procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

notifications

2001-12-02 06:51:02
from [rdicaire] [Permanent Link] 
The following recipe rejects mail with virus vulnerable attachments, and
responds to the sender notifying same:


  VIRUSDUMP='/var/log/virus-email'
  GOTCHA=`formail -xTo:`

  :0
  *^Content-type: (multipart/mixed|application/octet-stream)
  {
    :0 HB
    *^Content-Disposition: attachment;
    *filename=".*\.(vbs|exe|bat|wsf|vbe|wsh|hta|scr|pif|com|js)"
    {
      :0 fhwc
      | (formail -r -I"Precedence: virus alert" ; \
          echo " On behalf of ${GOTCHA} This mail server does accept
mail with virus vulnerable at
tachments - Mail rejected.") | $SENDMAIL -t

      :0
      ${VIRUSDUMP}
    }
  }

# The regexp for matching whitespace in the embedded header field
# of a multipart message.  We have to handle wrapped lines.
ws = '[         ]*($[   ]+)*'

# The regexp for matching 'anything' inside an embedded header
# field of a multipart message.  That is, it matches anything
# except the newline (not followed by a whitespace character)
# that terminates the header field.
dotstar = '.*($[        ].*)*'
# A single double-quote.  For use in variable expanded regexps to
# avoid problems related to how procmail implements the variable
# expansion
dq = '"'

# Any condition that uses any of these variables in a its regexp
# must have the '$' special before the regexp to tell procmail to
# do variable expansion on the regexp.

# That matches if there exists a embedded Content-whatever header field
# whose value, ignoring legal whitespace, matches the regexp
#       .*name="filename"

ext = '\.(vbs|exe|bat|wsf|vbe|wsh|hta|scr|pif|com|js)'

{
   :0 HB
   * $
^Content-(Type|Disposition)*:${dotstar}name${ws}=${ws}${dq}.*${ext}${dq}
    {
      :0 fhwc
      | (formail -r -I"Precedence: virus alert" ; \
          echo " On behalf of ${GOTCHA} This mail server does not accept
mail with virus vulnerabl
e attachments - Mail rejected.") | $SENDMAIL -t

      :0
      ${VIRUSDUMP}
    }
  }


What I'd like it to further do is email the intended recipient,
notifying them
that an email was rejected, who sent it, and what the attachment was.

Any help anyone can offer would be appreciated, thanks.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Match X but not Y if is also there, Professional Software Engineering
Next by Date:  Re: [procmail] notifications, R P Herrold
Previous by Thread:  (resend) Procmail returning -1 (trace of procmail spawned from getmail, Errol Casey
Next by Thread:  Re: [procmail] notifications, R P Herrold
Indexes:  [Date] [Thread] [Top] [All Lists]