Subject: Re: Procmail example
From: Mike Tibor (tibor@lib.uaa.alaska.edu)
Date: Tue Mar 05 2002 - 14:28:32 AKST
On Mon, 4 Mar 2002, Mike Barsalou wrote:
>
> Could someone show me where I might find good procmail examples that
> would let me weed out attachments and messages where there is no TO:
> section or is empty?
There's a man page specifically for examples. Do a "man procmailex" to
check it out. The procmailrc man page has also been very helpful to me in
the past.
I don't think the man pages include any examples on manipulating messages
based on the existence of attachments though. Here's something I did as a
quick and dirty virus/trojan filter:
:0
* ^Content-type: (multipart/mixed|application/octet-stream)
{
:0 HB:
* ^Content-Disposition: attachment;
* filename=".*\.(exe|hta|pif|scr|shs|vbs|vbe|wsf|wsh)"
* !^TO.*postmaster\@lib.uaa.alaska.edu.*
* !^FROM_DAEMON
* !^X-Loop: Been-there-done-that
/home/tibor/mail/suspect
}
Because scanning message bodies is much more resource intensive vs.
simple header checks, relatively speaking, I nested the body checks so
that they're only done if Procmail sees the mime-attachment header.
Mike
-- Mike Tibor Univ. of Alaska Anchorage (907) 786-1001 voice Network Technician Consortium Library (907) 786-6050 fax tibor@lib.uaa.alaska.edu http://www.lib.uaa.alaska.edu/~tibor/ http://www.lib.uaa.alaska.edu/~tibor/pgpkey for PGP public key
This archive was generated by hypermail 2a23 : Tue Mar 05 2002 - 14:28:34 AKST