Hmmm ... I thought that this would be easy but it doesn't seem to be .
Here is the scenario
A number of virus emails out there forge the from address when sending
their crap to everyone.
My 100% open source system uses clam anti virus along with trashscan.
When a virus is sent into my system trashscan is invoked via a procmail
recipe.
The person who sent a virus is sent an email notifying them of this fact.
If the from address was forged the user will then receive an email
telling her that the message could
not be delivered.
I don't want them ever to see these crappy emails.
So I tried putting the following in the procmailrc
snip=
:0
* ^Subject:.*Undelivered Mail Returned to Sender.*
* Subject:.*Suspicious Attachment.*
> /dev/null
=snip
What I am trying to catch is a message sent into the system with a
subject line of
"Undelivered Mail Returned to Sender"
Then further down in the body ( my original you sent a virus email )
there should be
some text that says "Subject: Suspicious Attachment"
Am I being incredibly stupid ? It doesn't seem to be catching them at all .
Oh yeah I'm using Maildir so no need for lock files
--B
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
