Re: [exim] exim4

Top Page
Delete this message
Reply to this message
Author: exim-users
Date:  
To: exim-users
Subject: Re: [exim] exim4
fhuet schrieb:

> Hello,
>
>
> Well, I sent me a mail with an *.exe as attachements.
> In my system-filter.exim, I asked exim4 to reject exe, pif, src etcetc.
> It seems to be done. But , I have no message that this mail was rejected.
>
> How, as recipient, I can be informed that someone tried to send me a
> mail with an attachment ?


Just parse the rejectlog for the relevant entries, compose a message to
your liking and send it to the original recipient. All the infos needed
(sender, recipient, etc.) are in the rejectlog entry.

But please don't send ndrs to the purported sender. Virusses these days
send themselves with a faked sender address, and people don't like to be
informed about rejected mail they've never sent. This is called
collateral spam. Just reject at smtp time with a proper error message
and that's it. The mimce acl let's you achieve what you do in a better
way. Put something like this into it:

deny
   message = Win/DOS Executable found.
   log_message = Dangerous attachment $mime_filename found
   condition = ${if match{${lc:$mime_filename}} \
                         {.*\\.(com|exe|pif|scr|bat)\$}
                   {yes}{no}}


Check the exiscan documentation for more details. The archive is also
full of snippets.


Patrick