I have a similar rule that so far seems aggressive enough to catch
variations in headers which describe attachments. For instance, I've seen
just "name=" instead of "filename=", so I've made the "file" part
optional. I never expect any of the following extensions at my address:
:0
* [ ]*(Content|(file)?name=).*\.(scr|exe|p(if|as)|v(bs|xd)|ba[kt]|\
wab|cp(p|l)|asp|xls|mpe?g|reg|ini|d(iz|ll)|sys)
{ do stuff }
I think this may be a little too aggressive - It looks like amazon, ebay &
classmates.com all like to send multipart messages with html embedded in
them.
A line like:
<td><FORM target="_blank" name=search_ui
action="http://www.classmates.com/go/e/365018
matches the /name.*\.com/ in the regex above
I'm thinking it's a good idea to include the (file) - are there any cases
where making it optional has been beneficial?
--
--))> >--))>
Mark T. Valites
Unix Systems Analyst
1 College Circle - 124b1 South Hall
SUNY Geneseo
Geneseo, NY 14454
585-245-5577
585-259-3471 (Cell)
585-245-5579 (Fax)
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail