I do the next rulset and it seems to work
:0
* ^Content-Type: multipart.*
{
:0 B
* .*(file)?name=".*.pif".*
/dev/null
}
What do you think?
Luis Daniel Lucio Quiroz wrote:
Because there are many attachments that are dangerous, I 'm planing to
block all email-worms that has a .PIF attachment
I was thinking on a rulset like this:
:0
* ^Content-Type: multipart/alternative;
* .*\.pif
/dev/null
My doubts. "." characters means any character so if I realy
whant the dot character, may I escape it?
When any mail has attachemts, it must contain Content-Type:
multipart/alternative; string, or not? Later, any finalme *.pif
should be blocked.
I'll apreciate any contributions.
LD.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail