Virii quarantine scirpt, opinions please


Opinions, please, on the following procmail recipe to quarantine
potential virii from being pop-3'ed into a Win system:

:0
* ^content-type:.*(multipart/mixed|application/octet-stream)
{
  :0 HB
  * ^content-(?:type|disposition): 
(?:.|\n\s)*(?:file)?name=("?)[^"]+\.(?:vbs|wsf|vbe|wsh|hta|shs|scr|pif|com|exe|doc|html|chm|hlp|jse|js$^begin
 \d+ \S+\.(?:vbs|wsf|vbe|wsh|hta|shs|scr|pif|com|exe|doc|html|chm|hlp|jse|js)$
  * ^content-(?:type|disposition): (?:.|\n\s)*(?:file)?name=("?)winmail.dat\1
  * ^begin \d+ winmail.dat
  {
      quarantine code ...
  }
}

        Thanks,

        John
        
-- 

John Conover        Tel. 408.370.2688  conover(_at_)rahul(_dot_)net
631 Lamont Ct.      Cel. 408.772.7733  http://www.johncon.com/
Campbell, CA 95008  Fax. 408.379.9602  

_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

Previous by Date:	Re: List sorting, D E Hammond
Next by Date:	spawning an external app, Justin Shore
Previous by Thread:	List sorting, Glen Solsberry
Next by Thread:	spawning an external app, Justin Shore
Indexes:	[Date] [Thread] [Top] [All Lists]