LuKreme wrote:
[...]
Looking over your readme it appears that executables (.exes) that are
zipped are quarantined. If this is correct it's going to make the
recipe painful for a lot of people. For example, the majority of
.zips I get are .exe files. Other things tend to come in as .rar .tgz
or .tar (or, more rarely, .tbz).
Let's not overlook .doc, .xls etc.! And .com < 10KB.
I have no problem with zipped exe files. if someone is stupid enough
to open an unknown zip file and then run the unknown file inside it...
well, they deserve what they get. there are no tools to deal with
that level of wilful stupidity.
True enough, though I'm hesitant to call anything "anti-virus" that
doesn't disinfect, quarantine or delete these. There are situations
where executables are sent via attachments (never mind the wisdom of
doing so). I would certainly like to know that they've been scanned by a
robust AV tool before implying that they're OK simply because they're
not attachments! Extract-and-scan seems prudent.
One other note, your package includes a /etc/procmailrc. In my
opinion this is bad form. You should have a /etc/softlabs.rc and have
instructions to INCLUDERC this file in the /etc/procmailrc. Just my
opinion.
Or at least DROPPRIVS if it simply MUST be /etc/procmailrc.
It looks like a decent approach to attachment removal based on name and
size.
My 2 cents worth.
- Bob
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail