procmail
[Top] [All Lists]

Re: help with mail attachment

2001-09-21 05:06:02
On Sun, 21 Oct 2001, suzana wrote:

Hi,

can somebody help me with a recipe that can block out every attachment
(.exe,.pdf,dll) except .doc (since my users might need that)...or maybe
somebody can point me to the right direction? Just a simple recipe that
would block all of the attachments except a selected few. The email
virus attacks have been vicious and I'm new in this.Any hints or
documentations or examples are really welcomed. Thanks!

I'd suggest using mime-sanitizer to leave the attachments in the e-mail,
but only to rename them. This is much better system-wide solution I think,
because it leaves the attachments in the e-mail, only renames them in such
a way, that user has to extract the file, save it, rename it and double
click on it. If it was a virus, it's his fault. ;-)

Look for it at http://www.procmail.org/jari/
actually http://www.procmail.org/jari/pm-code.zip
and exctratct it into /etc/procmail/ directory

create /etc/procmailrc as:
# lines beginning with # are comments
DROPPRIVS=YES
VERBOSE=off
LOGABSTRACT=all
#LOGFILE=$HOME/procmail.log # see note below
#LOGFILE=/var/log/procmail.log
##LOGFILE=/scratch/procmail/$LOGNAME.log
LOGFILE=/scratch/procmail/log/$LOGNAME.log
PATH="/etc/procmail:/usr/bin:/usr/local/bin:/usr/sbin:$PATH"
SHELL=/bin/sh
PMSRC=/etc/procmail
SECURITY_NOTIFY="postmaster, root"
##SECURITY_NOTIFY_VERBOSE="postmaster"
##SECURITY_QUARANTINE=/var/spool/mail/quarantine
SECURITY_QUARANTINE=/scratch/procmail/quarantine
SECURITY_NOTIFY_SENDER=YES
SECURITY_STRIP_MSTNEF=YES
#Possibly infected by viruses
##POISONED_EXECUTABLES=/etc/procmail/poison.list
##MANGLE_EXTENSIONS="exe|com|cmd|bat|pif|sc[rt]|lnk|dll|ocx|vb[se]?|hta|p[lm]|sh[bs]|hlp|chm|eml|ws[cfh]|ad[ep]|jse?|ms[ip]|reg|asd|cil|asx|wm[szd]"
MANGLE_EXTENSIONS="html?|exe|com|cmd|bat|pif|sc[rt]|lnk|dll|ocx|vb[se]?|hta|p[lm]|sh[bs]|hlp|chm|eml|ws[cfh]|ad[ep]|jse?|ms[ip]|reg|asd|cil|asx|wm[szd]"
POISONED_EXECUTABLES=/etc/procmail/poisoned-files
POISONED_SCORE=25
##SCORE_ONLY=YES
SCORE_HISTORY=/scratch/procmail/macro-scanner-scores
#Replace `mail' with your mail directory (Pine uses mail, Elm uses Mail)
#MAILDIR=$HOME/mail
MAILDIR=$HOME
#Directory for storing procmail log and rc files
PMDIR=$HOME/.procmail
INCLUDERC=/etc/procmail/html-trap.procmail


These are our system-wide settings, which get applied to all incoming
e-mail.

-- 
Martin Mokrejs - PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs
MIPS / Institute for Bioinformatics <http://mips.gsf.de>
GSF - National Research Center for Environment and Health
Ingolstaedter Landstrasse 1, D-85764 Neuherberg, Germany


_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>