.\" @(#)$Id: Filter.guid,v 4.1 90/04/28 22:41:03 syd Exp $ .\" A guide to the Elm Filter program .\" format with: .\" 'tbl tmac.n Filter.guid | troff > Filter.format' .\" (C) Copyright 1986, 1987 Dave Taylor .\" (C) Copyright 1988, 1989, 1990 Usenet Community Trust .\" Elm is now in the public trust. Bug reports, comments, suggestions, flames .\" etc. should go to: .\" Syd Weinstein elm@DSI.COM (dsinc!elm) .\" $Log: Filter.guid,v $ .\" Revision 4.1 90/04/28 22:41:03 syd .\" checkin of Elm 2.3 as of Release PL0 .\" Revision 3.8 90/03/26 15:12:06 syd .tm Have we been run through "tbl" first?? I hope so! .po 1i .ds h0 .ds h1 .ds h2 .ds f0 .ds f1 .ds f2 .nr Hy 1 .nr Pt 1 .nr Pi 8 .lg 0 .sp |3.0i .ce 99 .ps 20 .ss 18 .vs 12 \f3The Elm Filter System Guide\f1 .sp 4 .ps 12 .ss 14 .vs 14 \f2What the filter program is, what it does, and how to use it\f1 .sp 2 Dave Taylor Hewlett-Packard Laboratories 1501 Page Mill Road Palo Alto CA 94304 .sp 3 email: taylor\s-1@\s+1hplabs.HP.COM or hplabs\s-1!\s+1taylor .sp 3 >>> Elm is now in the public trust. Bug reports, comments, etc. to: <<< Syd Weinstein Datacomp Systems, Inc. 3837 Byron Road Huntingdon Valley, PA 19006-2320 email: elm\s-1@\s+1DSI.COM or dsinc\s-1!\s+1elm .sp 3 .ps 18 \f3\(co\f1\s12 Copyright 1986, 1987 by Dave Taylor .ps 18 \f3\(co\f1\s12 Copyright 1988, 1989, 1990 by The USENET Community Trust .ps 10 .ss 12 .vs 12 .bp 1 .sv 5v .ps 14 \f3The Elm Filter System Guide\f1 .ds h0 "Elm Filter Guide .ds h2 "Version 2.3 .ds f0 "May 1, 1990 .ds f1 "Page % .ps 10 (Version 2.3) .sp 2 Dave Taylor Hewlett-Packard Laboratories 1501 Page Mill Road Palo Alto CA 94304 email: taylor\s-1@\s+1hplabs.HP.COM or hplabs\s-1!\s+1taylor .sp 2 >>> Elm is now in the public trust. Bug reports, comments, etc. to: <<< Syd Weinstein Datacomp Systems, Inc. 3837 Byron Road Huntingdon Valley, PA 19006-2320 email: elm\s-1@\s+1DSI.COM or dsinc\s-1!\s+1elm .sp 2 May 1, 1990 .ce 0 .sp 3 One of the greatest problems with the burgeoning electronic mail explosion is that I tend to get lots of mail that I don't care about. Amusingly, perhaps, I have the equivalent of electronic junk mail. Not amusing, however, is the fact that this can rapidly accumulate and end up taking over my mailbox. At the same time I often get mail that, while it is interesting and important, can easily be filed to be read later, without ever actually having to cluttering up my incoming mailbox. .sp 2 This, then, is what \f2filter\f1 does! The \f2filter\f1 program allows you to define a set of rules by which all incoming mail should be screened, and a subsequent set of actions to perform based on whether the conditions were met or not. \f2Filter\f1 also has the ability to mail a summary of what actions it performed on the incoming mail as often as you'd like. .ne 5 .hu Writing the Rules The language for writing \f2filter\f1 rules is pretty simple, actually. The fundamental structure is; .ti .5i if (\f2condition\f1) then \f2action\f1 Where \f2condition\f1 is constructed by an arbitrary number of individual conditions of the form ``\f2field\f1 \f2relation\f1 \f2value\f1''. (an optional further type of rule is of the form ``always \f2action\f1'' but should only be used as the last rule in the ruleset, for obvious reasons). The \f2field\f1 value can be; .in .5i subject lines contains .in 0 where, if ``lines'' is chosen, the \f2relation\f1 can be any of the standard relationships (`>', `<', `>=', `<=', `!=' and `='). If another action is chosen, ``contains'' can be used as the relation, ``='', or, if you'd like, you can skip the relationship entirely (e.g. `subject "joe"'). The \f2value\f1 is any quoted string that is to be matched against or number if ``lines'' is the field being considered. Individual conditions are joined together by using the word ``and'', and the logic of a condition can be flipped by using ``not'' as the first word (e.g. `not subject "joe"'). We'll see more examples of this later. Note that the ``or'' logical conjunction isn't a valid part of the \f2filter\f1 conditional statement. Finally, <\f2action\f1> can be any of; .in .5i delete save \f2foldername\f1 savecopy \f2foldername\f1 forward \f2address\f1 execute \f2command\f1 leave .in 0 where they result in the actions; \f3delete\f1 deletes the message; \f3save\f1 saves a copy of the message in the specified foldername; \f3savecopy\f1 does the same as save, but also puts a copy in your mailbox; \f3forward\f1 sends the message to the specified address; \f3execute\f1 feeds the message to the specified command (or complex sequence of commands) as standard input; and \f3leave\f1 leaves the message in your mailbox. Foldernames can contain any of a number of macros, too, as we'll see in the example ruleset below. The macros available for the string fields are; .ft CW center; lf3 lf3 Macro Meaning .ft CW %d day of the month %D day of the week (0-6) %h hour of the day (0-23) %m month of the year (0-11) %r return address of message %s subject of original message %S ``Re: \f2subject of original message\fP'' .ft CW %t current hour and minute in HH:MM format %y year (last two digits) .ft 1 The rules file can also contain comments (any line starting with a `#') and blank lines. The file itself needs to reside in your .elm directory off your home directory and be called \f2.elm/filter-rules\f1. Here's an example: .ft CW # $HOME/.elm/filter-rules # Filter rules for the Elm Filter program. Don't change without some # serious thought. (remember - order counts) # (for Dave Taylor) # rule 1 if (from contains "!uucp") then delete # rule 2 to "postmaster" ? save "/tmp/postmaster-mail.%d" # rule 3 if (to "culture" and lines > 20) ? save "/users/taylor/Mail/culture" # rule 4 subject = "filter test" ? forward "hpldat!test" # rule 5 if [ subject = "elm" ] savecopy "/users/taylor/Mail/elm-incoming" # rule 6 subject = "display-to-console" ? execute "cat - > /dev/console" .ft 1 (notice the loose syntax \(em there are lots of valid ways to specify a rule in the \f2filter\f1 program!!) To translate these into English; .nr TW \w'1. 'u .in .5i .ti -\n(TWu 1. All messages from uucp should be summarily deleted. .ti -\n(TWu 2. All mail to postmaster should be saved in a folder (file) called /tmp/postmaster-mail.\f2numeric-day-of-the-week\f1 .ti -\n(TWu 3. All mail addressed to `culture' with at least 20 lines should be automatically appended to the folder /users/taylor/Mail/culture. .ti -\n(TWu 4. All messages that contain the subject `filter test' should be forwarded to me, but via the address `hpldat!test' (to force a non-user forward) .ti -\n(TWu 5. All messages with a subject that contains the word `elm' should be saved in the folder ``/users/taylor/Mail/elm-incoming'' and also dropped into my mailbox. .ti -\n(TWu 6. Any message with the subject ``display-to-console'' will be immediately written to the console. .in 0 Notice that the \f2order\f1 of the rules is very important. If we, for example, were to get a message from `uucp' that had the subject `filter test', the \f2filter\f1 program would match rule 1 and delete the message. It would never be forwarded to `hpldat!test'. It is for this reason that great care should be taken with the ordering of the rules. .ne 5 .hu Checking the rules out The \f2filter\f1 program has a convenient way of check out the rules you have written. Simply invoke it with the \f3-r\f1 (\f3r\f1ules) flag; .in .5i % \f3filter -r\f1 .ft CW .in .5i+\w'Rule 1: 'u .ti .5i Rule 1: if (from = "!uucp") then Delete .ti .5i Rule 2: if (to = "postmaster") then Save /tmp/postmaster-mail. .ti .5i Rule 3: if (to = "culture" and lines > 20) then Save /users/taylor/Mail/culture .ti .5i Rule 4: if (subject = "filter test") then Forward hpldat!test .ti .5i Rule 5: if (subject="elm") then Copy and Save /users/taylor/Mail/elm-incoming .ti .5i Rule 6: if (subject="display-to-console") then Execute "cat - > /dev/console" .ft 1 .in 0 .ft 1 There are a few things to notice \(em first off, these are the parsed and rebuilt rules, so we can see that they are all in a consistent format. Also, notice on the filename for rule 2 that the program has correctly expanded the ``%d'' macro to be the day of the week. It is \f3highly\f1 recommended that you always check your ruleset before actually letting the program use it! .ne 5 .hu Actually Using the Program Now the bad news. If you aren't running \f2sendmail\f1 you cannot use this program as currently written. Why? Because the \f2filter\f1 program expects to be put in your \f2.forward\f1 file and that is something that only \f2sendmail\f1 looks at! The format for the entry in the \f2.forward\f1 file (located in your home directory) is simply; .ti .5i "| /usr/local/bin/filter" Allright, it isn't quite \f2that\f1 simple! Since \f2filter\f1 will be invoked by processes that don't know where you are logged in, you need to have some way to trap the error messages. For ease of use, it was decided to have all the messages written to the file specified by `-o' (or \f2stderr\f1) which means that you have two main choices for the actual entry. Either; .ti .5i "| /usr/local/bin/filter -o /dev/console" which will log all errors on the system console (each error is prefixed with ``filter (\f2username\f1)'' to distinguish it), or; .ti .5i "| /usr/local/bin/filter -o /tmp/joe.filter_errors" If you want to have a copy saved to a file. Note that the quotes are a required part of the line. A possible strategy would be to have the errors written to a file and to then have a few lines in your \f2.login\f1 script like: .ft CW .in .5i+\w'if 'u .ti .5i if ( -f /tmp/joe.filter_errors) then echo "\ \ " echo "Filter program errors;" cat /tmp/joe.filter_errors echo "\ \ " .ti .5i endif .ft 1 .in 0 .ft 1 You can also use the \f3-v\f1 flag in combination with the above to have a more verbose log file saved by having your \f2.forward\f1 file; "| /usr/local/bin/filter -vo /tmp/joe.filter_errors" Suffice to say, you can get pretty tricky with all this!! .ne 5 .hu Summarizing the Actions Taken The \f2Filter\f1 program keeps a log of all actions performed, including what rules it matched against, in your .elm directory in a file called \f2.elm/filterlog\f1. You can either directly operate on this file, or, much more recommended, you can one of the two summarize flags to the program and let \f2it\f1 do the work for you! The difference between the two is best demonstrated by example: % \f3filter -s\f1 .ft CW .in .5i Summary of Filter Activity \l'\w'Summary of Filter Activity'u-' A total of 418 messages were filtered: The default rule of putting mail into your mailbox .in .5i+\w'Rule #1: 'u applied 364 times (87%) .ti .5i Rule #1: (delete message) applied 1 time (0%) .ti .5i Rule #2: (save in "/users/taylor/Filtered-Mail/netnews.12") applied 8 times (2%) .ti .5i Rule #3: (save in "/users/taylor/Filtered-Mail/postmaster.12") applied 14 times (3%) .ti .5i Rule #5: (save in "/users/taylor/Filtered-Mail/risks.12") applied 3 times (1%) .ti .5i Rule #6: (save in "/users/taylor/Filtered-Mail/rays.12") applied 28 times (7%) .ft 1 .ti 0 versus: .ti .5i % \f3filter -S\f1 .ti .5i \f2the output as listed above, followed by:\f1 .ft CW .ti .5i Explicit log of each action; .ti .5i Mail from taylor about Filter Summary PUT in mailbox: the default action .ti .5i Mail from news@hplabsz.hpl.hp.com about Newsgroup comp.editors created PUT in mailbox: the default action .ti .5i Mail from root about Log file: cleanuplog PUT in mailbox: the default action .ft 1 .ti .5i [etc etc] .in 0 .ft 1 To actually use either of the summarizing options, there are two ways that are recommended; The preferred way is to have a line in either your \f2crontab\f1 (ask your administrator for help with this) that invokes the \f2filter\f1 program as often as you desire with the \f3-s\f1 flag. For example, I have a summary mailed to me every morning at 8:00 am: .ft CW 0 8 * * * "/usr/local/bin/filter -s | elm -s 'Filter Summary' taylor" .ft 1 An alternative is to have your \f2.login\f1 execute the command each time. .sp 2 Note that if you want to have your log files cleared out each time the summary is generated you'll need to use the '-c' flag too. Also, if you want to keep a long list of actions performed you can do this by saving it as you display it. A way to do this would be, if you were to have the invocation in your \f2.login\f1 script, to use: .in .5i .ft CW echo "Filter Log;" filter -c -s | tee -a PERM.filter.log\f1 .ft 1 .in 0 which would append a copy of all the output to the file `PERM.filter.log' and would avoid you having to read larger and larger summaries of what the program had done. .ne 5 .hu Further Testing of the Ruleset With the \f2readmsg\f1 command available, it is quite easy to test the rules you've written to see if they'll do what you desire. For example, we can use the \f3-n\f1 flag to \f2filter\f1, which means `don't actually do this, just tell me what rule you matched, if any, and what action you would have performed' (you can see why a single letter flag is easier to type in!!), and feed it each message in our mailbox by using a command like; .in .5i % \f3set message=1\f1 % \f3set total_messages=`messages`\f1 % \f3while (1)\f1 > \f3if ($message > $total_messages) exit\f1 > \f3echo processing message $message\f1 > \f3readmsg -h $message | filter -n\f1 > \f3echo " "\f1 > \f3@ messages++\f1 > \f3end\f1 .in 0 which will then hand each of the messages in your mailbox to the \f2filter\f1 program and display what action would have been taken with that message and For example, if we do this for a few interesting messages in my mailbox, we'd end up with output like: .ft CW .in .5i Mail from taylor about filter test .ti +\w'Mail 'u FORWARDED to hpldat!taylor by rule; .ti +\w'Mail 'u subject="filter test" ? forward "hpldat!test" Mail from bradley%hplkab@hplabsc about Re: AI-ED mailing address for HP .ti +\w'Mail 'u PUT in mailbox: the default action Mail from taylor about display-to-console .ti +\w'Mail 'u EXECUTED "cat - > /dev/console" .ft 1 .in 0 (sharp users will notice that this is exactly the same format as the longer summary listing) .ne 5 .hu What Forwarded Messages Look Like When a message is forwarded to another user by the \f2action\f1 being specified as ``forward \f2address\f1'', then the program can generate one of two styles of message. If the message is to you, then it'll simply add it to your mailbox in such a way as to ensure that the return address is that of the person who sent the message and so on. If not, then the message is enclosed in a message of the form: .in \w'If 'u .ft CW From taylor Thu Oct 2 15:07:04 1986 Date: Thu, 2 Oct 86 15:06:58 pdt Subject: "filter test" From: The filter of taylor@hpldat To: hpldat!taylor X-Filtered-By: filter, version 1.4 -- Begin filtered message -- .in +\w'-- 'u From taylor Thu Oct 2 15:06:41 1986 Date: Thu, 2 Oct 86 15:06:33 pdt From: Dave Taylor Subject: filter test Just a simple test. .in -\w'-- 'u -- End of filtered message -- .ft 1 .in 0 The subject of the actual message is the same as the subject of the message being forwarded, but in quotes. The `From:' field indicates how the message was sent, and the `X-Filtered-By:' identifies what version of filter is being used. .ne 5 .hu Areas to Improve While the \f2filter\f1 program as presented herein is obviously a nice addition to the set of tools available for dealing with electronic mail, there are some key features that are missing and will be added in the future based on demand. As I see it, the main things missing are; .in .5i .ti -\n(TWu 1. The ability to use regular expressions in the patterns. This would be a \f2very\f1 nice feature! .ti -\n(TWu 2. Perhaps more \f2actions\f1 available (but what?) .ti -\n(TWu 3. Certainly the ability to filter based on any field or combination of fields. .in 0 .ne 5 .hu Warnings and Things to Look Out For Since this is a pretty simple program, there are a few pitfalls, some of which have already been mentioned; \f3Order\f1 counts in the rules. Beware! \f3Matching\f1 is pretty simple \(em make sure your patterns are sufficiently exclusive before having any destructive rules. .sp 2 Finally, as with the rest of the \f3Elm\f1 mail system, I welcome feedback and suggestion on how to improve this program!!