If you're like me, you already have a ton of contacts in your
address book, and you'd like them to automatically be white-listed. To
add contacts from your address book to your whitelist, go to your
contact list, and do a "File/Save Address Book As VCard". This
will create a list.vcf text file that has your e-mails listed in
it. The perl script "evo-strip-vcf.pl" can be used to help extract the
e-mails from this file. To use it, save your list.vcf file, and
evo-strip-vcf.pl < list.vcf | sort -u >> ~/.whitelist
should maintain your .whitelist file carefully to allow your real
contacts through. By default, Evochallenge will create a
.whitelist file in your home directory that looks like:
# The maximum number of days we hold mail.
# If you want to truely verify that a real person is trying to contact you,
# uncomment the question and awnser fields, and make up your own.
# The user will have to reply with an e-mail containing the answer
# to get white-listed.
#question The stuff we breathe is called what?
# This example allows mail from firstname.lastname@example.org through.
# This example allows mail sent to sourforge.net lists to get through.
# This example blocks mail sent from email@example.com.
# Set these options in order for your mail to be forwarded to you
# when authorised. You must at least set the SMTP host.
smtp-host your_SMTP_host #Host name or address of the SMTP server.
#Port where the SMTP server is listening.
#smtp-hello-host EHLO #String to use in the EHLO/HELO command.
#Don't use ESMTP EHLO command, only HELO.
#Use EHLO even if server doesn't say ESMTP.
#smtp-disable-starttls #Don't use encryption even if the remote
#host offers it.
#Enable all methods of SMTP authentication.
#Enable only AUTH LOGIN method.
#Enable only AUTH PLAIN method.
#smtp-auth-cram-md5 #Enable only AUTH CRAM-MD5 method.
#smtp-user username #Username for SMTP authentication.
#smtp-pass password #Corresponding password.
Be sure to set your smtp-host, and if required, your smtp user and password.
the "TO:" or "FROM:" lines in an e-mail are matched by a "to" or "from"
declaration, they will be allowed. Otherwise, a challenge e-mail
is sent to the sender. If he replies, his e-mail will be added to
the .whitelist file, and future e-mails will come right through.
Otherwise, the filter will move his e-mails to your "Holding" directory
(or whatever you called it). The patterns listed in "to" and
"from" declarations match if they are are found as a substring in an
e-mail address, and matching is case insensitive. So, "from
@billrocks.org" matches anyone from billrocks.org, and "IBM.com"
matches firstname.lastname@example.org, but also fred@i_am_not_ibm.com.
default, Evochallenge holds mail in ~/.heldmail for 30 days while
waiting for authorization. After that, the e-mails are
deleted. If you want to change the default, use the max-age
spammers are now generating automatic responses to challenges. I
get about one such spam responder per day. To filter these
goofballs out, uncomment the "question" and "answer" lines above.
You can use your own custom challenge if you like, and list all
the reasonable answers you would accept.