[Esd-l] Case for repetitive rule.

John D. Hardin jhardin at impsec.org
Tue Nov 11 08:00:10 PST 2003


On Tue, 11 Nov 2003, Philip Choy wrote:

> "Apply this rule after the message arrives
> Where the From line contains validuser at income.com.sg' 
> Forward it to validuser at income.com.sg "
> 
> The valid user can send an email with 1Mb size to himself and It
> will create a loop by forwarding to himself and it will not stop.
> ------------
> 
> How will the procmail rule be used to prevent this situation?

One possibility, off the top of my head (and thus untested):

	:0
	* > 1000000
	* $ ^From:.*[ <]${USER}@income\.com\.sg
	* $ ^(To|Cc):.*[ <]${USER}@income\.com\.sg
	{
		LOG="WARN: $USER attacking mail server"

		:0
		/dev/null
	}


Many refinements can be made.

--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org                        pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
 "To disable the Internet to save EMI and Disney is the moral
  equivalent of burning down the library of Alexandria to ensure the
  livelihood of monastic scribes."
                                    -- John Ippolito of the Guggenheim
-----------------------------------------------------------------------
   36 days until The Return of the King



More information about the esd-l mailing list