> # This addition filters viruses
> :0 fhw
> * B ?? ^Content-type: (audio|application)
* B ?? ^Content-type:[ ](audio|application)
"[ ]" contain a literal space and tab.
> * B ?? name=.*\.(com|exe|bat|scr|pif|hta|shs|vb[es]|ws[fh])\>
> * Subject: *\/.+
Why are you pulling a match? You're not using it...
Ok, got a question for you on this. You do bring up a very good
point on this one and I wanted to bug you about this cause I've seen two
missed items get through my filters as of late and I wanted to see if I
could tweek that filter I have listed above a bit more. What I saw
recently that got through my virus filter was two files, both ending in pif
but both also had a space after the end of the extention, so they looked
something like this: "file.pif " That caused them to be missed for some
unknown reason. I'm guessing it's because the filter didn't know to look
for it. How would I edit this filter rule above to make it as effective as
possible about grabbing any emails that pass muster on the spam filtering
side but also carry this undesired extensions with them.
Basically the way my system works is it first finds any emails
that are spam and gets rid of those first, the second section (again, the
piece at the top) then looks at the email for attachments and if it finds
any it looks to see if any have an illegal extension on them (like exe,
pif, scr, etc) and filters them out as well. Any email that passes those
two tests is then forwarded on to my main mailbox. Please, if you build
the rule for me, please use exact syntax as I'm still very new to working
with procmail recipes and needed a lot of help to get my original recipe
going. Thanks.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail