[Gllug] Removing Malicious Attachments with Procmail
Axel Segebrecht
axel at segebrecht.com
Thu Jun 10 10:15:59 UTC 2004
Hi all,
I've heard of a tip using procmail to filter out malicious attachments
and am wondering what everyones experience with this is, or whether
there is a better/simpler/more efficient way of doing it?
The below script was found on the 1StServ message board:-
(File: /etc/procmailrc)
// begin nifty script
SHELL=/bin/sh
LOGFILE=/var/log/procmail.log
# Note: The whitespace in the [ ] below comprises a space and a tab
character
:0
* < 256000
* ! ^Content-Type: text/plain
{
:0B
* ^(Content-(Type|Disposition):.*|[ ]*(file)?)name=("[^"]*|[^
]*)\.(bat|cmd|com|exe|js|pif|scr)
/dev/null
}
// end nifty script
MTIA
Axel
--
GnuPG (www.gnupg.org) Public Encryption Key:
http://www.segebrecht.com/axel.asc
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list