|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Stefan Siegel (siegel
informatik.uni-kl.de)Date: Mon Jan 14 2002 - 15:06:29 CST
Hi,
Es schrieb Denis:
> Why don't we make a really simple anti-virus program, which simply rejects
> all .doc, .exe, etc attachements? I for one would love to have such a
> possibility in postfix configuration. Something like:
>
> ***********************************************************************
> Do yo want to bounce all emails with dangerous attachements(*) back to
> sender? (Y/N)
>
> (*) .exe, .doc, (give a full list here) attachements are known as
> source of computer viruses, and therefore potentially dangerous. While
> many anti-virus programs exist, which scan such attachements, the
> simplest way to make sure no viruses go trought is to deny ALL
> attachements of these types. While very efficient, this solution may make
> some of your users really mad at you, so use with care.
> *************************************************************************
>
> WDYT?
I think it's a good Idea. find attached my ".forward" file and my
".procmailrc" I use to do exactly what you want to do (only on a user
level) for at least a year now ...
Maybe it is of interrest fore some of you ...
--
_
Tschüss und bis demnächst/à bientôt, _|_|_
(") *
Stefan /v\ /
»( )« Penguin Powered!
+----------------------------------------------------(m-m)------------------+
"|IFS=' '&&p=/usr/bin/procmail&&test -x $p&&exec $p -Yf-||exit -1"
PATH=/bin:/usr/bin:/usr/sbin:/usr/local/bin MAILDIR=/var/mail/siegel #you'd better make sure it exists #DEFAULT=$HOME/Mailbox LOGFILE=$HOME/.procmail/log #LOGFILE=/dev/null SHELL=/bin/bash TEMP=$HOME/tmp DOMAIN=informatik.uni-kl.de SENDMAIL=sendmail
# create a copy of the current mail: :0 c $HOME/tmp/procmail-backup
# store only the last 32 mails: :0 ic | cd $HOME/tmp/procmail-backup && rm -f dummy `ls -t msg.* | sed -e 1,32d`
# Don't ask me wy, but I got too many junk from this provider :-(
:0
* sexyfun.net
/dev/null
# Bounce Micro$oft files: :0 B * ^Content-Type:.application/(msword|msdownload|vnd.ms-[aptw].*) { TMPFILE=$TEMP/procmail.$$
MAILDIR=$HOME/.procmail/junk
:0 ac: $MAILDIR
:0 ac: $TMPFILE
:0 ah
| (formail -rA "X-Loop: postmaster$DOMAIN" \
-I "Precedence: junk" \
-I "From: postmaster$DOMAIN" \
-I "Subject: Returned Mail: Undeliverable" ; \
echo "------- Failure Reasons --------" ; \
echo "" ; \
echo "Users in the domain \"$DOMAIN\" have no interrest" ; \
echo "in recieving Micro\$oft junk. Use standard exchange formats" ; \
echo "or stop spamming this domain!" ; \
echo "" ; \
echo "------- Returned Message --------" ; \
head -51 $TMPFILE | tail -50 ; \
echo "-----CUT Returned Message -------") \
| $SENDMAIL -oi -t ; \
rm -f $TMPFILE
}
# # and there are more Micro$oft files to bounce: :0 B * name=.*\.(bat|com|exe|pif|scr) { TMPFILE=$TEMP/procmail.$$
MAILDIR=$HOME/.procmail/junk
:0 ac: $MAILDIR
:0 ac: $TMPFILE
:0 ah
| (formail -rA "X-Loop: postmaster$DOMAIN" \
-I "Precedence: junk" \
-I "From: postmaster$DOMAIN" \
-I "Subject: Returned Mail: Undeliverable" ; \
echo "------- Failure Reasons --------" ; \
echo "" ; \
echo "Users in the domain \"$DOMAIN\" have no interrest" ; \
echo "in recieving Micro\$oft junk. Use standard exchange formats" ; \
echo "or stop spamming this domain!" ; \
echo "" ; \
echo "------- Returned Message --------" ; \
head -51 $TMPFILE | tail -50 ; \
echo "-----CUT Returned Message -------") \
| $SENDMAIL -oi -t ; \
rm -f $TMPFILE
}
# 3rd try: Bounce M$ files as used in latest viruses: :0 B * ^Content-Type: (multipart/mixed|application/octet-stream) * name=".*\.(doc|pps|ppt|xls|pcx)\"$ { TMPFILE=$TEMP/procmail.$$
MAILDIR=$HOME/.procmail/junk
:0 ac: $MAILDIR
:0 ac: $TMPFILE
:0 ah
| (formail -rA "X-Loop: postmaster$DOMAIN" \
-I "Precedence: junk" \
-I "From: postmaster$DOMAIN" \
-I "Subject: Returned Mail: Undeliverable" ; \
echo "------- Failure Reasons --------" ; \
echo "" ; \
echo "Users in the domain \"$DOMAIN\" have no interrest" ; \
echo "in recieving Micro\$oft junk. Use standard exchange formats" ; \
echo "or stop spamming this domain!" ; \
echo "" ; \
echo "------- Returned Message --------" ; \
head -51 $TMPFILE | tail -50 ; \
echo "-----CUT Returned Message -------") \
| $SENDMAIL -oi -t ; \
rm -f $TMPFILE
}
# make german Lotus Notes RFC compliant: :0 fhw * ^Subject:.(a-z A-Z)*Antwort:.* | sed -e "s/ Antwort: / Re: /g"
# Make also outlook RFC compliant: :0 fhw * ^Subject:.(a-z A-Z)*AW:.* | sed -e "s/ AW: / Re: /g" # replace "X-Mailer" by "User-Agent": :0 fhw * ^X-Mailer:.* | sed -e "s/X-[Mm]ailer/User-Agent/g" # remove double replys (result of "s/AW/Re/"): :0 fhw * .Re:.Re:.* | sed -e "s/ Re: Re: / Re: /g"
# add the message ID to our cache to avoide dulpicates :0 Whc: msgid.lock | formail -D 8192 .procmail/msgid.cache
# move duplicates to a special duplicate folder # (to check if everytiong is OK): :0 a: .procmail/duplicates
For help, email discuss-helpmandrakesecure.net; to unsubscribe send a
message to discuss-unsubscribemandrakesecure.net. To visit MandrakeSecure,
go to http://www.mandrakesecure.net/.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]