:0
* > 150000
{ SWITCHRC } # go to user's .procmailrc, if existing,
# else deliver to $DEFAULT (?)
I am a bit bothered by the idea that an email can get to the
end user w/o having checks done on it. Granted, most of the
viral/spam email are small(er), but that doesn't mean that
larger ones don't occur. Just two days ago, our virus scanner
caught a 1M file attach which was an email worm.
In our office, the individual users don't have (nor need) the
ability to set their own .procmailrc files, especially since many
of them have problems just using Windows.
And knowing that a file attach email can just squeak on by,
that just doesn't set well with me. Granted, we don't have
high volumes of mail here (and I don't mind if a message takes
a little longer to deliver).
At an absolute minimum, I would suggest running the header
of the large file attach through Dallman's vsnag.
You can also do other things to speed up the process (like
suggested earlier of reworking your /etc/procmailrc file to
not have so many lines) or perhaps using spamd.
Mr Duck
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail