Procmail and formail
I am using the following script to filter dangerous email attachments. However when i send an internal email with an exe attached it is not picked up (i.e. not flagged up in the subject of the message when within mutt). I believe the problem lies with formail but am not sure. I use mutt to read my mail. Please help. Thanks in advance
aBl_tR3kr
:0
* ^Content-Type: multipart/
{
# Look for attachments with .something.{com,exe,pif,bat,scr} extensions
:0B
* Content-Type: .*/.*;(.*$)?([ ].*$)*[ ]*name[ ]*=.*\/\..*\.(com|exe|pif|bat|scr)
{
DOUBLE_EXT=${MATCH}
:0
* DOUBLE_EXT ?? ^\/[^"]+
{ DOUBLE_EXT=${MATCH} }
:0fh
| formail -A "X-Reject: (100) Likely virus - $DOUBLE_EXT extension on attachment"
}
# Look for attachments with .{com,exe,pif,bat,scr} extensions
:0
* DUMP_EXEC_ATTACHMENTS ?? 1
{
:0B
* ^Content-Type: .*/.*;(.*$)?([ ].*$)*[ ]*name[ ]*=.*\/\.(com|exe|pif|bat|scr)
{
EXT=${MATCH}
:0
* EXT ?? ^\/[^"]+
{ EXT=${MATCH} }
:0fh
| formail -A "X-Reject: (100) Likely virus - executable $EXT attachment"
}
}
}
|