Chris Wagner <ismgr(_at_)atchisonkansas(_dot_)net> wrote:
[...]
Thing is, I'm not procmail savvy, and I'm trying to read as
much as I can....
This list, plus many of the howto links, are a great resource.
I'm hoping to refine the script so that I'll get fewer of
those situations.
I think it's the 2nd regex that's catching you.
Do I need to escape the . before the file extension so that it
would make the rule more specific to the extension itself?
I'll defer to some of the resident experts on regex and mime details. Based on
my BRIEF inspection of a message with an attachment, I see attachments in the
body:
--- sample --- sample ---
------=_NextPart_000_00E6_01C3FF94.798F8F40
Content-Type: application/x-msdownload;
name="abc.exe"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="abc.exe"
--- sample --- sample ---
*chop chop chop* I just read Udi's response "Re: Multiple Matches on one Line
and the use of $" and I think it has the answers you need. The trick is that
the "name=" is only relevant IF it immediately follows the Content-Type: .
All that said, I AM NOT a big fan of anything that filters on a subset of
attachments based on name with an idea towards trapping spam or viruses
reliably. I'm concerned that if I don't trap ALL attachments, some that use
other names, or characteristics can easily slip by. I would hate to imply that
we have "anti-virus" or "anti-spam" in place with that potential liability. I
DO NOT consider simple filtering "anti-virus" in any way.
Not all .EXE attachments are viruses or worms (or spam)
Not all viruses or worms (or spam) are .EXE (or whatever else) files
IF attachments are allowed -- and that's a fundamental question that has to be
answered first -- I'm going to be much more comfortable subjecting all of them
to scanning with a full-featured AV scanner. The same applies to HTML mail and
the like. To a lesser degree, I feel the same way about spam.
OK, off soapbox. My 2 cents worth on the topic.
- Bob
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail