.]|$)|\
                       sff\.net([^\.]|$))
{ KNOWNLEGITBULK=yes }

:0
* KNOWNLEGITBULK ?? yes
{
:0 f
| ${FORMAIL} -A"X-SBPass: Legitimate Mailing List (Internal)"

:0
{ BULKTAG=yes }
}

# Start of "else" wrapper so Legitimate Mailing List (Internal) matches skip everything else
:0 E
{

# Filter out known opt-in mailing lists (External List)
:0
* ? ${TEST} -f ${LEGITLISTS} && (${FORMAIL} \
                                -zxCc: \
                                -zxFrom: \
                                -zxResent-By: \
                                -zxResent-From: \
                                -zxResent-Sender: \
                                -zxResent-To: \
                                -zxReply-To: \
                                -zxSender: \
                                -zxTo: \
    | ${GREP} -i -f ${LEGITLISTS})
{
:0 f
| ${FORMAIL} -A"X-SBPass: Legitimate Mailing List (External)"

:0
{ BULKTAG=yes }
}

# Start of "else" wrapper so Legitimate Mailing List (External) matches skip everything else
:0 E
{

# Filter out known sources of bounce messages and adminstrative junk
:0
* ^From:.*(tickets@above\.net([^\.]|$)|\
           abuse@alladvantage\.com([^\.]|$)|\
           autopost@general\.amug\.org([^\.]|$)|\
           abuse@aol\.net([^\.]|$)|\
           ops@bbnplanet\.com([^\.]|$)|\
           abuse@bellsouth\.net([^\.]|$)|\
           abuse@best\.(com|net)([^\.]|$)|\
           nobody@.*cadvision\.com([^\.]|$)|\
           abuse@cerf\.net([^\.]|$)|\
           Charm\.Net's\.Abuse\.Center@charm.net([^\.]|$)|\
           abuse-bounce@.*cjb\.net([^\.]|$)|\
           abuse@compuserve\.com([^\.]|$)|\
           abuse@concentric\.net([^\.]|$)|\
           abuse@tipa2\.cwix\.net([^\.]|$)|\
           spamcomplaints@cw.*\.com([^\.]|$)|\
           spamcomplnts@.*cw\.net([^\.]|$)|\
           spamcomplaints@cwbusiness\.com([^\.]|$)|\
           abuse-reply@direct-connect.com([^\.]|$)|\
           policy@.*digex\.net([^\.]|$)|\
           spam@mercury\.earthlink\.net([^\.]|$)|\
           abuse@easy\.to([^\.]|$)|\
           listserv@.*espire.net([^\.]|$)|\
           abuse@exodus\.net([^\.]|$)|\
           abuse@geocities\.com([^\.]|$)|\
           abuse@.*home\.net([^\.]|$)|\
           abuse@host4u\.net([^\.]|$)|\
           (abuse|policy)@hotmail\.com([^\.]|$)|\
           help@idirect\.com([^\.]|$)|\
           abuse@.*interland\.net([^\.]|$)|\
           postmaster@juno\.com([^\.]|$)|\
           SPAMCOMPLNTS@.*MCI.NET([^\.]|$)|\
           postmast2000@mass?-pop\.pmm\.mci\.net([^\.]|$)|\
           abuse@mindspring\.net([^\.]|$)|\
           abuse@microsoft\.com([^\.]|$)|\
           abuse@mo\.com([^\.]|$)|\
           (abuse|postmaster)@.*msn\.com([^\.]|$)|\
           cyberfraud@nasaa\.org([^\.]|$)|\
           abuse@.*neosoft\.com([^\.]|$)|\
           abuse@netcom\.com([^\.]|$)|\
           abuse@passport\.ca([^\.]|$)|\
           autoreply@psi\.com([^\.]|$)|\
           abuse@prodigy\.(com|net)([^\.]|$)|\
           abuse@rr\.com([^\.]|$)|\
           abuse@saix\.net([^\.]|$)|\
           enforcement@sec\.gov([^\.]|$)|\
           internet\.abuse@shaw\.ca([^\.]|$)|\
           abuse@sprint(link)?\.net([^\.]|$)|\
           Abuse\.Response@telstra\.net([^\.]|$)|\
           abuse@.*tripod\.com([^\.]|$)|\
           nobody@.*uu.net([^\.]|$)|\
           abuse@.*verio\.net([^\.]|$)|\
           autoresponder@.*webtv\.net([^\.]|$)|\
           spambuster@.*whowhere\.com([^\.]|$))
{
:0 f
| ${FORMAIL} -A"X-SBPass: Autobot/Abuse"

:0
{ ADMINTAG=yes }
}

# Start of "else" wrapper so Autobot/Abuse matches skip everything else
:0 E
{

# CHECK FOR BYPASSWD
:0 f
* $ ^Subject:.*${BYPASSWD}
| ${FORMAIL} -A"X-SBPass: BYPASSWD"


# Start of "else" wrapper so BYPASSWD matches skip everything else
:0 E
{

# Stick NOLOOP stuff into ADMIN
:0
* $ ^X-Loop: ${NOLOOP}
{
:0 f
| ${FORMAIL} -A"X-SBPass: NOLOOP"

:0
{ ADMINTAG=yes }
}


# Start of "else" wrapper so NOLOOP matches skip everything else
:0 E
{

# Make sure you aren't autoreplying to a mailer daemon
:0
* ^From (MAILER-DAEMON|Mail Delivery Subsystem|<>)
* ^From:.*(MAILER-DAEMON|Mail Delivery Subsystem)
{
:0 f
| ${FORMAIL} -A"X-SBNote: MAILER-DAEMON"

:0
{ ADMINTAG=yes }
}

# Identify Admin email
:0
* (^FROM_MAILER([^\.]|$)|\
   ^(From|Sender).*[^0-9a-z]abuse.*@|\
   ^(From|Sender).*[^0-9a-z]admin.*@|\
   ^(From|Sender).*[^0-9a-z]auto.*@|\
   ^(From|Sender).*[^0-9a-z]dummy@c-zone\.net|\
   ^(From|Sender).*[^0-9a-z]helpdesk@|\
   ^(From|Sender).*[^0-9a-z]hostmaster@|\
   ^(From|Sender).*info@|\
   ^(From|Sender).*[^0-9a-z]list@|\
   ^(From|Sender).*[^0-9a-z]listserv@|\
   ^(From|Sender).*[^0-9a-z]macjordomo?@|\
   ^(From|Sender).*[^0-9a-z].*mail(er|man)?@|\
   ^(From|Sender).*[^0-9a-z].*mailadmin@|\
   ^(From|Sender).*[^0-9a-z]majordomo?@|\
   ^(From|Sender).*[^0-9a-z]nobody@|\
   ^(From|Sender).*[^0-9a-z]noc@|\
   ^(From|Sender).*[^0-9a-z]policy@|\
   ^(From|Sender).*[^0-9a-z]spam@|\
   ^(From|Sender).*[^0-9a-z]support@|\
   ^(From|Sender).*[^0-9a-z].*postmaster)
*  !^From.*MAILER-DAEMON
*  !^Resent-(By|From|To|Sender):
{
:0 f
| ${FORMAIL} -A"X-SBNote: From Admin"

:0
{ ADMINTAG=yes }
}

# Tag known bulk email
:0
* (^FROM_DAEMON|\
   ^Precedence: (Bulk|Junk|List)|\
   ^Resent-(By|From|To|Sender):|\
   ^List-[0-9a-z]*:|\
   ^X-ListName:|\
   ^X-Listprocessor|\
   ^X-Listserver:|\
   ^X-Lyris-(To|MemberID|MessageID):|\
   ^Received:.*majordom)
{
:0 f
| ${FORMAIL} -A"X-SBNote: FROM_DAEMON/Listserv"

:0
{ BULKTAG=yes }
}

# Check for LARGE messages
:0
* LEAN ?? yes
* > 38400
{
:0 f
| ${FORMAIL} -A"X-SBPass: Oversize-Leantagged"

:0
{ LEANTAG=yes }
}


# Set SPAMREPLY complaints properly
:0
{ SRC=no }

:0
* SPAMREPLY ?? COMPLAIN
{ SRC=yes }

:0
* SPAMREPLY ?? BOTH
{ SRC=yes }


# Set SPAMREPLY bounces properly
:0
{ SRB=no }

:0
* SPAMREPLY ?? BOUNCE
{ SRB=yes }

:0
* SPAMREPLY ?? BOTH
{ SRB=yes }




##########################################################################

# EXTREMELY ROGUE SPAM SITES
#
#  Sites that exist to spam.
# ISIP modification: added checks around each of these to add some
# level of control
#
:0 
* USE_SIMPLE ?? yes
{
INCLUDERC=${SBDIR}/sb-rogue.rc
}


# ORDINARY SPAMMERS
#
#  Spammers that run businesses which might exist in real life or have 
#  legitimate customers, but that's questionable. 

:0 
* USE_SIMPLE ?? yes
{ INCLUDERC=${SBDIR}/sb-ordinary.rc }


# MAINSLEAZE SPAMMERS
#
#  Sites that belong to otherwise legitimate companies that spam, but 
#  that you might have to do business with.   

:0 
* USE_SIMPLE ?? yes
{ INCLUDERC=${SBDIR}/sb-mainsleaze.rc }


# SPAMMING ISPS
#
# Internet Service Providers all or most of whose known customers are spammers,
# and which either openly allow spamming or which have a long-documented record of
# not taking action against their customers when those customers spam.

:0 
* USE_SIMPLE ?? yes
{ INCLUDERC=${SBDIR}/sb-spamisps.rc }


# IDEOLOGICAL SPAMMERS
#
#  Spammers that spam primarily for political, religious, or other ideological
#  causes, where money is a secondary concern if it is a concern at all. 

:0 
* USE_SIMPLE ?? yes
{ INCLUDERC=${SBDIR}/sb-ideological.rc }


# SPAM-FOR-HIRE SITES
#
# Companies that provide bulk email services for other companies, and who
# do not exercise due diligence to ensure that their bulk email is sent
# only to people who have asked to receive it.  Many of the companies in
# this category spam for companies in the MainSleaze category.

:0 
* USE_SIMPLE ?? yes
{ INCLUDERC=${SBDIR}/sb-spamforhire.rc }


# FRAUDULENT SCAMS/SPAMS
#