Here's my latest candidate. Comments/corrections please. BTW,
I don't have a clue about sed. I don't want to post a filter
on my webpage that I can't answer questions on. I have a couple
of questions before I post this recipe on my webpage.
1) can I put multiple "-A" headers into one "formail"
command.
2) the second part of my recipe checks for
Content-Disposition: headers that aren't terminated by an
unescaped quote
- I assume [^"] means not-a-quote
- I assume \\\" will match \"
Is my syntax correct?
#========================begin========================
MIME_EXPLOIT=0
:0BH
* ^Content-Disposition:.*filename=\
.................................................................."
{
:0f
| formail -A "X-Reject: File attachment name greater than 63
characters" -A "X-Suspicious-Line: $MATCH"
MIME_EXPLOIT=1
}
:0BH
* ^Content-Disposition:.*filename=.*([^"]|\\\")$
{
:0f
| formail -A "X-Reject: Content-Disposition: header not
terminated with an unescped quote" -A "X-Suspicious-Line: $MATCH"
:0
*$ $MIME_EXPLOIT^0
* 1^0
{ MIME_EXPLOIT=$= }
}
:0
*$ $MIME_EXPLOIT^0
junkmail
#=========================end=========================
--
Walter Dnes <waltdnes(_at_)interlog(_dot_)com> procmail spamfilter
http://www.interlog.com/~waltdnes/spamdunk/spamdunk.htm
Why a fiscal conservative opposes Toronto 2008 OWE-lympics
http://www.interlog.com/~waltdnes/owe-lympics/owe-lympics.htm