> From: Sven Geggus
> I have a small script which is checking zipfile attachments for
> malicious filenames like .pdf.exe
That can be done entirely in Exim config, without separate script:
https://lists.exim.org/lurker/message/20140114.121803.09f5d887.en.html
> this works well, but now I would like to expand this for .rar files
> as well.
>
> So what's the mechanism for the creation of $mime_decoded_filename?
>
> Can I safely assume that it is "something.zip" or "something.rar"
> respectively if $mime_filename is "something-else.zip"?
No:
2014-07-31 01:43:50 +0300 1XCcb7-000DMy-SE mime_content_type=application/zip
2014-07-31 01:43:50 +0300 1XCcb7-000DMy-SE mime_filename=price.zip
2014-07-31 01:43:50 +0300 1XCcb7-000DMy-SE mime_decoded_filename=/var/spool/exim/scan/1XCcb7-000DMy-SE/1XCcb7-000DMy-SE-00001