Loren Wilton wrote:
> > Correction! That should be:
> >
> > /htt(p|ps):\/\/.*?\/.*\.com$/i
> >
> > and slightly more efficient (doesn't capture backreference):
> >
> > /htt(?:p|ps):\/\/.*?\/.*\.com$/i
>
> Or maybe more simply and readably:
>
> m'https?://.*/.*\.com$'i
>
> But the .* thing
On 2006-09-13, Fábio Gomes <[EMAIL PROTECTED]> wrote:
> I didn't mean removing EXE attachments, but blocking/high scoring messages
> with links to executables in its body.
>
> Is it possible?
I would think it would be a little tricky, as the filter would have to
follow the link to determine if
Em Quarta 13 Setembro 2006 18:00, [EMAIL PROTECTED] escreveu:
> >> Bill Randle wrote:
> >> > Amavisd-new will also drop attachments with a configurable list
> >> > of file extentions, but the question refered to links to exe's,
> >> > not actual exe attachments.
> >>
> >> Good point -- everyone's p
Correction! That should be:
/htt(p|ps):\/\/.*?\/.*\.com$/i
and slightly more efficient (doesn't capture backreference):
/htt(?:p|ps):\/\/.*?\/.*\.com$/i
Or maybe more simply and readably:
m'https?://.*/.*\.com$'i
But the .* things really should stop on something reasonable like > or \s o
On Wed, September 13, 2006 20:48, Fábio Gomes wrote:
> I didn't mean removing EXE attachments, but blocking/high scoring messages
> with links to executables in its body.
>
> Is it possible?
perldoc Mail::SpamAssassin::Plugin::AntiVirus
>> Or - if you are using procmail:
>> #Delete all messages w
> Steve Thomas wrote:
>
>>/htt(?:p|ps):\/\/.*?\/.*\.com$/i
>>
>
> Why not /https?:\/\/.*?\/.*\.com$/i
Because I always forget that the question mark can be used that way, and
if I can't seem to remember it, nobody else gets to use it! That's why. :)
Nice catch.
Steve "atrophying perl skills" Tho
On 13 Sep 2006 [EMAIL PROTECTED] wrote:
> the other way round - it is very easy to create a php that offers
> an exe for download So jut scoring direct .exe links might
> cause the bad guys to produce "better" download links
True. As I said in an earlier post, scoring on bare executable URIs
Visit Wiki. Look for ClamAVPlugin. To save you some effort:
http://wiki.apache.org/spamassassin/ClamAVPlugin
This uses ClamAV as a scanner for virus laden email.
SpamAssassin NEVER blocks email. You probably can, however, setup a
simple filter for .exe etc in your MDA. You certainly can do it wi
Steve Thomas wrote:
/htt(?:p|ps):\/\/.*?\/.*\.com$/i
Why not /https?:\/\/.*?\/.*\.com$/i
?
>>
>> Bill Randle wrote:
>> > Amavisd-new will also drop attachments with a configurable list
>> > of file extentions, but the question refered to links to exe's,
>> > not actual exe attachments.
>>
>> Good point -- everyone's primed to think of attachments, it seems.
>>
>> Here's a stab at it:
>> .com will, of course, be a challenge.
>
> /htt[p|ps]:\/\/.*?\/.*\.com$/i
Correction! That should be:
/htt(p|ps):\/\/.*?\/.*\.com$/i
and slightly more efficient (doesn't capture backreference):
/htt(?:p|ps):\/\/.*?\/.*\.com$/i
> .com will, of course, be a challenge.
/htt[p|ps]:\/\/.*?\/.*\.com$/i
On Wed, 13 Sep 2006, [iso-8859-1] F?bio Gomes wrote:
> Is there any way to block messages with links to executables like
> *.exe,
> *.com and *.scr?
I will be adding that to my email security tool this week.
http://www.impsec.org/email-tools/procmail-security.html
--
John Hardin KA7OHZ
Bill Randle wrote:
Amavisd-new will also drop attachments with a configurable list
of file extentions, but the question refered to links to exe's,
not actual exe attachments.
Good point -- everyone's primed to think of attachments, it seems.
Here's a stab at it: set up a URI rule.
uri E
> At 11:10 AM Wednesday, 9/13/2006, Michel Vaillancourt wrote -=>
>>Fábio Gomes wrote:
>> > Hi list,
>> >
>> > Is there any way to block messages with
>> links to executables like *.exe,
>> > *.com and *.scr?
>> >
>>
>> If you are using Postfix as your MTA, this isn't hard to do at
>
I didn't mean removing EXE attachments, but blocking/high scoring messages
with links to executables in its body.
Is it possible?
BTW, I'm using qmail.
Regards,
Fábio Gomes
Em Quarta 13 Setembro 2006 15:34, Ed Kasky escreveu:
> At 11:10 AM Wednesday, 9/13/2006, Michel Vaillancourt wrote -=>
>
At 11:10 AM Wednesday, 9/13/2006, Michel Vaillancourt wrote -=>
Fábio Gomes wrote:
> Hi list,
>
> Is there any way to block messages with
links to executables like *.exe,
> *.com and *.scr?
>
> Best Regards,
> Fábio Gomes
If you are using Postfix as your MTA, this isn
At 11:09 AM 9/13/2006, you wrote:
Hi list,
Is there any way to block messages with links to
executables like *.exe,
*.com and *.scr?
Not with SpamAssassin, but possibly with whatever MUA you have.
Fábio Gomes wrote:
> Hi list,
>
> Is there any way to block messages with links to executables like
> *.exe,
> *.com and *.scr?
>
> Best Regards,
> Fábio Gomes
If you are using Postfix as your MTA, this isn't hard to do at all.
--
-- Michel Vaillancourt
Hi list,
Is there any way to block messages with links to executables like
*.exe,
*.com and *.scr?
Best Regards,
Fábio Gomes
20 matches
Mail list logo
