Earlier I wrote:

> I don't believe that procmail has the ability to determine the To:
> address and use it in recipes (though I'd like to be proven wrong, as I,
> too, have tried to implement what Luis suggests.)

OK, I did a little more digging in "man procmailrc" and realized you can
use a couple of neat procmail thingies to identify who the message is
addressed to.

Procmail allows you to include the string "\/" to cut text into two
regular expressions. Anything matching the expression on the right of
\/ is put into the environment variable MATCH. So, you can have a
recipe with the following:

* ^To:.\/.*

which puts the addressee into $MATCH.

Don't know how I missed this in the past, but the procmailrc man page is
rather extensive :)

So I think you can have procmail send the "sanitized" version of the
message to its actual recipient using a recipe of the form:

:0
* ^Content-Type.*multipart
{
   # Nimda
   :0 B
   * filename=readme\.exe
   {
      :0
      * To:.\/.*
      | mail -s 'VIRUS ALERT[Nimda]: Evil message attached' $MATCH
   }
}

Alternatively, you could send a standard message like "someone sent you
a message with a virus" to $MATCH with an action line like:

     | mail -s 'VIRUS ALERT' $MATCH < /root/warningmsg

with your alert message stored in /root/warningmsg. Of course, this
would only send the warning; the actual message would be discarded.

Peter

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]