.zip,.exe attachments and spam assassin
Roger Grosswiler
roger at gwch.net
Wed Nov 23 06:49:06 UTC 2005
> On Tue, 2005-11-22 at 13:38 +0100, Roger Grosswiler wrote:
>> > I've gotten a ton of viruses today - there seems to be a worm lose
>> > again.
>> >
>> > I've come to the realization that I have never ever received a zip
>> > attachment from someone not in my address book that I actually wanted,
>> > so I would like to set a spam assassin rule to mark mail with a .zip
>> > or .exe with a high spam score (my address book is white listed)
>> >
>> > Anyone know how to do this off hand?
>> >
>> > Another possibility would be a procmail rule - I use procmail to
>> filter
>> > my mail - but since spamassassin already knows about my whitelist, I'd
>> > rather do it in spamassassin.
>> >
>> i did this in postfix:
>>
>> i added in /etc/postfix/ a file called mime_headers_check with this
>> content:
>
> That wouldn't really work for me for two reasons -
>
> 1) I don't want to reject them, the fm header is usually forged - so
> rejecting just sends them to someone else who more than likely did not
> send it to me.
>
> 2) My postfix is only allowed to talk on my lan - I use fetchmail to pop
> my accounts (which processes them with spamassassin), procmail to filter
> them into my mailboxes (which is then served via imap to my clients).
> postfix is used for some stuff, but only on the lan - it can't send to
> outside world. To get to outside world, I use my mail account providers
> smtp server.
>
> I'm sure there is a spamassassin way to give a high score based upon
> attachment extensions - I'll see if I can find it.
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
2 things:
1)
in my opinion, procmail listens to mta such as sendmail or postfix. Using
fetchmail in my opinion delivers to mtas like the same. so, an incoming
e-mail should also pass by your postfix-server? or am i wrong here?
2) IMHO you can replace REJECT by DISCARD see here:
http://www.postfix.org/header_checks.5.html
greetings,
Roger
More information about the fedora-list
mailing list