From: "Roger Grosswiler" <roger@xxxxxxxx>
On Tue, 2005-11-22 at 13:38 +0100, Roger Grosswiler wrote:> I've gotten a ton of viruses today - there seems to be a worm lose > again. > > I've come to the realization that I have never ever received a zip > attachment from someone not in my address book that I actually wanted, > so I would like to set a spam assassin rule to mark mail with a .zip > or .exe with a high spam score (my address book is white listed) > > Anyone know how to do this off hand? > > Another possibility would be a procmail rule - I use procmail to filter > my mail - but since spamassassin already knows about my whitelist, I'd > rather do it in spamassassin. >i did this in postfix: i added in /etc/postfix/ a file called mime_headers_check with this content:That wouldn't really work for me for two reasons - 1) I don't want to reject them, the fm header is usually forged - so rejecting just sends them to someone else who more than likely did not send it to me. 2) My postfix is only allowed to talk on my lan - I use fetchmail to pop my accounts (which processes them with spamassassin), procmail to filter them into my mailboxes (which is then served via imap to my clients). postfix is used for some stuff, but only on the lan - it can't send to outside world. To get to outside world, I use my mail account providers smtp server. I'm sure there is a spamassassin way to give a high score based upon attachment extensions - I'll see if I can find it.
2 things: 1) in my opinion, procmail listens to mta such as sendmail or postfix. Using fetchmail in my opinion delivers to mtas like the same. so, an incoming e-mail should also pass by your postfix-server? or am i wrong here?
This is not necessarily true, Roger. I have my .procmailrc and
.fetchmailrc templates configured to deliver directly to the
/mail/<user> mbox file without passing through any sendmail at
all. I can leave the smtp facility turned off completely and still
receive incoming mail.
{^_^}
