Ron McKeating wrote:
> Surely this attachment is mime encoded and we could detect it with the
> mime acl in exiscan ?
*MIME ACL Advertisement!*
You can process the contents of the ZIP files in the MIME ACL like this:
deny message = Blacklisted file type found in .zip file ($acl_m0)
condition = ${if match \
{${lc:$mime_filename}}\
{\N(?i)\.zip\N} {1}{0}}
decode = zipfile.zip
set acl_m0 = ${run {check_zip.sh $mime_decoded_filename}}
condition = $runrc
The check_zip.sh should be a script that returns zero if the .zip
(passed as command line argument) is OK, and >0 if the .zip is stinky.
It can additionally return stuff on STDOUT that will end up in $acl_m0
for further processing (or, in this case, acts as a human-readable error
message).
/tom
