On 11/18/11 5:27 PM, Philip Prindeville wrote: > Yeah, my interest is in seeing the remaining parts of the message and > delivering it anyway, rather than just bouncing it. > > Sometimes it's useful to contact the sender and let him/her know they have a > compromised machine. > > -Philip
Ok, this turned out not to work as expected. Rather than replacing the individual mime attachment containing the virus, I got the following. What am I doing wrong? The message as received is here. ftp://ftp.redfish-solutions.com/pub/nacha-orig.txt The message as rewritten ("sanitized") is here. ftp://ftp.redfish-solutions.com/pub/nacha.txt Why is it replacing the entirety of the message body rather than the individual bogus attachment? The header comment for action_replace_with_warning() says: # %DESCRIPTION: # Makes a note to drop the current part and replace it with a warning but the actual code says otherwise: $ReplacementEntity = MIME::Entity->build(Type => "text/plain", Encoding => "-suggest", Data => [ "$msg\n" ]); $WarningCounter++; $ReplacementEntity->head->mime_attr("Content-Type.name" => "warning$WarningCounter.txt"); $ReplacementEntity->head->mime_attr("Content-Disposition" => "inline"); $ReplacementEntity->head->mime_attr("Content-Disposition.filename" => "warning$WarningCounter.txt"); Can we modify that to do what the comment says instead? Thanks, -Philip _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
