Does someone has a "magic solution" to avoid the happy.exe trojan virus
being propagated via mailing list???
Depends on your MLM, MTA, and OS. Gosh, so many acronyms.
Here's what I do for my majordomo and mailman mailing lists;
presumably you can wrap your wrapper alias as well (example
below from mailman for sendmail):
listname :"|/usr/bin/procmail -m LIST='listname' EXTRA=''
MLM='mailman' /etc/mail/procmailrc.lists"
listname-admin :"|/home/staff/mailman/mail/wrapper mailowner listname"
listname-request :"|/home/staff/mailman/mail/wrapper mailcmd listname"
owner-listname :listname-admin
listname-owner :listname-admin
/etc/mail/procmailrc.lists looks like this:
PATH=/usr/bin:/usr/local/bin:/bin
HOME=/etc/mail
SHELL=/bin/sh
# if EXTRA isn't set to an archiver or something, set to devnull
# so that we have another address to hide the -outgoing address
# in the Received: headers -- another ugly majordomo-required
# hack
:0
* ! MLM ?? mailman
* EXTRA ?? ^^^^
{ EXTRA="devnull" }
# check against message-id database to make sure that this isn't
# a duplicate post
:0 Wh: $HOME/list-cache/${LIST}.lock
| formail -D 8192 $HOME/list-cache/${LIST}.cache
# check for happy.exe
:0:
* ^X-Spanska:
{
FILE="HAPPY.EXE.txt"
FROM="postmaster"
INCLUDERC=/etc/mail/autoresponder/procmailrc.autoreply
}
# mail people to let them know that I don't like attachments
# on the list
:0
* ^(Content-Type: multipart/mixed;|X-MS-Attachment: WINMAIL.DAT)
{
FILE="mimereply.txt"
FROM="owner-$LIST"
INCLUDERC=/etc/mail/autoresponder/procmailrc.autoreply
}
:0
* MLM ?? mailman
| /home/staff/mailman/mail/wrapper post $LIST,$EXTRA
:0
* MLM ?? majordomo
| /var/majordomo/wrapper resend -l $LIST $LIST-sekrit,$EXTRA
# hmmm, couldn't find the MLM
:0
! sysadmin
And of course, here's /etc/mail/autoresponder/procmailrc.autoreply:
HOME=/etc/mail/autoresponder
:0 h
* !^FROM_DAEMON
* !^From: (Majordomo|root)
* !^X-Loop: $FROM(_at_)mallorn(_dot_)com
| (formail -r -A"Precedence: junk" \
-A"X-Loop: $FROM(_at_)mallorn(_dot_)com" \
-A"From: $FROM(_at_)mallorn(_dot_)com" ;\
cat $HOME/$FILE) | $SENDMAIL -t -f $FROM
You'll need to create your /etc/mail/autoresponder/$FILE replies,
too...
Hope this makes sense -- a little more than you were asking for, but
maybe it'll help.
Chris