On Thu, 20 Jul 2000, Kip Turk wrote:
I've got the following recipe to block the KAK virus and it works
great. But I'd like to modify it to grab the sender and mail the support
staff so they can help the user clean their system. I'm barely
That is a good idea.
:0:
* B ?? (kak\.hta|alert.*Kagou-Anti-Kro$oft says not today)
/tmp/virus
Let me try:
------------------------------------------------
$tmpmail = /where/you/save/the/mail/tempmail
:0
* B ?? (kak\.hta|alert.*Kagou-Anti-Kro$oft says not today)
{
:0 c # save a temp copy of the mail
| /usr/bin/cat > $tempmail
:0 c # call a perl program to do the mailing
| /path/suespam.pl
:0 # pile the mail somewhere in case ...
SPAM-LIKE_JUNK
}
I scratched a perl program in the last few minutes to do the mailing
but never test it. I am sure there might be simpler ways in shell to
do the same but I am not quite sure how to grap the domain varible
and make a new user address using shell.
Zhiliang
---------------------------------------
#!/usr/local/bin/perl -w
# Name: suespam.pl
# What: perl program for sending spam-like mail to host admin
# !!! * scratched in last 3 minutes - Never tested * !!!
$tempmail = "/where/you/saved/the/mail/tempmail";
$sysdate = `/usr/bin/date`;
while (<>) {
if ($_ =~ /^From:/) {
$from =~ s/\s([a-zA-Z0-9_(_dot_)-]+(_at_)[a-zA-Z0-9_(_dot_)-]+)\s/;
@email = split (/@/, $from);
$domain = @email[2];
$admin = "root\(_at_)$domain";
open(MAIL, |/usr/bin/sendmail $admin);
print MAIL "From: you\(_at_)your(_dot_)address";
print MAIL "To: $admin";";
print MAIL "Date: $sysdate\n\n";
print MAIL "Dear system admin:\n\n";
print MAIL "I am forwarding you a spam-like mail from your ...\n";
print MAIL "that might contain a KAK virus ... bla bla ...\n";
print MAIL "----------\n";
open(CONTENT, "<$tempmail");
@CONTENT = <CONTENT>;
close(CONTENT);
print MAIL "@CONTENT\n";
close(MAIL);
}
}
# END
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail