Filtering mail attachments with viruses?

Relevant classes: any A simple way to search for mail which might contain viruses, by looking for attachments in a mailbox which contain .EXE files. This could be supplemented with a tidy command on an imap directory structure to remove those files, with possible loss of imap integrity. # # Example of a virus alert on a mail server # # control: actionsequence = ( files shellcommands ) AddInstallable = ( virus ) solaris:: Grep = ( /usr/bin/egrep ) linux:: Grep = ( /usr/bin/egrep ) ########################################################################### # # Look for .EXE attachments in a mailbox # filters: { virus Type: "reg" ExecRegex: "$(Grep) 'Content-.*EXE.*' $(this) (.*)" # Look for EXE attacments Result: "Type.ExecRegex" DefineClasses: "virus" } ########################################################################### files: /imap-dir r=inf filter=virus action=alert /var/mail r=inf filter=virus action=alert ########################################################################### shellcommands: virus:: "/bin/echo Virus Alert on files" Back to documentation