> > is it possible to log all mails, that have attachments
> > to a seperate logfile, like blocking with system_filter ?
> >
> > For example all mails with attachment should be logged
> > in a file attachments.log that contains the informations:
> >
> > senderaddress
> > recipientaddress
> > attachment
>
> Do you need to know all attachments?? or are you just attempting to log
> certain types of attachments.
>
> If it is certain types, you could use exiscan-ACL and just make a rule
> that does a warn about anything that matches the type of attachment you
> want, and then do a simple grep of your logs for all the info you need.
>
> Same as I do now for blocking attachments... All the info is already in
> the logs...
>
> DENY ATTACHMENT 14
> EXE ATTACHMENT 13
> COM ATTACHMENT 0
> PIF ATTACHMENT 0
> SCR ATTACHMENT 1
>
> The same way I grep this you could grep out the other info you are looking
> for...
Hi
yes, I need to log all attachments. Suspicious attachments (like vbs, exe ...)
were allready blocked with the system_filter (if content-type ...). But how
do I log all mails with any attachment to a seperate logfile ?
I only have to know about to write the "if-directive" - the logging via systemfilter
is:
.
.
.
logfile /var/log/exim/attachments.log
logwrite "$tod_log $message_id has attachment: $1"
logwrite "$tod_log subject: $rheader_subject"
logwrite "$tod_log recipients: $recipients"
logwrite "$tod_log return path: $return_path"
logwrite "------------------------------------------------------------------------------"
unseen finish
endif
:-)
--
Regards,
Jens Strohschnitter
-------------------------------------
*!!!LINUX LINUX LINUX LINUX LINUX!!!*
* http://www.jens-strohschnitter.de *
-------------------------------------
Set the controls for
the heart of the sun
-------------------------------------
