On 2002-10-07, 18:23:19 (+0100), Mike Scott wrote:
> Hello, being fed up with the amount of spam and virus email that I'm
> recieving via my website, I've just finished configuring anomy to drop any
> dangerous attachments.. although, it would be much better if I could
> configure it to drop, or better, archive the entire email (usually virus
> This is trivial to do with procmail, but it would be really useful to have a
> header inserted into the email with some sort of status (i.e. ACCEPT, SAVE,
> or DROP) depending on what the action Anomy took with the Emails'
I keep getting this question... basically, the answer is "nope" -
simply because the Sanitizer is a *filter* which processes the entire
message in a single pass.
To add a header, it would need to make first one pass to scan the
message and then another to add the header and then rewrite the message
This sort of behavior can be implemented with a little help from
Procmail or other wrapper scripts. Anomy can be configured to return a
nonzero exit code when it encounters a virus or the modification score
exceeds a certain amount.
Assuming you are using procmail, the rule which passes the message
through Anomy can be immediately followed by a rule which checks the
exit code and if it's nonzero, either add a status header or save the
message to a special mailbox.
This was the idea anyway - the problem is, I've never actually gotten
it to work because of Procmail's insistance on recovering the original
message if the filtering rule appears to fail! :-) If anyone can get
this to work, please share with the mailing list!
Another solution, which isn't quite as elegant (but is OTOH much more
flexible), is to wrap the Sanitizer in a script which will redirect
it's STDERR log to a file, which can then be grepped for indications of
a virus infection after filtering. The ultimate fate of the message
can then be based on what sort of info is found in the log file.
-- Bjarni R. Einarsson PGP: 02764305, B7A3AB89 email@example.com -><- http://bre.klaki.net/
Check out my open-source email sanitizer: http://mailtools.anomy.net/ Spammers, please send plenty of email to: firstname.lastname@example.org