Re: [courier-users] Re: Maildrop Filtering - load on system

Thu, 06 Dec 2001 04:10:20 -0800 

Originally to: Sam Varshavchik

Sam Varshavchik was alleged to have said to All
 something about [courier-users] Re: Maildrop Filtering - load on system

 SV> > I have courier.0.35 running on redhat 7.1. Maildrop does the delivery
 SV> for
 SV> > all mail locally and globally.
 SV> >
 SV> > I am having issues with maildrop filtering and delivery.
 SV> >
 SV> > I employ the following global mail filter file (maildroprc) to screen
 SV> for
 SV> > certain attachments and then if found send them to the system
 SV> administrator
 SV> > instead of the intended recipient.
 SV> >
 SV> > if(/From:.*sysadm/ || /Delivered-To:.*sysadm/)
 SV> > {
 SV> > }
 SV> > else
 SV> > if(/.*name=.*\.exe\"/:b \
 SV> > || /.*name=.*\.vbs\"/:b \
 SV> > || /.*name=.*\.scr\"/:b \
 SV> > || /.*name=.*\.pif\"/:b \
 SV> > || /.*name=.*\.bat\"/:b \
 SV> > || /.*name=.*\.com\"/:b)
 SV> > {
 SV> > to "[EMAIL PROTECTED]"
 SV> > }
 SV> >
 SV> > I also employ a sizelimit file which is set to 10mb.
 SV> >
 SV> You could use a bandaid solution of collapsing all your regexps into a
 SV> simple:
 SV>
 SV> if(/name=.*\.(exe|vbs|scr|pif|bat|com)\"/:b)
 SV> {
 SV>   ...
 SV> }
 SV>
 SV> This pattern will match much faster.
 SV>

I use the below which I have always found fast.

if ( /^[:space:]+filename=.*\.vbs\"$/:b || \
     /^[:space:]+filename=.*\.exe\"$/:b || \
     /^[:space:]+filename=.*\.com\"$/:b || \
     /^[:space:]+filename=.*\.bat\"$/:b
     {
           xfilter "$REFORMAIL -A'X-Antispam: Possible Virus'"
           /^Subject: !.*/
           xfilter "$REFORMAIL -I'Subject: [CAUTION: POSSIBLE VIRUS] $MATCH2'"
  }


I don't use this as a virii scanner simply because I forward domain mail to 
other smtp servers for people whom I host mail for. This is upto them to check 
the attachments.

On a secondary note, I am away until Jan 5 but on my return, I plan on 
converting some of the Procmail receipes for spam to Maildrop. These can be used 
as either a global maildroprc entry or for individual users .mailfilter files. 
The one that I am looking at is Spambouncer. I am around half way through them 
at the moment.

Sean

... A linux machine! because a 486 is a terrible thing to waste

<-> Gateway Information.
This message originated from a Fidonet System (http://www.fidonet.org)
and was gated at TCOB1 (http://www.tcob1.net)
Please do not respond direct to this message but via the list



_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Reply via email to