At 12:19 2001-11-30 -0600, Sam Morris wrote:
Is there a way using procmail that I can send mail with a specific
attachment name to /dev/null?
Yes. Several even.
For example, there is a new virus that comes with the attachment named
either quake4demo.exe, honey.exe, or setup.exe. If I want to send
anything coming into my mail server to /dev/null or some other place, is
there a recipe that will do that?
Yes. I don't have it though - I loaned it to someone else on this list,
and after their server crashed, we never did hear back from them. I fear
my recipe is lost. It seemed like such a good idea to save the messages to
/dev/sda instead of /dev/null...
On a more serious note, if you ask everyone here to write your recipe for
you, when something goes abysmally wrong, who's going to take the
blame? Who's going to get the pager message telling them to come in and
fix it at 2 AM? How effective will they be at fixing things when they
_don't_understand_ how procmail works?
The manpages, FAQs, and list archives are the first resources people should
look to when presented with a procmail query. A good starting point is to
look for rulesets which do something very similar - say bounce or discard
*ALL* attachments, or just attachments of a certain kind. Those are really
easy to modify to do something to a specific filename.
It took 12.5 ms to locate the following rather pertinent links:
<http://pm-doc.sourceforge.net/pm-tips-body.html#152>
<http://pm-doc.sourceforge.net/pm-tips-body.html#157>
<http://pm-doc.sourceforge.net/pm-tips-body.html#14>
(specifically, "2.5.15 Mime modules")
As much as it might oppose your ingrown sensibilities, you really should
take a few moments and read these resources.
If you're above that, then by all means, try using the following recipe
which _might_ do what you want, but then, I haven't _seen_ this virus, and
don't want to, so you'd be well advised to verify this before dropping it
into live action.
(If you massaged the code from the above links, you'd have a much better
overall recipe for killing these attachments and ensuring that they ARE
attachments versus messages which say, discuss the virus.)
:0
* ^Content-Type: multipart/
* B ?? ^[ ]*(file|)name=("|)(quake4demo|honey|setup)\.exe("|)\>
/dev/null
See my disclaimer.
Have yourself a nice day, and try to avoid calling any more of the people
in this forum twits. We have procmail and aren't afraid to use it.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail