On Saturday, Sep 20, 2003, at 00:45 US/Mountain, Monique Y. Herman wrote:
Hi all! I just installed tmda today at a friend's suggestion, and it's already made my life a lot happier.
Have a question -- I'd like to use tdma to drop emails containing ".exe" attachments while also emailing the sender notifying them that they've been dropped.
The idea is that 99.9% of exe attachments are bad news, but every now and then a friend might email me some such attachment, and I'd like them to know why it never showed up.
I'm guessing that the solution involves some sort of pipe, but I don't know how to glean the necessary info (sender, attachment filename), or indeed if it's even possible.
Any pointers would be greatly appreciated! Thanks very much!
-- monique
_____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
Dropping e-mails containing .exe attachments is pretty easy. Add a line like this to your .tmda/filters/incoming file:
body 'filename\=.+\.(pif|scr|exe|bat|com|vbs|js)' drop
(This solution was posted by Gre7g Luterman first, IIRC, and then re-posted in this form by Jason Mastaler, again, IIRC. My apologies if I am remembering this wrong.)
Personally, I wouldn't bother with the e-mail notification. You said yourself that 99.9% of the attachments of the types listed in the filter line are bad news. In addition, especially lately, most of these e-mails will come from an address that is spoofed, thanks to SoBig.F or swen. Your explanation would be going to recipients that would be clueless as to what the heck you are talking about.
If you really want to accept any .exe files from friends, (.zip or .sit files are a much better alternative ;-) you could add the above filter line _after_ the filter line that accepts messages from your whitelist, like this:
from-file ~/.tmda/lists/blacklist drop from-file ~/.tmda/lists/whitelist ok body 'filename\=.+\.(pif|scr|exe|bat|com|vbs|js)' drop from-file [EMAIL PROTECTED] drop
Since the first match wins, anyone on your whitelist will be able to send you .exe attachments.
My concern would be that one of those friends on the whitelist gets infected with the latest version of SoBig.* and, as a result, you get the virus attachment directly into the Inbox.
HTH,
Jeff
-- Jeff Ross Open Vistas Networking, Inc. http://www.openvistas.net _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
