On Thu, 4 Mar 2004, Rossz Vamos-Wentworth wrote:
| How would I detect a passworded archive with Exiscan-ACL? I figure I'd
| set something like "X-Scanned: No" in the header and use a system filter
| to make the subject change.
You can recognise encrypted zip attachments from the Base64 encoding like
this:
condition = ${if match{$message_body:}{ UEsDB....[Q-Za-fw-z0-9\+/]}{yes}{no}}
Note:
- There's TWO spaces specifically to match start of attachment
(blankline+newline).
- Need message_body_visible set to something reasonable e.g at least 50000
For the derivation see:
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20040301/067645.html
--
Chris Edwards, Glasgow University Computing Service