Using .procmail to test "To:" field


Someone’s been using my domain to send (tons of!) spam, and so far I’ve been creating rule after rule using the DreamHost interface.

It’s getting kinda silly, though, so I want to create a .procmail filter that kills all email not sent to one of these addresses:

The “*” in the last two is a wildcard, since I use them for spam tracking. For example, I would give an address of If I ever get spam to, I know where it came from.

I know nothing about .procmail or regular expressions, but I’m happy to have a go. I’m posting this in case someone wouldn’t mind giving the newbie some pointers (beyond the KBase article on .procmail, which I’ve read and kinda understand).

Many thanks for any help!

– Charles Wiltgen

Just for kicks, here’s the (incorrect, I’m sure) first try:



  • ! ^|
    ! ^TO_from-(+.)|
    ! ^TO_charles+(+.)

Also, is there only one .procmailrc for all of my accounts? Do I then have to set up pass-throughs for those addresses?

You can only setup procmail recipes (beyond what you can do from the panel) on ftp / shell users, and it’s not global - it’s per-account.

Btw, I’d suggest reading the procmailex and procmailrc man pages regarding “TO” and “TO_” - these are special cases in procmail, and can work both for and against you.