Re: [Exim] Logging of mails with attachment via system_filte…

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Jens Strohschnitter
日付:  
To: exim-users
題目: Re: [Exim] Logging of mails with attachment via system_filter
> > is it possible to log all mails, that have attachments
> > to a seperate logfile, like blocking with system_filter ?
> >
> > For example all mails with attachment should be logged
> > in a file attachments.log that contains the informations:
> >
> > senderaddress
> > recipientaddress
> > attachment
>
> Do you need to know all attachments?? or are you just attempting to log
> certain types of attachments.
>
> If it is certain types, you could use exiscan-ACL and just make a rule
> that does a warn about anything that matches the type of attachment you
> want, and then do a simple grep of your logs for all the info you need.
>
> Same as I do now for blocking attachments... All the info is already in
> the logs...
>
> DENY ATTACHMENT                        14
>    EXE ATTACHMENT                      13
>    COM ATTACHMENT                       0
>    PIF ATTACHMENT                       0
>    SCR ATTACHMENT                       1

>
> The same way I grep this you could grep out the other info you are looking
> for...


Hi

yes, I need to log all attachments. Suspicious attachments (like vbs, exe ...)
were allready blocked with the system_filter (if content-type ...). But how
do I log all mails with any attachment to a seperate logfile ?
I only have to know about to write the "if-directive" - the logging via systemfilter
is:

.
.
.
logfile /var/log/exim/attachments.log
logwrite "$tod_log $message_id has attachment: $1"
logwrite "$tod_log subject: $rheader_subject"
logwrite "$tod_log recipients: $recipients"
logwrite "$tod_log return path: $return_path"
logwrite "------------------------------------------------------------------------------"
unseen finish
endif

:-)

--
Regards,

     Jens Strohschnitter


-------------------------------------
*!!!LINUX LINUX LINUX LINUX LINUX!!!*

* http://www.jens-strohschnitter.de *
-------------------------------------
Set the controls for
         the heart of the sun
-------------------------------------