[Esa-l] Domains excluded from filtering
John D. Hardin
jhardin at wolfenet.com
Sat Jul 29 07:08:37 PDT 2000
On Fri, 28 Jul 2000, Bret Sanders wrote:
> I've had numerous requests to NOT mangle anything sent internally
> within the company. What's the easiest way to bypass the filters
> if the mail is from an internal address?
Hrm. Insert before the call to html-trap.procmail:
#---------------------------------------------
:0
* ^From: .*@my-company.com
{
MANGLE_EXTENSIONS='com|cmd|bat|pif|sc[rt]|lnk|vb[se]?|hta|p[lm]|sh[bs]|hlp|chm|eml|ws[cfh]|ad[ep]|jse?|md[be]|ms[ip]|reg'
}
#---------------------------------------------
This should be a good balance between not mangling everyday files and
still blocking an internally-originated ILUVYOU worm (etc.). Note that
you really do want to always mangle some extensions, most notably the
VBS family and CHM.
YMMV and refine per your needs.
--
John Hardin KA7OHZ ICQ#15735746 http://www.wolfenet.com/~jhardin/
jhardin at wolfenet.com pgpk -a finger://gonzo.wolfenet.com/jhardin
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
"Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
does quite what I want. I wish Christopher Robin was here."
-- Peter da Silva in a.s.r
-----------------------------------------------------------------------
92 days until Daylight Savings Time ends
More information about the esd-l
mailing list