Hi!
I'd like mark messages which contain .SCR .PIF .BAT .COM file attachments as
Spam, and reject them before they enter our mail system.
Yes, I know that SA is not a Virus Scanner, but there is no reason that any
valid message should contain them.
I've tried - in vain - to write a rule for this.
It appears that SA will look in the message header, but won't look in the
headers for each part of a multipart/mixed.
Or am I doing something horribly wrong (most likely)???
Here's an example of one part of a multipart/mixed:
# Content-Type: application/octet-stream; name="www.paypal.com.pif"
# Content-Transfer-Encoding: base64
# Content-Disposition: attachment; filename="www.paypal.com.pif"
How do I write a rule?
David M. Hennessey
Office of the Deputy CIO
U.S. International Trade Commission
500 E. Street, SW
Washington, DC 20436
202-205-2518 Fax: 202-205-2024
E-mail: dhennessey@usitc.gov
I'd like mark messages which contain .SCR .PIF .BAT .COM file attachments as
Spam, and reject them before they enter our mail system.
Yes, I know that SA is not a Virus Scanner, but there is no reason that any
valid message should contain them.
I've tried - in vain - to write a rule for this.
It appears that SA will look in the message header, but won't look in the
headers for each part of a multipart/mixed.
Or am I doing something horribly wrong (most likely)???
Here's an example of one part of a multipart/mixed:
# Content-Type: application/octet-stream; name="www.paypal.com.pif"
# Content-Transfer-Encoding: base64
# Content-Disposition: attachment; filename="www.paypal.com.pif"
How do I write a rule?
David M. Hennessey
Office of the Deputy CIO
U.S. International Trade Commission
500 E. Street, SW
Washington, DC 20436
202-205-2518 Fax: 202-205-2024
E-mail: dhennessey@usitc.gov