Re: [Exim] exim filter with domain and attachment

Pàgina inicial
Delete this message
Reply to this message
Autor: Madan Rai
Data:  
A: sanjay, exim list
Assumpte: Re: [Exim] exim filter with domain and attachment
see if following helps you, also for filtering a domain/recipient you can
use black hole in alias
##
if $message_body matches "name=\"{0,1}readme\\\\.eml"
then
  if $message_body CONTAINS "====_ABC1234567890DEF===="
  then
    fail text "This message has been rejected because it has the
signature\n\
              of the W32.Nimda.A viru/worm in it"
    seen finish
endif
endif



Madan Rai
Net4India Ltd.
URL: http://www.net4india.com
KeyWord: Net4India
(Just type keyword in IE address bar and press enter.)
----- Original Message -----
From: "sanjay" <indianlinuxuser@???>
To: "exim list" <exim-users@???>
Sent: Thursday, June 28, 2001 4:09 AM
Subject: [Exim] exim filter with domain and attachment


> Hi
>
> I want to filter some mails depending upon the domain(recepient)
> AND the attachment. Can someone help me for this? I got
> this filter file from www.exim.org. can i use nested if(s)?
>
> sanjay
>
>
> if $message_body matches
>

"(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)atta
> chment);(?>\\\\s*)(?:file
> )?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))(\"[^\"]+\\\\.(?:ad[ep]|ba[st

]|
> chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?
>
>

|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])\")[\\\\s;]"
> then
> fail text "This message has been rejected because it has\n\
> a potentially executable attachment $1\n\
> This form of attachment has been used by\n\
> recent viruses or other malware.\n\
> If you meant to send this file then please\n\
> package it up as a zip file and resend it."
> seen finish
> endif
>
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim

details at http://www.exim.org/ ##
>