[unisog] Sendmail Filter for Sircam
r.fulton at auckland.ac.nz
Wed Aug 8 01:05:06 GMT 2001
On Tue, 31 Jul 2001 12:07:08 -0400 (EDT) Jose Nazario
<jose at biocserver.BIOC.cwru.edu> wrote:
> On Tue, 31 Jul 2001, David Lundy wrote:
> > I am getting a lot of Sircam infected email. Our email gateway is
> > sendmail, but we have no filtering in place. Does anyone have a
> > pointer to a milter for Sircam or information on filtering for this or
> > other rogue email?
> the generic procmail sanitizer will prevent infection by defanging the
> double extensions (ie .doc.exe). you can easily tweak it to sync on the
> message body and kill it on the basis of that.
> enjoy. almost no tweaking to the sendmail setup, maybe a change of Mprog
> to procmail ...
Hmmm... can we use this procmail on a relay? Our MX records point to
two machine that then relay mail on to other host on campus and it is
these two machine that we would want to do filtering.
We are currently looking at Inflex to do this.
We also have a large server running cyrus IMAP and POP for delivering
mail to users. I know cyrus does not use 'standard' mail box formats
and I assume that it has its own local delivery agent which is started
Could we use procmail in conjunction with cyrus? (assuming that we have
the resources -- which I doubt).
Russell Fulton, Computer and Network Security Officer
The University of Auckland, New Zealand
More information about the unisog