##### lm_vendorsecupd.rc
#
# Resource file for procmail.
# Filters list messages from the Bugtraq list.
#
# Variables, in (set before calling):
#   LISTFOLDERVENDOR	where to store email if it's from a known
#			  vendor; defaults to $LISTFOLDER-vendor if $LISTFOLDER
#			  is set
#   LISTFOLDER		where to store email if it's not from a known vendor and
#			  LISTFOLDER is set
#			  nothing will be stored if both LISTFOLDERVENDOR and
#			  LISTFOLDER are empty
# Variables, returned:
#   ISTHISLISTVENDOR__	set to "1" if email is from a known vendor, unset
#			  otherwise
#
# Run with e.g.:
#   PROCDIR=$HOME/Mail/etc/procmail
#   LISTFOLDER=Bugtraq-List
#   LISTFOLDERVENDOR=Bugtraq_vendor-List
#   INCLUDERC=yourpath/lm_vendorsecupd.rc
# in your $HOME/.procmailrc.
#
# The latest version is always available from:
# http://volker.dnsalias.net/soft/procmail/
#
# Copyright (C) by Volker Kuhlmann <VolkerKuhlmann@GMX.de>
# Released under the terms of the GNU General Public License (GPL) Version 2.
# See http://www.gnu.org/ for details.
#
# Volker Kuhlmann
#   28, 30 Apr; 29 Jun; 29 Aug; 9 Sep; 20, 22 Oct; 21 Nov; 17 Dec 2002
#   14, 18 Mar; 5, 10 Apr; 5 Jun; 24 Jul; 2, 5, 10, 15, 16, 27 Aug; 19 Sep 2003
#   3 Oct; 29 Nov 2003
#   13 Jan; 3 Feb; 10 Apr; 25 Jun; 26 Jul; 4 Aug; 2, 25 Nov 2004
#   27 Jan; 17 Apr; 12 Oct 2005
#   22 Apr 2007
#

ISTHISLISTVENDOR__=

## Check if it's from one of these vendors
:0	# Caldera
* ^From: .*caldera(|systems).com
* ^Subject: .*(Caldera Systems Security Advisory|Security Update|.*CS..-20)
{ ISTHISLISTVENDOR__=1 }
:0	# CERT
* ^From:.*advisory@cert.org
* ^Subject:.*CERT.*(CA-|TA)
{ ISTHISLISTVENDOR__=1 }
:0	# Cisco
* ^From: Cisco Systems.*@cisco.com
* ^Subject: .*Cisco Security (Notice|Advisory)
{ ISTHISLISTVENDOR__=1 }
:0	# Conectiva
* ^From:.*secure@conectiva.com.br
* ^Subject:.*Conectiva(| Linux) Security Announcement
{ ISTHISLISTVENDOR__=1 }
:0	# Core SDI
* ^From: .*@core-sdi.com
* ^Subject: .*\[CORE SDI ADVISORY]
{ ISTHISLISTVENDOR__=1 }
:0	# Covert
* ^From: .*@nai.com
* ^Subject: .*\[COVERT-20
{ ISTHISLISTVENDOR__=1 }
:0	# Debian
* ^(From|X-To|Resent-from): .*@[a-z0-9]+.debian.org
* ^Subject: .*(\[SECURITY] |)\[DSA
{ ISTHISLISTVENDOR__=1 }
:0	# EnGarde Secure Linux
* ^From: EnGarde Secure Linux <security@guardiandigital.com>
* ^Subject: .*\[ESA-200
{ ISTHISLISTVENDOR__=1 }
:0	# Fedora
* ^Subject:.*\[FL
* 1^0 TO_.*fedora
* 1^0 B ?? Fedora Legacy
{ ISTHISLISTVENDOR__=1 }
:0	# Foresight Linux
* ^From:.*foresight[^@ ]*@foresightlinux.org
* B ?? Foresight Linux
{ ISTHISLISTVENDOR__=1 }
:0	# FreeBSD
* ^From:.*security.*@freebsd.org
* ^Subject:.*FreeBSD
{ ISTHISLISTVENDOR__=1 }
:0	# Gentoo
* ^From:.*@gentoo.org
* ^Subject:.*GL
{ ISTHISLISTVENDOR__=1 }
:0	# HP
* ^From:.*@hp.com
* ^Subject:.*security bulletin
{ ISTHISLISTVENDOR__=1 }
:0	# Immunix
* ^From:.*security@(immunix|wirex).com
* ^Subject: .*Immunix
{ ISTHISLISTVENDOR__=1 }
:0	# Mandrake / Mandriva
* HB ?? ^From: .*security@(mandriva|linux-mandrake).com
* HB ?? (Mandrake Linux .*Advisory|MDKSA-20)
# Neither "* B 1^0 .." not "* 1^0 B .." works; split into multiple recipes
# or run all on header and body
{ ISTHISLISTVENDOR__=1 }
:0	# Microsoft
* ^Subject: Microsoft Security Bulletin
{ ISTHISLISTVENDOR__=1 }
:0	# NetBSD
* ^From: .*@netbsd.org
* ^Subject: .*NetBSD
{ ISTHISLISTVENDOR__=1 }
:0	# Netwosix
* ^From:.*@netwosix.org
{ ISTHISLISTVENDOR__=1 }
:0	# OpenPKG
* ^From: .*@openpkg.org
* ^Subject: .*OpenPKG.*(security|advisory)
{ ISTHISLISTVENDOR__=1 }
:0	# Progeny
* ^From: .*security@progeny.com
* ^Subject: .*PROGENY-SA
{ ISTHISLISTVENDOR__=1 }
:0	# Red Hat
* ^Subject: .*\[RHSA-
{ ISTHISLISTVENDOR__=1 }
:0
* ^From: (.*bugzilla|redhat-watch.*)@redhat.com
{ ISTHISLISTVENDOR__=1 }
# This test also catches emails which quote from the RH advisory
#:0 B
#* Red Hat.*Security Advisory
#{ ISTHISLISTVENDOR__=1 }
:0	# SCO
* ^From:.*@sco.com
{
  :0
  * ^Subject:.*\[.*CSSA-
  { ISTHISLISTVENDOR__=1 }
  :0 B
  * advisory.*CSSA-
  { ISTHISLISTVENDOR__=1 }
  :0
  * ^From: please_reply_to_security@sco.com
  { ISTHISLISTVENDOR__=1 }
}
:0	# SGI
* ^From: .*@sgi.com
{ ISTHISLISTVENDOR__=1 }
:0	# Slackware
* ^From: .*security@slackware.com
* ^Subject: .*\[slackware-security]
{ ISTHISLISTVENDOR__=1 }
:0	# Smoothwall
* ^From:.*@smoothwall.org
* ^Subject:.*SmoothWall
{ ISTHISLISTVENDOR__=1 }
:0	# SuSE
* ^From: .*@suse.de
* ^Subject: .*SuSE Security
{ ISTHISLISTVENDOR__=1 }
:0	# Tawie
* ^From:.*@tawie.org
* B ?? Tawie
{ ISTHISLISTVENDOR__=1 }
:0	# Tinysofa
* ^From:.*@tinysofa.org
{ ISTHISLISTVENDOR__=1 }
:0	# Trustix
* ^From: .*tsl@TRUSTIX.(COM|org)
* ^Subject: .*(TSL|Trustix Security Advisory)
{ ISTHISLISTVENDOR__=1 }
:0	# Turbo Linux
* ^From: .*security.*@(.*\.|)turbolinux.(com|co.jp)
* ^Subject: .*(TSL-20|TLSA20|\[TL-Security-Announce|TURBOLINUX)
{ ISTHISLISTVENDOR__=1 }
:0	# Ubuntu Linux
* 1^0 ^From:.*ubuntu\.com
* 1^0 ^TO_ubuntu-security.*ubuntu\.com
{ ISTHISLISTVENDOR__=1 }

## Is email from a known vendor? If yes, save to $LISTFOLDERVENDOR if that is
# set, otherwise to $LISTFOLDER-vendor if LISTFOLDER is set, if neither are set
# don't save.
:0
* ISTHISLISTVENDOR__ ?? ^^1^^
{
  ## LISTFOLDERVENDOR defaults to $LISTFOLDER-vendor, if $LISTFOLDER is set
  :0
  * LISTFOLDERVENDOR ?? ^^^^
  * ! LISTFOLDER ?? ^^^^
  { LISTFOLDERVENDOR=$LISTFOLDER-vendor }

  :0:
  * ! LISTFOLDERVENDOR ?? ^^^^
  $LISTFOLDERVENDOR
}

## Email is not from a known vendor, save if $LISTFOLDER is set
:0:
* ISTHISLISTVENDOR__ ?? ^^^^
* ! LISTFOLDER ?? ^^^^
$LISTFOLDER

##### EOF lm_vendorsecupd.rc