* Eric Krichbaum <sysadmin(_at_)mountain(_dot_)net> [010727 10:16]:
[...] *snip*
Any suggestions as to a fix for the bounce portion and/or any tweaks to
this to make it better?
filter snippet:
# W32(_dot_)SirCam(_at_)MM
#
:0 BH
* ! ^X-BeenThere: procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
* 1^0 ^Content-Type:.*(multipart|attachment)
* 1^0 B ?? Hi\! How are you(\?|=3F)
* 1^0 B ?? I send you this file in order to have your advice
* 1^0 B ?? See you later(\.|=2E) Thanks
* 1^0 B ?? Hola como estas *\?
* 1^0 B ?? Te mando este archivo para que me des tu punto de vista
* 1^0 B ?? Nos vemos pronto, gracias\.
* 1^0 B ?? I hope you like the file that I send( t)?o you
* 1^0 B ?? This is the file with the information that you ask for
* -3^0
{
SIRCAM=yes
}
Why use "B ?? regex" when you specify the BH flags? You can just do
this:
:0 BH
* ! ^X-BeenThere: procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
* 1^0 ^Content-Type:.*(multipart|attachment)
* 1^0 Hi\! How are you(\?|=3F)
* 1^0 I send you this file in order to have your advice
* 1^0 See you later(\.|=2E) Thanks
* 1^0 Hola como estas *\?
* 1^0 Te mando este archivo para que me des tu punto de vista
* 1^0 Nos vemos pronto, gracias\.
* 1^0 I hope you like the file that I send( t)?o you
* 1^0 This is the file with the information that you ask for
* -3^0
{ SIRCAM=yes }
:0
* SIRCAM ?? yes
{
oldVERBOSE=$VERBOSE
VERBOSE=on
oldLOGFILE=$LOGFILE
LOGFILE=/var/spool/mqueue/sircam.log
:0 f
| (${FORMAIL} -r -I "Subject: \"SirCam\" Worm Warning"; \
echo "Your machine is sending out the virus \"SirCam\" Email Worm. "; \
echo "As a result, it sent out a document chosen at random from your
machine"; \
echo "titled \"$SUBJECT\" that contained the virus. "; \
echo; \
echo "Please Visit
http://www.symantec.com/avcenter/venc/data/w32(_dot_)sircam(_dot_)worm(_at_)mm(_dot_)html
"; \
echo "Information regarding removal can be found here."; \
echo; \
echo "More information can be found at: "; \
echo "http://www.wired.com/news/technology/0,1282,45427,00.html and "; \
echo
"http://www.zdnet.com/zdnn/stories/news/0,4586,2792260,00.html?chkpt=zdnnp1tp02
"; \
) | /usr/lib/sendmail -t
When sending an autoreply, you probably don't want to specify it as a
filter with the 'f' flag. And I would put all the the
content that you are echoing in a separate file. It makes it more
manageable IMHO:
:0
* SIRCAM ?? yes
{
oldVERBOSE=$VERBOSE
VERBOSE=on
oldLOGFILE=$LOGFILE
LOGFILE=/var/spool/mqueue/sircam.log
:0h
| ($FORMAIL -rI "Subject: \"SirCam\" Worm Warning"; \
cat $HOME/.replyfile \
) | /usr/lib/sendmail -oi -t
}
I think all you want to give to formail is the headers. But I may be
wrong on this point.
--
- Matt Dunford <> zoot(_at_)zotikos(_dot_)com ..
-. www.zotikos.com -- o,;-
Thy present opinion founded on understanding, and thy present conduct
directed to social good, and thy present disposition of contentment
with everything which happens- that is enough.
-- Marcus Aurelius, the Mediations, book 9
--
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail