Re: .zip,.exe attachments and spam assassin

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> From: "Roger Grosswiler" <roger@xxxxxxxx>
>
>>> On Tue, 2005-11-22 at 13:38 +0100, Roger Grosswiler wrote:
>>>> > I've gotten a ton of viruses today - there seems to be a worm lose
>>>> > again.
>>>> >
>>>> > I've come to the realization that I have never ever received a zip
>>>> > attachment from someone not in my address book that I actually
>>>> wanted,
>>>> > so I would like to set a spam assassin rule to mark mail with a .zip
>>>> > or .exe with a high spam score (my address book is white listed)
>>>> >
>>>> > Anyone know how to do this off hand?
>>>> >
>>>> > Another possibility would be a procmail rule - I use procmail to
>>>> filter
>>>> > my mail - but since spamassassin already knows about my whitelist,
>>>> I'd
>>>> > rather do it in spamassassin.
>>>> >
>>
>>>> i did this in postfix:
>>>>
>>>> i added in /etc/postfix/ a file called mime_headers_check with this
>>>> content:
>>>
>>> That wouldn't really work for me for two reasons -
>>>
>>> 1) I don't want to reject them, the fm header is usually forged - so
>>> rejecting just sends them to someone else who more than likely did not
>>> send it to me.
>>>
>>> 2) My postfix is only allowed to talk on my lan - I use fetchmail to
>>> pop
>>> my accounts (which processes them with spamassassin), procmail to
>>> filter
>>> them into my mailboxes (which is then served via imap to my clients).
>>> postfix is used for some stuff, but only on the lan - it can't send to
>>> outside world. To get to outside world, I use my mail account providers
>>> smtp server.
>>>
>>> I'm sure there is a spamassassin way to give a high score based upon
>>> attachment extensions - I'll see if I can find it.
>
>> 2 things:
>> 1)
>> in my opinion, procmail listens to mta such as sendmail or postfix.
>> Using
>> fetchmail in my opinion delivers to mtas like the same. so, an incoming
>> e-mail should also pass by your postfix-server? or am i wrong here?
>
> This is not necessarily true, Roger. I have my .procmailrc and
> .fetchmailrc templates configured to deliver directly to the
> /mail/<user> mbox file without passing through any sendmail at
> all. I can leave the smtp facility turned off completely and still
>
>
so, i see, i never am out of the learning process...thanks for information
:-)

Rog


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux