On Thursday 25 January 2007 15:59, Judy Angel wrote: > We have noticed a significant amount of spam that is included in .gif > attachments but is not caught by the spam filters. The policy is to deliver > spam, but tag the Subject line. > > We run Exim, MailScanner, SpamAssassin, Sophos. I understand that FuzzyOCR > can add value but there are many dependencies for that installation. I am > interested to hear how other sites deal with such attachments.
exim.org simply does this in the acl_smtp_mime ACL:
deny message = Messages with embedded images are not allowed
condition = ${if match{$mime_content_type}{^image/}}
condition = ${if def:mime_content_id}
but you might want to accept *some* mail with embedded images. Giving many SA
points to multipart/related achieves approximately the same:
header MPART_RELATED Content-Type =~ /\s*multipart\/related\b/i
describe MPART_RELATED We don't care much for multipart/related here
score MPART_RELATED 3
SARE has some better rules. Search the archive of the [EMAIL PROTECTED]
list.
--
Magnus Holmgren [EMAIL PROTECTED]
(No Cc of list mail needed, thanks)
"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans
pgp3tQoaCTIiY.pgp
Description: PGP signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
